![]() |
Log-Analyse und Auswertung: windows version installerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
| ![]() windows version installer windows version installer Hallo, seit einigen Tagen öffnet sich auch bei mir ein Fenster mit diesem Titel. Ich habe das Fenster nicht geöffnet, sondern immer weggedrückt (x). Zusätzlich erscheint ein Icon ´Continue Live Installation`, das ich ungeöffnet in den Papierkorb geschoben habe. Nach Vorschrift von Experte "Schrauber" habe ich `Farbar Recovery Scan Tool´heruntergeladen und den Scan laufen gelassen. Der Experte benötigt wohl die Scanergebnisse FRST und Addition. Wie kann ich diese ihm zusenden? |
![]() | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() windows version installer Hallo und
__________________![]() Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
![]() Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
![]() | #3 |
| ![]() windows version installer Avira internet Security Suite hat keine Viren ode Trojaner gefunden - mehrfach in letzter Woche laufen lassen. Ergebnisse von Farbar´s Recovery Scan Tool anbei
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02 Ran by W7 (administrator) on W7-PC on 05-09-2014 09:16:10 Running from C:\Users\W7\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (CyberLink Corp.) D:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe (CyberLink) D:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (CyberLink Corporation.) D:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink) D:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe (CyberLink) D:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe () C:\Program Files (x86)\LPT\srpts.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe () C:\Program Files (x86)\LPT\srptsl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe () C:\Users\W7\AppData\Roaming\VOPackage\VOsrv.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-22] (MSI) HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl10] => D:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492296 2013-05-28] (CyberLink Corp.) HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [513048 2013-06-18] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer_For_P2G9] => D:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2014-08-11] (CyberLink) HKLM-x32\...\Run: [InstantBurn] => D:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [705496 2013-04-08] (CyberLink Corporation.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [{91120000-002F-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H HKU\S-1-5-21-3702731666-1061839965-1659386759-1000\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [5085416 2014-05-15] (Avira) HKU\S-1-5-21-3702731666-1061839965-1659386759-1000\...\Run: [Power2GoExpress9] => D:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe [2397448 2014-08-11] (CyberLink Corp.) HKU\S-1-5-21-3702731666-1061839965-1659386759-1000\...\Run: [smoother] => C:\Users\W7\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489603 2014-08-12] () HKU\S-1-5-21-3702731666-1061839965-1659386759-1000\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1712904 2013-05-28] (CyberLink Corp.) IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\lifecam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\nvstlink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\nvstview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\super-charger.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3PnkQcK42IxRuUQWQGmhpV1Jed-HTxC8LG0dKj4n7RpfbSahJDFun1pismnItkR4LJwr8gQRFiX2vqj0PtqKIInVKWuuyrM02d&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3D2pcq_oFtuw1L18OGhvboOb0WWz-8joe0d4UVorrh0dXIrcFjrbgwzX61GzG4PfR7AdJ4QMV8Qx39dDctDeeTbWJH28bz9rHw HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x677E702A95DFCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3PnkQcK42IxRuUQWQGmhpV1Jed-HTxC8LG0dKj4n7RpfbSahJDFun1pismnItkR4LJwr8gQRFiX2vqj0PtqKIInVKWuuyrM02d&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3PnkQcK42IxRuUQWQGmhpV1Jed-HTxC8LG0dKj4n7RpfbSahJDFun1pismnItkR4LJwr8gQRFiX2vqj0PtqKIInVKWuuyrM02d&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3PnkQcK42IxRuUQWQGmhpV1Jed-HTxC8LG0dKj4n7RpfbSahJDFun1pismnItkR4LJwr8gQRFiX2vqj0PtqKIInVKWuuyrM02d&q={searchTerms} SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3PnkQcK42IxRuUQWQGmhpV1Jed-HTxC8LG0dKj4n7RpfbSahJDFun1pismnItkR4LJwr8gQRFiX2vqj0PtqKIInVKWuuyrM02d&q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3PnkQcK42IxRuUQWQGmhpV1Jed-HTxC8LG0dKj4n7RpfbSahJDFun1pismnItkR4LJwr8gQRFiX2vqj0PtqKIInVKWuuyrM02d&q={searchTerms} BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF DefaultSearchEngine: Web Search FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Web Search FF Homepage: hxxp://www.startxxl.com/ FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3PnkQcK42IxRuUQWQGmhpV1Jed-HTxC8LG0dKj4n7RpfbSahJDFun1pismnItkR4LJwr8gQRFiX2vqj0PtqKIInVKWuuyrM02d&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF SearchPlugin: C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: GMX MailCheck - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\toolbar@gmx.net [2014-09-04] FF Extension: Yahoo Community Smartbar - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a} [2014-08-29] FF Extension: Smoother Web - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-29] FF Extension: StartXXL - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\support@startxxl.com.xpi [2014-01-30] FF Extension: Adblock Plus - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-16] Chrome: ======= CHR HomePage: Default -> CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll No File CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File CHR Profile: C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-14] CHR Extension: (YouTube) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-14] CHR Extension: (Google-Suche) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-14] CHR Extension: (Google Mail) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [804944 2014-08-11] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-11] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-11] (Avira Operations GmbH & Co. KG) S2 CLKMSVC10_58664B3D; D:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-25] (CyberLink) R2 CyberLink PowerDVD 13 Media Server Monitor Service; D:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2014-07-24] (CyberLink) R2 CyberLink PowerDVD 13 Media Server Service; D:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2014-07-24] (CyberLink) R2 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] R2 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation) R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34304 2014-08-27] () R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-22] (MSI) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] () R2 servervo; C:\Users\W7\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-08-29] () [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-12-15] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-15] (Avira Operations GmbH & Co. KG) R1 CLBStor; C:\Windows\System32\Drivers\CLBStor.sys [24560 2012-02-02] (Cyberlink Co.,Ltd.) R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [377840 2012-02-02] (CyberLink Corporation.) R3 CLVirtualBus01; C:\Windows\System32\DRIVERS\CLVirtualBus01.sys [96008 2014-03-12] (CyberLink) R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-12-15] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2013-05-09] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2005-02-04] (Padus, Inc.) [File not signed] R3 SkyNetNXPBDA_AMD64; C:\Windows\System32\DRIVERS\SkyNetNXPBDA_AMD64.sys [2128984 2011-04-13] (TechniSat Digital, S.A.) S3 skynetvirtualnetwork; C:\Windows\System32\DRIVERS\SkyNetVirtualNetwork_AMD64.SYS [140288 2011-04-13] (TechniSat Digital, S.A.) [File not signed] R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software) R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; D:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [32456 2014-07-24] (CyberLink Corp.) S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] U2 TMAgent; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-05 09:16 - 2014-09-05 09:16 - 00025295 _____ () C:\Users\W7\Downloads\FRST.txt 2014-09-05 09:16 - 2014-09-05 09:16 - 00000000 ____D () C:\FRST 2014-09-05 09:13 - 2014-09-05 09:13 - 02104832 _____ (Farbar) C:\Users\W7\Downloads\FRST64.exe 2014-09-05 08:10 - 2014-09-05 08:13 - 35704992 _____ () C:\Users\W7\Downloads\GMX_Firefox_Setup.exe 2014-09-04 10:12 - 2014-09-04 15:58 - 00001082 _____ () C:\Users\W7\Desktop\Continue Live Installation.lnk 2014-09-01 14:04 - 2014-09-01 14:04 - 00776607 _____ () C:\Users\W7\Documents\MY_PHOTO_090114_1.p2g 2014-09-01 12:12 - 2014-09-05 07:38 - 00002128 _____ () C:\Windows\setupact.log 2014-09-01 12:12 - 2014-09-04 12:08 - 00008482 _____ () C:\Windows\PFRO.log 2014-09-01 12:12 - 2014-09-01 12:12 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-29 21:20 - 2014-08-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerProducer 6 2014-08-29 21:20 - 2014-08-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 4 2014-08-29 21:19 - 2014-08-29 21:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13 2014-08-29 21:18 - 2014-08-29 21:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 11 2014-08-29 20:46 - 2014-08-29 20:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerBackup 2.6 2014-08-29 20:45 - 2014-08-29 20:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8 2014-08-29 20:45 - 2014-08-29 20:45 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx 2014-08-29 19:48 - 2014-08-29 19:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaShow 6 2014-08-29 18:32 - 2014-08-29 18:32 - 00000000 ____D () C:\Program Files (x86)\LPT 2014-08-29 18:31 - 2014-08-29 18:31 - 00002488 _____ () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-08-29 18:31 - 2014-08-29 18:31 - 00000000 ____D () C:\Users\W7\AppData\Local\Smartbar 2014-08-29 18:31 - 2014-08-29 18:31 - 00000000 ____D () C:\Users\W7\AppData\Local\LPT 2014-08-29 18:17 - 2014-09-02 14:42 - 00000003 _____ () C:\Users\W7\AppData\Local\proxy.log 2014-08-29 18:16 - 2014-09-03 13:11 - 00000000 ____D () C:\Program Files (x86)\Bench 2014-08-29 18:15 - 2014-08-29 18:15 - 00000000 ____D () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb 2014-08-29 18:15 - 2014-08-29 18:15 - 00000000 ____D () C:\SmootherWeb 2014-08-29 18:14 - 2014-09-05 07:38 - 00000000 ____D () C:\Users\W7\AppData\Roaming\SmootherWeb 2014-08-29 18:14 - 2014-08-29 18:15 - 00000000 ____D () C:\Users\W7\AppData\Roaming\VOPackage 2014-08-29 18:14 - 2014-08-29 18:14 - 00000000 ____D () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage 2014-08-29 18:09 - 2014-08-29 18:10 - 00577728 _____ (Firseria.-.Installer · sl) C:\Users\W7\Downloads\RocketDock.exe 2014-08-29 15:11 - 2014-08-29 15:11 - 00979928 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader(2).exe 2014-08-29 15:10 - 2014-08-29 15:10 - 00958992 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader(1).exe 2014-08-29 15:08 - 2014-08-29 15:08 - 00586216 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader.exe 2014-08-29 15:01 - 2014-08-29 15:04 - 24399248 _____ ( ) C:\Users\W7\Downloads\CyberLink.6.5.1718.38196__MEX110504-03.exe 2014-08-29 14:58 - 2014-08-29 15:10 - 139884968 _____ ( ) C:\Users\W7\Downloads\CyberLink.6.5.1229.33995__MEX101224-01.exe 2014-08-29 13:20 - 2014-08-29 13:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-08-28 16:35 - 2014-08-30 11:35 - 00000000 ____D () C:\Users\W7\Documents\CyberLink 2014-08-28 13:04 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 13:04 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 13:04 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-27 17:03 - 2014-08-27 17:03 - 00001337 _____ () C:\Users\W7\Desktop\PowerDVD13 - Verknüpfung.lnk 2014-08-27 17:02 - 2014-08-27 17:02 - 00001355 _____ () C:\Users\W7\Desktop\PowerBackup - Verknüpfung.lnk 2014-08-27 17:00 - 2014-08-28 17:50 - 00002126 _____ () C:\Users\W7\Desktop\CyberLink PowerDirector 11.lnk 2014-08-27 16:58 - 2014-08-27 16:58 - 00001409 _____ () C:\Users\W7\Desktop\PhotoDirector4 - Verknüpfung.lnk 2014-08-27 12:18 - 2014-08-27 12:18 - 00001423 _____ () C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk 2014-08-27 11:37 - 2014-08-27 11:37 - 00001088 _____ () C:\Users\Public\Desktop\CyberLink Power2Go 9.lnk 2014-08-27 11:37 - 2014-08-27 11:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9 2014-08-27 11:15 - 2014-08-27 11:28 - 513259190 _____ () C:\Users\W7\Documents\PowerDirector_2930_GM6_Trial_Trial_VDE140527-02.tmp 2014-08-27 11:06 - 2014-08-27 11:06 - 00000000 ____D () C:\Users\W7\Cyberlink 2014-08-27 11:05 - 2014-08-30 11:37 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-08-27 10:23 - 2014-08-27 10:24 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDirector_Downloader(1).exe 2014-08-27 10:22 - 2014-08-27 16:59 - 00000000 ____D () C:\Users\Public\CyberLink 2014-08-27 09:37 - 2014-08-27 09:37 - 00000797 _____ () C:\Users\W7\Desktop\CyberLink_PowerDVD_Downloader(1).lnk 2014-08-27 01:00 - 2014-08-27 01:00 - 00000803 _____ () C:\Users\W7\Desktop\CyberLink_PowerProducer_Downloader.lnk 2014-08-26 21:45 - 2014-08-29 19:08 - 00000177 _____ () C:\ProgramData\Temp.log 2014-08-26 19:31 - 2014-08-26 21:12 - 516132442 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part4.rar 2014-08-26 17:00 - 2014-08-26 19:31 - 1048576000 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part3.rar 2014-08-26 16:31 - 2014-08-26 17:00 - 1048576000 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part2.rar 2014-08-26 10:17 - 2014-08-26 11:30 - 1048863800 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part1.exe 2014-08-25 18:04 - 2014-08-25 18:04 - 00000879 _____ () C:\Users\W7\Documents\MyBackup.PBJ 2014-08-22 19:30 - 2014-08-22 19:30 - 00000000 ____D () C:\Users\W7\Documents\ARADump 2014-08-22 18:47 - 2014-08-22 18:47 - 01337603 _____ () C:\Users\W7\Documents\MY_PHOTO_082214_1.p2g 2014-08-19 12:20 - 2014-08-19 12:20 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go9 2014-08-19 12:13 - 2014-08-29 21:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2 2014-08-19 11:39 - 2014-08-19 11:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_CLVirtualBus01_01009.Wdf 2014-08-19 10:50 - 2014-08-19 10:50 - 01409896 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_Power2Go_Downloader.exe 2014-08-19 10:36 - 2014-08-19 10:36 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-08-19 10:26 - 2014-08-19 10:26 - 00002133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk 2014-08-19 10:26 - 2014-08-19 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor 2014-08-19 10:19 - 2014-08-19 11:35 - 373578968 _____ (Microsoft Corporation) C:\Users\W7\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe 2014-08-19 10:19 - 2014-08-19 10:31 - 39074536 _____ (Microsoft Corporation) C:\Users\W7\Downloads\FileFormatConverters.exe 2014-08-19 10:19 - 2014-08-19 10:24 - 08676128 _____ (Microsoft Corporation) C:\Users\W7\Downloads\Windows7UpgradeAdvisorSetup.exe 2014-08-19 09:42 - 2014-08-19 09:42 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDVD_Downloader(1).exe 2014-08-18 19:53 - 2014-08-18 19:53 - 00650840 _____ (ZDF ) C:\Users\W7\Downloads\setup.exe 2014-08-18 19:53 - 2014-08-18 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZDF 2014-08-18 19:53 - 2014-08-18 19:53 - 00000000 ____D () C:\Program Files\ZDF 2014-08-18 13:46 - 2014-08-28 12:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12 2014-08-18 13:01 - 2014-08-28 12:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 2014-08-18 12:45 - 2014-08-18 13:00 - 118742216 _____ () C:\Users\W7\Downloads\CLJ.v3618_45482_Spr_PTD130301-04.exe 2014-08-17 20:15 - 2014-08-17 20:16 - 18876296 _____ ( ) C:\Users\W7\Downloads\PowerBackup_140619_Patch_PBK140702-01.exe 2014-08-17 19:53 - 2014-08-27 11:20 - 00000803 _____ () C:\Users\W7\Desktop\CyberLink_PowerDirector_Downloader.lnk 2014-08-17 19:43 - 2014-08-17 19:50 - 98348128 _____ () C:\Users\W7\Downloads\PowerProducer_2923_GM6_Patch_PPD140502-01.exe 2014-08-17 19:32 - 2014-08-17 19:32 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerProducer_Downloader.exe 2014-08-17 11:56 - 2014-08-17 11:56 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go8 2014-08-17 11:54 - 2014-08-27 00:09 - 00001083 _____ () C:\Users\Public\Desktop\CyberLink Media Suite 11.lnk 2014-08-17 11:51 - 2014-08-18 14:17 - 00000000 ____D () C:\ProgramData\PDVD 2014-08-17 11:51 - 2014-08-17 11:51 - 00000000 ____D () C:\Users\W7\AppData\Local\MediaServer 2014-08-17 11:45 - 2011-12-26 21:37 - 00090608 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualDrive.sys 2014-08-17 11:09 - 2014-08-26 22:18 - 00000246 _____ () C:\Windows\profile.ini 2014-08-17 10:28 - 2012-02-02 17:28 - 00377840 _____ (CyberLink Corporation.) C:\Windows\system32\Drivers\CLBUDF.sys 2014-08-17 10:28 - 2012-02-02 17:28 - 00024560 _____ (Cyberlink Co.,Ltd.) C:\Windows\system32\Drivers\CLBStor.sys 2014-08-16 02:31 - 2014-08-16 02:31 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2014-08-16 02:31 - 2014-08-16 02:31 - 00002195 _____ () C:\Users\Public\Desktop\WinZip.lnk 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\Users\W7\AppData\Local\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\ProgramData\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\Program Files\WinZip 2014-08-16 02:11 - 2014-08-16 02:29 - 58807808 _____ () C:\Users\W7\Downloads\wz185gev-64.msi 2014-08-15 13:43 - 2014-08-16 16:39 - 02689160 _____ (Microsoft Corporation) C:\Users\W7\Downloads\EIE11_DE-DE_MSN_WIN764L.EXE 2014-08-15 10:43 - 2014-08-15 10:43 - 00000000 ____D () C:\Users\W7\AppData\Local\Packages 2014-08-15 10:23 - 2014-08-15 10:23 - 00837376 _____ (CyberLink Corp. ) C:\Users\W7\Downloads\Power2Go_Patch(P2G131014-01).exe 2014-08-15 10:22 - 2014-08-15 10:31 - 125083048 _____ ( ) C:\Users\W7\Downloads\PowerDVD_v5509_RiTA10(NoCinema)_Patch_DVD130828-20.exe 2014-08-15 09:56 - 2014-08-15 09:56 - 00000000 __SHD () C:\Users\W7\AppData\Local\EmieUserList 2014-08-15 09:56 - 2014-08-15 09:56 - 00000000 __SHD () C:\Users\W7\AppData\Local\EmieSiteList 2014-08-14 14:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-14 14:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-14 14:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-14 14:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-14 14:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-14 14:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-14 14:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-14 14:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-14 12:59 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-14 12:59 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-14 12:59 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-14 12:59 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-14 12:59 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-14 12:59 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-14 12:59 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-14 12:59 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-14 12:59 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-14 12:59 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-14 12:59 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-14 12:59 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-14 12:59 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-14 12:59 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-14 12:59 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-14 12:59 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-14 12:59 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-14 12:59 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-14 12:59 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-14 12:59 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-14 12:59 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-14 12:59 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-14 12:59 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-14 12:59 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-14 12:59 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-14 12:59 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-14 12:59 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-14 12:59 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-14 12:59 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-14 12:59 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-14 12:59 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-14 12:59 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-14 12:59 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-14 12:59 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-14 12:59 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-14 12:59 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-14 12:59 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-14 12:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-14 12:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-14 12:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-14 12:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-14 12:59 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-14 12:59 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-14 12:59 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-14 12:59 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-14 12:59 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-14 12:59 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-14 12:59 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-14 12:59 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-14 12:59 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-14 12:59 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-14 12:59 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-14 12:59 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-14 12:59 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-14 12:58 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-14 12:58 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-14 12:58 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-14 12:58 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-14 12:58 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-14 12:58 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-14 12:58 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-14 12:58 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-14 12:58 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-14 12:58 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-14 12:58 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-14 12:58 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-14 12:58 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-14 12:58 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-14 12:58 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-14 12:58 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-14 12:58 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-14 12:58 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-14 12:58 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-14 12:58 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-14 12:58 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-14 12:55 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-14 12:55 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-14 12:55 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-14 12:55 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-14 08:20 - 2014-08-14 08:20 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go 2014-08-13 21:04 - 2014-08-14 17:32 - 00000000 ____D () C:\Users\W7\AppData\Roaming\Apple Computer 2014-08-13 21:04 - 2014-08-13 21:04 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-08-13 21:04 - 2014-08-13 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-13 21:04 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-08-13 21:03 - 2014-08-13 21:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-13 21:03 - 2014-08-13 21:04 - 00000000 ____D () C:\Program Files\iTunes 2014-08-13 21:03 - 2014-08-13 21:04 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\iPod 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\Bonjour 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-08-13 20:54 - 2014-08-13 21:04 - 00000000 ____D () C:\Users\W7\AppData\Local\Apple Computer 2014-08-13 20:54 - 2014-08-13 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-08-13 20:54 - 2014-08-13 20:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-08-13 18:00 - 2014-08-13 21:03 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-08-13 18:00 - 2014-08-13 21:03 - 00000000 ____D () C:\ProgramData\Apple 2014-08-13 18:00 - 2014-08-13 20:54 - 00001851 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-08-13 18:00 - 2014-08-13 18:00 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Users\W7\AppData\Local\Apple 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-08-13 17:58 - 2014-08-27 10:02 - 00000000 ____D () C:\Program Files\CyberLink 2014-08-13 16:53 - 2014-08-13 16:53 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDirector_Downloader.exe 2014-08-13 16:49 - 2014-08-29 17:02 - 00000000 _____ () C:\Windows\lgfwup.ini 2014-08-13 16:49 - 2001-08-29 21:00 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemdisp.tlb 2014-08-13 16:49 - 1998-07-22 00:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb6stkit.dll 2014-08-13 16:49 - 1998-07-22 00:00 - 00102160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6KO.DLL 2014-08-13 16:49 - 1998-06-24 00:00 - 00115016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX 2014-08-13 16:46 - 2014-08-29 16:24 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2014-08-13 16:42 - 2014-08-29 20:46 - 00000000 ____D () C:\Users\W7\AppData\Roaming\CyberLink 2014-08-13 16:42 - 2014-08-19 12:19 - 00000000 ____D () C:\Users\W7\AppData\Local\CyberLink 2014-08-13 16:41 - 2014-08-19 11:36 - 00000000 ____D () C:\ProgramData\install_clap 2014-08-13 16:40 - 2014-08-29 21:29 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2014-08-13 16:40 - 2014-08-29 20:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2014-08-13 16:40 - 2014-08-28 12:43 - 00001848 _____ () C:\Users\Public\Desktop\CyberLink BD Advisor.lnk 2014-08-13 16:40 - 2014-08-13 16:40 - 00000000 ____D () C:\ProgramData\CLSK 2014-08-13 16:36 - 2014-08-29 19:05 - 00000000 ____D () C:\ProgramData\CyberLink 2014-08-13 16:35 - 2014-08-29 15:36 - 00000000 ____D () C:\ProgramData\Temp ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-05 09:16 - 2014-09-05 09:16 - 00025295 _____ () C:\Users\W7\Downloads\FRST.txt 2014-09-05 09:16 - 2014-09-05 09:16 - 00000000 ____D () C:\FRST 2014-09-05 09:13 - 2014-09-05 09:13 - 02104832 _____ (Farbar) C:\Users\W7\Downloads\FRST64.exe 2014-09-05 08:44 - 2012-12-13 17:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-05 08:18 - 2012-12-13 17:12 - 00001169 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-05 08:18 - 2012-12-13 17:12 - 00001157 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-05 08:18 - 2012-12-13 17:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-05 08:17 - 2014-08-03 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-05 08:13 - 2014-09-05 08:10 - 35704992 _____ () C:\Users\W7\Downloads\GMX_Firefox_Setup.exe 2014-09-05 07:45 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-05 07:45 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-05 07:44 - 2011-04-12 09:43 - 00709900 _____ () C:\Windows\system32\perfh007.dat 2014-09-05 07:44 - 2011-04-12 09:43 - 00154336 _____ () C:\Windows\system32\perfc007.dat 2014-09-05 07:44 - 2009-07-14 07:13 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-05 07:42 - 2014-07-30 20:59 - 01947261 _____ () C:\Windows\WindowsUpdate.log 2014-09-05 07:38 - 2014-09-01 12:12 - 00002128 _____ () C:\Windows\setupact.log 2014-09-05 07:38 - 2014-08-29 18:14 - 00000000 ____D () C:\Users\W7\AppData\Roaming\SmootherWeb 2014-09-05 07:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-04 15:58 - 2014-09-04 10:12 - 00001082 _____ () C:\Users\W7\Desktop\Continue Live Installation.lnk 2014-09-04 12:08 - 2014-09-01 12:12 - 00008482 _____ () C:\Windows\PFRO.log 2014-09-04 09:48 - 2012-12-14 15:08 - 00000072 _____ () C:\Users\Public\LMDebug.log 2014-09-03 13:11 - 2014-08-29 18:16 - 00000000 ____D () C:\Program Files (x86)\Bench 2014-09-02 14:42 - 2014-08-29 18:17 - 00000003 _____ () C:\Users\W7\AppData\Local\proxy.log 2014-09-01 14:04 - 2014-09-01 14:04 - 00776607 _____ () C:\Users\W7\Documents\MY_PHOTO_090114_1.p2g 2014-09-01 12:12 - 2014-09-01 12:12 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-01 09:17 - 2012-12-20 19:26 - 00000000 ____D () C:\Users\W7\AppData\Local\Microsoft Help 2014-08-31 17:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-08-31 16:34 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-30 11:37 - 2014-08-27 11:05 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-08-30 11:35 - 2014-08-28 16:35 - 00000000 ____D () C:\Users\W7\Documents\CyberLink 2014-08-30 07:41 - 2009-07-14 06:45 - 00315576 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-29 21:29 - 2014-08-19 12:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2 2014-08-29 21:29 - 2014-08-13 16:40 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2014-08-29 21:20 - 2014-08-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerProducer 6 2014-08-29 21:20 - 2014-08-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 4 2014-08-29 21:20 - 2012-12-13 17:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-29 21:19 - 2014-08-29 21:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13 2014-08-29 21:18 - 2014-08-29 21:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 11 2014-08-29 20:46 - 2014-08-29 20:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerBackup 2.6 2014-08-29 20:46 - 2014-08-13 16:42 - 00000000 ____D () C:\Users\W7\AppData\Roaming\CyberLink 2014-08-29 20:46 - 2014-08-13 16:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2014-08-29 20:45 - 2014-08-29 20:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8 2014-08-29 20:45 - 2014-08-29 20:45 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx 2014-08-29 19:48 - 2014-08-29 19:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaShow 6 2014-08-29 19:08 - 2014-08-26 21:45 - 00000177 _____ () C:\ProgramData\Temp.log 2014-08-29 19:05 - 2014-08-13 16:36 - 00000000 ____D () C:\ProgramData\CyberLink 2014-08-29 18:32 - 2014-08-29 18:32 - 00000000 ____D () C:\Program Files (x86)\LPT 2014-08-29 18:31 - 2014-08-29 18:31 - 00002488 _____ () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-08-29 18:31 - 2014-08-29 18:31 - 00000000 ____D () C:\Users\W7\AppData\Local\Smartbar 2014-08-29 18:31 - 2014-08-29 18:31 - 00000000 ____D () C:\Users\W7\AppData\Local\LPT 2014-08-29 18:15 - 2014-08-29 18:15 - 00000000 ____D () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb 2014-08-29 18:15 - 2014-08-29 18:15 - 00000000 ____D () C:\SmootherWeb 2014-08-29 18:15 - 2014-08-29 18:14 - 00000000 ____D () C:\Users\W7\AppData\Roaming\VOPackage 2014-08-29 18:14 - 2014-08-29 18:14 - 00000000 ____D () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage 2014-08-29 18:10 - 2014-08-29 18:09 - 00577728 _____ (Firseria.-.Installer · sl) C:\Users\W7\Downloads\RocketDock.exe 2014-08-29 17:02 - 2014-08-13 16:49 - 00000000 _____ () C:\Windows\lgfwup.ini 2014-08-29 16:24 - 2014-08-13 16:46 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2014-08-29 16:24 - 2003-03-18 21:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2014-08-29 15:36 - 2014-08-13 16:35 - 00000000 ____D () C:\ProgramData\Temp 2014-08-29 15:11 - 2014-08-29 15:11 - 00979928 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader(2).exe 2014-08-29 15:10 - 2014-08-29 15:10 - 00958992 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader(1).exe 2014-08-29 15:10 - 2014-08-29 14:58 - 139884968 _____ ( ) C:\Users\W7\Downloads\CyberLink.6.5.1229.33995__MEX101224-01.exe 2014-08-29 15:08 - 2014-08-29 15:08 - 00586216 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader.exe 2014-08-29 15:04 - 2014-08-29 15:01 - 24399248 _____ ( ) C:\Users\W7\Downloads\CyberLink.6.5.1718.38196__MEX110504-03.exe 2014-08-29 13:20 - 2014-08-29 13:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-08-28 17:50 - 2014-08-27 17:00 - 00002126 _____ () C:\Users\W7\Desktop\CyberLink PowerDirector 11.lnk 2014-08-28 12:43 - 2014-08-18 13:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12 2014-08-28 12:43 - 2014-08-18 13:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 2014-08-28 12:43 - 2014-08-13 16:40 - 00001848 _____ () C:\Users\Public\Desktop\CyberLink BD Advisor.lnk 2014-08-27 17:03 - 2014-08-27 17:03 - 00001337 _____ () C:\Users\W7\Desktop\PowerDVD13 - Verknüpfung.lnk 2014-08-27 17:02 - 2014-08-27 17:02 - 00001355 _____ () C:\Users\W7\Desktop\PowerBackup - Verknüpfung.lnk 2014-08-27 16:59 - 2014-08-27 10:22 - 00000000 ____D () C:\Users\Public\CyberLink 2014-08-27 16:58 - 2014-08-27 16:58 - 00001409 _____ () C:\Users\W7\Desktop\PhotoDirector4 - Verknüpfung.lnk 2014-08-27 16:47 - 2014-08-03 16:18 - 00000320 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job 2014-08-27 12:18 - 2014-08-27 12:18 - 00001423 _____ () C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk 2014-08-27 11:37 - 2014-08-27 11:37 - 00001088 _____ () C:\Users\Public\Desktop\CyberLink Power2Go 9.lnk 2014-08-27 11:37 - 2014-08-27 11:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9 2014-08-27 11:28 - 2014-08-27 11:15 - 513259190 _____ () C:\Users\W7\Documents\PowerDirector_2930_GM6_Trial_Trial_VDE140527-02.tmp 2014-08-27 11:20 - 2014-08-17 19:53 - 00000803 _____ () C:\Users\W7\Desktop\CyberLink_PowerDirector_Downloader.lnk 2014-08-27 11:06 - 2014-08-27 11:06 - 00000000 ____D () C:\Users\W7\Cyberlink 2014-08-27 11:06 - 2012-12-13 16:58 - 00000000 ____D () C:\Users\W7 2014-08-27 10:24 - 2014-08-27 10:23 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDirector_Downloader(1).exe 2014-08-27 10:02 - 2014-08-13 17:58 - 00000000 ____D () C:\Program Files\CyberLink 2014-08-27 09:37 - 2014-08-27 09:37 - 00000797 _____ () C:\Users\W7\Desktop\CyberLink_PowerDVD_Downloader(1).lnk 2014-08-27 01:00 - 2014-08-27 01:00 - 00000803 _____ () C:\Users\W7\Desktop\CyberLink_PowerProducer_Downloader.lnk 2014-08-27 00:09 - 2014-08-17 11:54 - 00001083 _____ () C:\Users\Public\Desktop\CyberLink Media Suite 11.lnk 2014-08-26 22:18 - 2014-08-17 11:09 - 00000246 _____ () C:\Windows\profile.ini 2014-08-26 21:12 - 2014-08-26 19:31 - 516132442 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part4.rar 2014-08-26 19:31 - 2014-08-26 17:00 - 1048576000 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part3.rar 2014-08-26 17:00 - 2014-08-26 16:31 - 1048576000 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part2.rar 2014-08-26 11:30 - 2014-08-26 10:17 - 1048863800 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part1.exe 2014-08-25 18:04 - 2014-08-25 18:04 - 00000879 _____ () C:\Users\W7\Documents\MyBackup.PBJ 2014-08-23 04:07 - 2014-08-28 13:04 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 13:04 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 13:04 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 19:30 - 2014-08-22 19:30 - 00000000 ____D () C:\Users\W7\Documents\ARADump 2014-08-22 18:47 - 2014-08-22 18:47 - 01337603 _____ () C:\Users\W7\Documents\MY_PHOTO_082214_1.p2g 2014-08-19 12:20 - 2014-08-19 12:20 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go9 2014-08-19 12:19 - 2014-08-13 16:42 - 00000000 ____D () C:\Users\W7\AppData\Local\CyberLink 2014-08-19 11:39 - 2014-08-19 11:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_CLVirtualBus01_01009.Wdf 2014-08-19 11:36 - 2014-08-13 16:41 - 00000000 ____D () C:\ProgramData\install_clap 2014-08-19 11:35 - 2014-08-19 10:19 - 373578968 _____ (Microsoft Corporation) C:\Users\W7\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe 2014-08-19 10:50 - 2014-08-19 10:50 - 01409896 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_Power2Go_Downloader.exe 2014-08-19 10:36 - 2014-08-19 10:36 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-08-19 10:31 - 2014-08-19 10:19 - 39074536 _____ (Microsoft Corporation) C:\Users\W7\Downloads\FileFormatConverters.exe 2014-08-19 10:26 - 2014-08-19 10:26 - 00002133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk 2014-08-19 10:26 - 2014-08-19 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor 2014-08-19 10:24 - 2014-08-19 10:19 - 08676128 _____ (Microsoft Corporation) C:\Users\W7\Downloads\Windows7UpgradeAdvisorSetup.exe 2014-08-19 09:42 - 2014-08-19 09:42 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDVD_Downloader(1).exe 2014-08-18 19:53 - 2014-08-18 19:53 - 00650840 _____ (ZDF ) C:\Users\W7\Downloads\setup.exe 2014-08-18 19:53 - 2014-08-18 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZDF 2014-08-18 19:53 - 2014-08-18 19:53 - 00000000 ____D () C:\Program Files\ZDF 2014-08-18 19:37 - 2012-12-21 18:34 - 00000689 _____ () C:\Users\W7\eve2.ini 2014-08-18 19:31 - 2012-12-13 17:20 - 00000000 ____D () C:\Users\W7\AppData\Roaming\vlc 2014-08-18 17:14 - 2012-12-13 17:18 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-18 17:14 - 2012-12-13 17:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-18 17:14 - 2012-12-13 17:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-18 14:17 - 2014-08-17 11:51 - 00000000 ____D () C:\ProgramData\PDVD 2014-08-18 13:00 - 2014-08-18 12:45 - 118742216 _____ () C:\Users\W7\Downloads\CLJ.v3618_45482_Spr_PTD130301-04.exe 2014-08-17 20:16 - 2014-08-17 20:15 - 18876296 _____ ( ) C:\Users\W7\Downloads\PowerBackup_140619_Patch_PBK140702-01.exe 2014-08-17 19:50 - 2014-08-17 19:43 - 98348128 _____ () C:\Users\W7\Downloads\PowerProducer_2923_GM6_Patch_PPD140502-01.exe 2014-08-17 19:32 - 2014-08-17 19:32 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerProducer_Downloader.exe 2014-08-17 18:57 - 2012-12-21 18:06 - 00000000 ____D () C:\Users\W7\AppData\Local\DoNotTrackPlus 2014-08-17 14:36 - 2012-12-21 18:34 - 00000000 ____D () C:\Users\W7\AppData\Roaming\NVIDIA 2014-08-17 11:57 - 2012-12-14 12:07 - 00003806 _____ () C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar 2014-08-17 11:56 - 2014-08-17 11:56 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go8 2014-08-17 11:51 - 2014-08-17 11:51 - 00000000 ____D () C:\Users\W7\AppData\Local\MediaServer 2014-08-17 09:23 - 2014-04-02 17:41 - 00002194 _____ () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-08-16 16:39 - 2014-08-15 13:43 - 02689160 _____ (Microsoft Corporation) C:\Users\W7\Downloads\EIE11_DE-DE_MSN_WIN764L.EXE 2014-08-16 12:54 - 2012-12-14 14:39 - 00003696 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2014-08-16 02:31 - 2014-08-16 02:31 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2014-08-16 02:31 - 2014-08-16 02:31 - 00002195 _____ () C:\Users\Public\Desktop\WinZip.lnk 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\Users\W7\AppData\Local\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\ProgramData\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\Program Files\WinZip 2014-08-16 02:29 - 2014-08-16 02:11 - 58807808 _____ () C:\Users\W7\Downloads\wz185gev-64.msi 2014-08-16 01:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-15 10:43 - 2014-08-15 10:43 - 00000000 ____D () C:\Users\W7\AppData\Local\Packages 2014-08-15 10:42 - 2003-02-21 05:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2014-08-15 10:31 - 2014-08-15 10:22 - 125083048 _____ ( ) C:\Users\W7\Downloads\PowerDVD_v5509_RiTA10(NoCinema)_Patch_DVD130828-20.exe 2014-08-15 10:23 - 2014-08-15 10:23 - 00837376 _____ (CyberLink Corp. ) C:\Users\W7\Downloads\Power2Go_Patch(P2G131014-01).exe 2014-08-15 09:56 - 2014-08-15 09:56 - 00000000 __SHD () C:\Users\W7\AppData\Local\EmieUserList 2014-08-15 09:56 - 2014-08-15 09:56 - 00000000 __SHD () C:\Users\W7\AppData\Local\EmieSiteList 2014-08-15 09:15 - 2012-12-20 15:40 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-14 17:32 - 2014-08-13 21:04 - 00000000 ____D () C:\Users\W7\AppData\Roaming\Apple Computer 2014-08-14 14:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-14 14:13 - 2012-12-20 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-14 14:08 - 2013-07-29 23:20 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-14 14:07 - 2012-12-14 14:23 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-14 14:04 - 2014-05-06 19:51 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-14 08:20 - 2014-08-14 08:20 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go 2014-08-13 21:04 - 2014-08-13 21:04 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-08-13 21:04 - 2014-08-13 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-13 21:04 - 2014-08-13 21:03 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-13 21:04 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\iTunes 2014-08-13 21:04 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-08-13 21:04 - 2014-08-13 20:54 - 00000000 ____D () C:\Users\W7\AppData\Local\Apple Computer 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\iPod 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\Bonjour 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-08-13 21:03 - 2014-08-13 18:00 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-08-13 21:03 - 2014-08-13 18:00 - 00000000 ____D () C:\ProgramData\Apple 2014-08-13 20:54 - 2014-08-13 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-08-13 20:54 - 2014-08-13 20:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-08-13 20:54 - 2014-08-13 18:00 - 00001851 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-08-13 18:00 - 2014-08-13 18:00 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Users\W7\AppData\Local\Apple 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-08-13 16:53 - 2014-08-13 16:53 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDirector_Downloader.exe 2014-08-13 16:51 - 2012-12-13 17:44 - 00073304 _____ () C:\Users\W7\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-13 16:40 - 2014-08-13 16:40 - 00000000 ____D () C:\ProgramData\CLSK 2014-08-08 13:41 - 2013-10-29 12:47 - 00001076 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-08-07 04:06 - 2014-08-14 12:55 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-14 12:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Some content of TEMP: ==================== C:\Users\W7\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-28 10:15 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02 Ran by W7 at 2014-09-05 09:16:33 Running from C:\Users\W7\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon) Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: - Apple Inc.) Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: - Ask.com) <==== ATTENTION Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: - Ask.com) <==== ATTENTION Avira System Speedup (HKLM-x32\...\AviraSpeedup) (Version: - Avira System Speedup) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: - Apple Inc.) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Conflict Desert Storm II (HKLM-x32\...\{08F0DDCB-05C1-4A0E-B9E7-9EE077A2EDAD}) (Version: - ) CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.5425 - CyberLink Corp.) CyberLink Holiday Magic Style Pack 2 (x32 Version: 2.0 - CyberLink Corp.) Hidden CyberLink LabelPrint 2.5 (x32 Version: - CyberLink Corp.) Hidden CyberLink Media Suite 10 (x32 Version: 10.2021 - CyberLink Corp.) Hidden CyberLink Media Suite 11 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3019_44673 - CyberLink Corp.) Hidden CyberLink MediaShow 6 (HKLM-x32\...\InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}) (Version: 6.0.5225 - CyberLink Corp.) CyberLink MediaShow 6 (x32 Version: 6.0.5225 - CyberLink Corp.) Hidden CyberLink PhotoDirector 4 (HKLM-x32\...\InstallShield_{44510C84-AE2A-4079-A75B-D44E68D73B9A}) (Version: 4.0.4211.0 - CyberLink Corp.) CyberLink PhotoDirector 4 (x32 Version: 4.0.4211.0 - CyberLink Corp.) Hidden CyberLink Power2Go 7 (x32 Version: - CyberLink Corp.) Hidden CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: - CyberLink Corp.) CyberLink Power2Go 8 (x32 Version: - CyberLink Corp.) Hidden CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.1827.0 - CyberLink Corp.) CyberLink Power2Go 9 (x32 Version: 9.0.1827.0 - CyberLink Corp.) Hidden CyberLink PowerBackup 2.6 (x32 Version: 2.6.1324b - CyberLink Corp.) Hidden CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: - CyberLink Corp.) CyberLink PowerDirector 11 (x32 Version: - CyberLink Corp.) Hidden CyberLink PowerDVD 10 (x32 Version: 10.0.4125.52 - CyberLink Corp.) Hidden CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3018.57 - CyberLink Corp.) CyberLink PowerDVD 13 (x32 Version: 13.0.3018.57 - CyberLink Corp.) Hidden CyberLink PowerDVD Copy 1.5 (x32 Version: - CyberLink Corp.) Hidden CyberLink PowerProducer 5.5 (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - CyberLink Corp.) CyberLink PowerProducer 5.5 (x32 Version: - CyberLink Corp.) Hidden CyberLink PowerProducer 6 (HKLM-x32\...\InstallShield_{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}) (Version: 6.0.1820.0 - CyberLink Corp.) CyberLink PowerProducer 6 (x32 Version: 6.0.1820.0 - CyberLink Corp.) Hidden CyberLink Romance Pack v3 2 (HKLM-x32\...\InstallShield_{D66DE2CC-64DF-402D-B270-33F2A6C67F0C}) (Version: 2.0 - CyberLink Corp.) CyberLink Romance Pack v3 2 (x32 Version: 2.0 - CyberLink Corp.) Hidden CyberLink Travel Pack (x32 Version: 1.0 - CyberLink Corp.) Hidden CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: - CyberLink Corp.) CyberLink WaveEditor 2 (x32 Version: - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Desert Storm (HKLM-x32\...\{9FB2CE8C-E86C-4368-B3C9-F472898F926E}) (Version: - ) DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte) (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft) DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM-x32\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte) Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft) DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version: - CM&V) Eve v2 (HKLM-x32\...\InstallShield_{5BD4122B-DF26-4FED-9BC6-D1B355BB6804}) (Version: - MainConcept AG) Eve v2 (x32 Version: - MainConcept AG) Hidden Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: - Google) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: - Apple Inc.) Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle) Java SE Development Kit 7 Update 10 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170100}) (Version: - Oracle) Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden LPT System Updater Service (x32 Version: - LPT) Hidden <==== ATTENTION MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: - MainConcept GmbH) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Corporation (Version: - Microsoft Corporation) Hidden Microsoft Corporation (x32 Version: - Microsoft Corporation) Hidden Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation) NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: - CMI Limited) <==== ATTENTION Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: - Samsung Electronics Co., Ltd.) SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden SmootherWeb (HKCU Version: 1.0 - SmootherWeb LLC) Hidden Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.010 - MSI) SuperEasy Driver Updater v.1.1.1 (HKLM-x32\...\{039BC111-D60F-A6FF-85F4-7992EA886B8D}_is1) (Version: 1.1.1 - SuperEasy Software GmbH & Co. KG) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: - UBISOFT) Um die Welt in 80 Tagen 1.0 (HKLM-x32\...\Um die Welt in 80 Tagen_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation) Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.123 - MSI) WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. ) Yahoo Community Smartbar (HKLM-x32\...\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}) (Version: - Linkury Inc.) <==== ATTENTION Yahoo Community Smartbar Engine (HKCU\...\{1a4575d3-b88a-4d28-91bd-10715d53b2cc}) (Version: - Linkury Inc.) <==== ATTENTION ZDFmediathek Version 2.1.6 (HKLM\...\ZDFmediathek_is1) (Version: - ZDF) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 31-08-2014 11:05:42 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {295D3285-F7B2-47A8-BC9E-B95F64F2D582} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {3DCED7C5-B1E4-4C07-B664-3C74CB3342FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-18] (Adobe Systems Incorporated) Task: {533B99EB-D2C6-48FF-B618-14AC797B2E8C} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software) Task: {9B506FF9-4773-4F17-9B9D-539E3755C60F} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe [2013-11-01] (SuperEasy Software) Task: {B124F2EE-2A70-4D3B-A3F2-E294552A08B0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {B9257D40-B418-40A0-9233-80353834180B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {BD8E7889-9CEC-4D61-9544-891F5880BE41} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION Task: {D60F9982-5E07-45FB-A18E-3DD57187FC3A} - System32\Tasks\{2A671375-9947-42AA-8731-257B24A36542} => C:\Program Files (x86)\DVBViewer TE2\DVBViewerTE.exe [2012-12-20] (CM&V Hackbart) Task: {EA8B09B8-B29E-417C-A245-C4ECF568FAD4} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [2014-05-15] (Avira) Task: {F19E57F6-51EC-47E1-B51D-6CC7492D2C17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3702731666-1061839965-1659386759-1000 Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe ==================== Loaded Modules (whitelisted) ============= 2012-12-20 16:19 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-08-03 17:05 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll 2011-06-21 08:42 - 2011-06-21 08:42 - 00034304 _____ () C:\Windows\System32\sst3cl6.dll 2014-08-27 16:24 - 2014-08-27 16:24 - 00034304 _____ () C:\Program Files (x86)\LPT\srpts.exe 2014-08-27 16:24 - 2014-08-27 16:29 - 00036352 _____ () C:\Program Files (x86)\LPT\srptsl.exe 2014-08-13 18:01 - 2012-08-08 21:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2014-08-29 18:15 - 2014-08-29 18:15 - 00071680 _____ () C:\Users\W7\AppData\Roaming\VOPackage\VOsrv.exe 2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-29 20:45 - 2013-05-28 14:33 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll 2014-08-29 20:45 - 2013-03-06 05:04 - 01353688 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\DEU\P2GRC.dll 2014-08-29 20:45 - 2013-05-28 14:33 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll 2011-03-09 14:21 - 2011-03-09 14:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2014-08-29 20:45 - 2013-03-05 05:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-05 11:41 - 2013-03-05 11:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2014-08-29 21:18 - 2011-08-24 04:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\koan\_ctypes.pyd 2014-08-29 21:18 - 2011-08-24 04:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_socket.pyd 2014-08-29 21:18 - 2011-08-24 04:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_ssl.pyd 2014-08-29 21:18 - 2013-06-18 05:51 - 00043272 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll 2013-05-20 11:02 - 2013-05-20 11:02 - 00016856 _____ () D:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvcPS.dll 2014-08-29 19:08 - 2013-02-27 16:09 - 33747928 _____ () D:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll 2014-08-27 16:24 - 2014-08-27 16:29 - 00044032 _____ () C:\Program Files (x86)\LPT\srptc.dll 2014-08-27 16:23 - 2014-08-27 16:28 - 00018944 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll 2014-08-27 16:24 - 2014-08-27 16:29 - 00071680 _____ () C:\Program Files (x86)\LPT\srut.dll 2014-08-03 17:11 - 2013-05-09 04:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-08-03 16:00 - 2014-08-26 10:14 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-08-27 16:29 - 2014-08-27 16:29 - 00024576 _____ () C:\Users\W7\AppData\Local\LPT\srptm.exe 2014-08-27 16:29 - 2014-08-27 16:29 - 00083968 _____ () C:\Users\W7\AppData\Local\LPT\srpt.dll 2014-08-27 16:29 - 2014-08-27 16:29 - 00044032 _____ () C:\Users\W7\AppData\Local\LPT\srptc.dll 2014-08-27 16:28 - 2014-08-27 16:28 - 00018944 _____ () C:\Users\W7\AppData\Local\LPT\Smartbar.Common.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Microsoft PS/2-Maus Description: Microsoft PS/2-Maus Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Standardtastatur (PS/2) Description: Standardtastatur (PS/2) Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardtastaturen) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (09/05/2014 07:40:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/04/2014 06:35:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5007 Error: (09/04/2014 06:35:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5007 Error: (09/04/2014 06:35:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/04/2014 06:35:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4009 Error: (09/04/2014 06:35:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4009 Error: (09/04/2014 06:35:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/04/2014 06:34:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3010 Error: (09/04/2014 06:34:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3010 Error: (09/04/2014 06:34:59 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (09/05/2014 07:38:38 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Der Dienst "Net.Tcp-Listeneradapter" ist von folgendem Dienst abhängig: was. Dieser Dienst ist eventuell nicht installiert. Error: (09/05/2014 07:38:38 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Der Dienst "Net.Pipe-Listeneradapter" ist von folgendem Dienst abhängig: was. Dieser Dienst ist eventuell nicht installiert. Error: (09/05/2014 07:38:38 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Der Dienst "Net.Msmq-Listeneradapter" ist von folgendem Dienst abhängig: msmq. Dieser Dienst ist eventuell nicht installiert. Error: (09/05/2014 07:38:20 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (09/05/2014 07:38:20 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (09/04/2014 07:53:08 PM) (Source: NetBT) (EventID: 4319) (User: ) Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers, der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an der Eingabeaufforderung, um den doppelten Namen zu bestimmen. Error: (09/04/2014 07:40:53 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse registriert werden. Der Computer mit IP-Adresse hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (09/04/2014 03:28:00 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Der Dienst "Net.Tcp-Listeneradapter" ist von folgendem Dienst abhängig: was. Dieser Dienst ist eventuell nicht installiert. Error: (09/04/2014 03:28:00 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Der Dienst "Net.Pipe-Listeneradapter" ist von folgendem Dienst abhängig: was. Dieser Dienst ist eventuell nicht installiert. Error: (09/04/2014 03:28:00 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Der Dienst "Net.Msmq-Listeneradapter" ist von folgendem Dienst abhängig: msmq. Dieser Dienst ist eventuell nicht installiert. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-09-05 07:38:25.036 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-05 07:38:24.989 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 15:27:46.677 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 15:27:46.630 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 12:08:17.020 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 12:08:16.974 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 09:41:31.662 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 09:41:31.615 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 08:52:37.239 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 08:52:37.176 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Percentage of memory in use: 27% Total physical RAM: 8154.04 MB Available physical RAM: 5876.66 MB Total Pagefile: 16306.27 MB Available Pagefile: 13773.46 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (Volume) (Fixed) (Total:119.24 GB) (Free:44.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (System) (Fixed) (Total:921.75 GB) (Free:798.3 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: ACE505B3) Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 16900433) Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27) Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
![]() | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() windows version installer Adware/Junkware/Toolbars entfernen (alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen aus den Desktop!) 1. Schritt: adwCleaner Downloade Dir bitte ![]()
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #5 |
| ![]() windows version installer Datei nach AdwCleaner Code:
ATTFilter # AdwCleaner v3.309 - Bericht erstellt am 05/09/2014 um 14:34:26 # Aktualisiert 02/09/2014 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : W7 - W7-PC # Gestartet von : C:\Users\W7\Downloads\adwcleaner_3.309.exe # Option : Löschen ***** [ Dienste ] ***** Dienst Gelöscht : LPTSystemUpdater Dienst Gelöscht : servervo ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\SmootherWeb Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx Ordner Gelöscht : C:\Program Files (x86)\Bench Ordner Gelöscht : C:\Program Files (x86)\LPT Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe} [/!\] Nicht Gelöscht ( Junction ) : C:\Program Files\Gemeinsame Dateien Ordner Gelöscht : C:\Users\Jürgen Rüdiger\AppData\LocalLow\AskToolbar Ordner Gelöscht : C:\Users\W7\AppData\Local\LPT Ordner Gelöscht : C:\Users\W7\AppData\Local\Smartbar Ordner Gelöscht : C:\Users\W7\AppData\Roaming\SmootherWeb Ordner Gelöscht : C:\Users\W7\AppData\Roaming\VOPackage Ordner Gelöscht : C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmootherWeb Ordner Gelöscht : C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage Ordner Gelöscht : C:\Users\Jürgen Rüdiger\AppData\Roaming\Mozilla\Firefox\Profiles\w8x1gkyk.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} Ordner Gelöscht : C:\Users\Jürgen Rüdiger\AppData\Roaming\Mozilla\Firefox\Profiles\w8x1gkyk.default\Extensions\toolbar@ask.com Datei Gelöscht : C:\Users\Jürgen Rüdiger\AppData\Roaming\Mozilla\Firefox\Profiles\w8x1gkyk.default\searchplugins\Askcom.xml Datei Gelöscht : C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\searchplugins\Web Search.xml ***** [ Tasks ] ***** Task Gelöscht : Scheduled Update for Ask Toolbar ***** [ Verknüpfungen ] ***** Verknüpfung Desinfiziert : C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ***** [ Registrierungsdatenbank ] ***** Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [smoother] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1EDE0D83-B129-4ABC-923B-725D5B0C0DAC} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Schlüssel Gelöscht : HKCU\Software\AnyProtect Schlüssel Gelöscht : HKCU\Software\SmartBar Schlüssel Gelöscht : HKCU\Software\smartbarbackup Schlüssel Gelöscht : HKCU\Software\smartbarlog Schlüssel Gelöscht : HKLM\SOFTWARE\AdvertisingSupport Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17239 Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] -\\ Mozilla Firefox v32.0 (x86 de) [ Datei : C:\Users\Jürgen Rüdiger\AppData\Roaming\Mozilla\Firefox\Profiles\w8x1gkyk.default\prefs.js ] Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE"); Zeile gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\"); Zeile gelöscht : user_pref("extensions.asktb.apn_dbr", "ff_16.0"); Zeile gelöscht : user_pref("extensions.asktb.autofill-text-highlight-enabled", true); Zeile gelöscht : user_pref("extensions.asktb.cbid", "^AGS"); Zeile gelöscht : user_pref("extensions.asktb.config-updated", false); Zeile gelöscht : user_pref("extensions.asktb.crumb", "2012.12.01+08.10.02-toolbar006iad-DE-UGFzc2F1LEdlcm1hbnk%3D"); Zeile gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&gct=bar&locale={locale}"); Zeile gelöscht : user_pref("extensions.asktb.domain", "avira-int.ask.com"); Zeile gelöscht : user_pref("extensions.asktb.domainName", "avira-int.ask.com"); Zeile gelöscht : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE"); Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", ""); Zeile gelöscht : user_pref("extensions.asktb.fresh-install", false); Zeile gelöscht : user_pref("extensions.asktb.guid", "6375c9a9-9005-4746-bdaa-57595599bd87"); Zeile gelöscht : user_pref("extensions.asktb.hpr", "YES"); Zeile gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...] Zeile gelöscht : user_pref("extensions.asktb.if", "first"); Zeile gelöscht : user_pref("extensions.asktb.l", "dis"); Zeile gelöscht : user_pref("extensions.asktb.last-config-req", "1354648872324"); Zeile gelöscht : user_pref("extensions.asktb.locale", "de_DE"); Zeile gelöscht : user_pref("extensions.asktb.localePref", true); Zeile gelöscht : user_pref("extensions.asktb.location", "Passau,Germany"); Zeile gelöscht : user_pref("extensions.asktb.nthp", "YES"); Zeile gelöscht : user_pref("extensions.asktb.nthp_prev", "0"); Zeile gelöscht : user_pref("extensions.asktb.o", "APN10261"); Zeile gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true); Zeile gelöscht : user_pref("extensions.asktb.qsrc", "2871"); Zeile gelöscht : user_pref("extensions.asktb.r", "3"); Zeile gelöscht : user_pref("extensions.asktb.sa", "YES"); Zeile gelöscht : user_pref("extensions.asktb.saguid", "703DFAAF-CC3D-41A3-BBAA-316DCE8CC588"); Zeile gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true); Zeile gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); Zeile gelöscht : user_pref("extensions.asktb.socialmini-first", true); Zeile gelöscht : user_pref("extensions.asktb.socialmini-interval", "1200000"); Zeile gelöscht : user_pref("extensions.asktb.socialmini-max-char-ticker", "33"); Zeile gelöscht : user_pref("extensions.asktb.socialmini-max-items", "30"); Zeile gelöscht : user_pref("extensions.asktb.socialmini-native-on", true); Zeile gelöscht : user_pref("extensions.asktb.socialmini-speed", "5000"); Zeile gelöscht : user_pref("extensions.asktb.themeid", ""); Zeile gelöscht : user_pref("extensions.asktb.timeinstalled", "01.12.2012 17:17:21"); Zeile gelöscht : user_pref("extensions.asktb.to", ""); Zeile gelöscht : user_pref("extensions.asktb.v", ""); Zeile gelöscht : user_pref("extensions.asktb.version", ""); Zeile gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=6375c9a9-9005-4746-bdaa-57595599bd87&apn_ptnrs=^AGS&apn_sauid=703DFAAF-CC3D-41A3-B[...] [ Datei : C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\prefs.js ] Zeile gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml"); Zeile gelöscht : user_pref("browser.search.defaultenginename", "Web Search"); Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search"); Zeile gelöscht : user_pref("extensions.asktb.FeaturePageVersion", "1"); Zeile gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\"); Zeile gelöscht : user_pref("extensions.asktb.OOBEVersion", "1"); Zeile gelöscht : user_pref("extensions.asktb.apn_dbr", "ff_15.0.1"); Zeile gelöscht : user_pref("extensions.asktb.autofill-text-highlight-enabled", true); Zeile gelöscht : user_pref("extensions.asktb.cbid", "^AGS"); Zeile gelöscht : user_pref("extensions.asktb.config-updated", true); Zeile gelöscht : user_pref("extensions.asktb.crumb", "2012.12.14+01.59.15-toolbar013iad-DE-UGFzc2F1LEdlcm1hbnk%3D"); Zeile gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}&gct=bar&locale={locale}"); Zeile gelöscht : user_pref("extensions.asktb.domain", "avira-int.ask.com"); Zeile gelöscht : user_pref("extensions.asktb.domainName", "avira-int.ask.com"); Zeile gelöscht : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE"); Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", ""); Zeile gelöscht : user_pref("extensions.asktb.first-launch-url", "file:///H:/GPS%20Strecken/Nordkap%202010/PTGM_20100807215607/PTGM_20100807215607.html"); Zeile gelöscht : user_pref("extensions.asktb.first-restart-after-config-update", true); Zeile gelöscht : user_pref("extensions.asktb.guid", "4ce158d9-29ca-4736-be77-42f0262017ec"); Zeile gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...] Zeile gelöscht : user_pref("extensions.asktb.if", "first"); Zeile gelöscht : user_pref("extensions.asktb.keyword-toggled-in-session", false); Zeile gelöscht : user_pref("extensions.asktb.l", "dis"); Zeile gelöscht : user_pref("extensions.asktb.last-config-req", "1360921083000"); Zeile gelöscht : user_pref("extensions.asktb.locale", "de_DE"); Zeile gelöscht : user_pref("extensions.asktb.localePref", true); Zeile gelöscht : user_pref("extensions.asktb.location", "Passau,Germany"); Zeile gelöscht : user_pref("extensions.asktb.new-tab-opt-out", true); Zeile gelöscht : user_pref("extensions.asktb.o", "APN10261"); Zeile gelöscht : user_pref("extensions.asktb.qsrc", "2871"); Zeile gelöscht : user_pref("extensions.asktb.sa", "YES"); Zeile gelöscht : user_pref("extensions.asktb.saguid", "EE80E27E-26A3-48D4-AE69-BE1AE150BD6D"); Zeile gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true); Zeile gelöscht : user_pref("extensions.asktb.silent-upgrade", true); Zeile gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false); Zeile gelöscht : user_pref("extensions.asktb.socialmini-first", true); Zeile gelöscht : user_pref("extensions.asktb.socialmini-interval", "1200000"); Zeile gelöscht : user_pref("extensions.asktb.socialmini-max-char-ticker", "33"); Zeile gelöscht : user_pref("extensions.asktb.socialmini-max-items", "30"); Zeile gelöscht : user_pref("extensions.asktb.socialmini-native-on", true); Zeile gelöscht : user_pref("extensions.asktb.socialmini-speed", "5000"); Zeile gelöscht : user_pref("extensions.asktb.themeid", ""); Zeile gelöscht : user_pref("extensions.asktb.timeinstalled", "14.12.2012 11:07:32"); Zeile gelöscht : user_pref("extensions.asktb.to", ""); Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false); Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false); Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false); Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false); Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3); Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 0); Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 29); Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1409157146931"); Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15); Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "34714"); Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de"); Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "yahoogo"); Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\".search.yahoo.com\\\\\\/yhs\\\\\\/search?hspart=lkry\\\",\\\"www.only-apart[...] Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false"); Zeile gelöscht : user_pref("extensions.helperbar.installationid", "0e46de61-0fff-800a-e5ea-90751eaa937a"); Zeile gelöscht : user_pref("extensions.helperbar.installdate", "29/08/2014"); Zeile gelöscht : user_pref("extensions.helperbar.iswinxp", "false"); Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1409329943"); Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1409895625560"); Zeile gelöscht : user_pref("extensions.helperbar.publisher", "yahoogo"); Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StOI93zwfugoWJItNRYPZ4VbE2sM3Wt2uxiu5I8rEc84ND-xbOWtH9iDsAl5S4v4etGyn43zhXYg5WN3i-p3yzh1WCnmuJ87AYJjzBuH3PnkQcK42IxRuUQWQGmhpV1[...] -\\ Google Chrome v [ Datei : C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [27956 octets] - [05/09/2014 14:33:46] AdwCleaner[S0].txt - [25419 octets] - [05/09/2014 14:34:26] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25480 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by W7 on 05.09.2014 at 14:46:45,42 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9 ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted: [Folder] C:\Users\W7\AppData\Roaming\mozilla\firefox\profiles\mx65e4l8.default\extensions\toolbar@gmx.net Emptied folder: C:\Users\W7\AppData\Roaming\mozilla\firefox\profiles\mx65e4l8.default\minidumps [89 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 05.09.2014 at 14:50:10,66 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
![]() | #6 |
| ![]() windows version installer Farbar´s....FRST und FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02 Ran by W7 (administrator) on W7-PC on 05-09-2014 14:58:40 Running from C:\Users\W7\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (CyberLink Corp.) D:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (CyberLink) D:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe (CyberLink Corporation.) D:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe (CyberLink) D:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe (CyberLink) D:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Thisisu) C:\Users\W7\Downloads\JRT.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-05-22] (MSI) HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl10] => D:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-25] (cyberlink) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492296 2013-05-28] (CyberLink Corp.) HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [513048 2013-06-18] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer_For_P2G9] => D:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2014-08-11] (CyberLink) HKLM-x32\...\Run: [InstantBurn] => D:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [705496 2013-04-08] (CyberLink Corporation.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [{91120000-002F-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H HKU\S-1-5-21-3702731666-1061839965-1659386759-1000\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [5085416 2014-05-15] (Avira) HKU\S-1-5-21-3702731666-1061839965-1659386759-1000\...\Run: [Power2GoExpress9] => D:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe [2397448 2014-08-11] (CyberLink Corp.) HKU\S-1-5-21-3702731666-1061839965-1659386759-1000\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1712904 2013-05-28] (CyberLink Corp.) IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\lifecam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\nvstlink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\nvstview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\super-charger.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x677E702A95DFCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF SearchEngineOrder.1: Ask.com FF SearchEngineOrder.3: Bing FF Homepage: hxxp://www.startxxl.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Yahoo Community Smartbar - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a} [2014-08-29] FF Extension: Smoother Web - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-08-29] FF Extension: StartXXL - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\support@startxxl.com.xpi [2014-01-30] FF Extension: Adblock Plus - C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-16] Chrome: ======= CHR HomePage: Default -> CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll No File CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File CHR Profile: C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-14] CHR Extension: (YouTube) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-14] CHR Extension: (Google-Suche) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-14] CHR Extension: (Google Mail) - C:\Users\W7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [804944 2014-08-11] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-11] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-11] (Avira Operations GmbH & Co. KG) S2 CLKMSVC10_58664B3D; D:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-25] (CyberLink) R2 CyberLink PowerDVD 13 Media Server Monitor Service; D:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2014-07-24] (CyberLink) R2 CyberLink PowerDVD 13 Media Server Service; D:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2014-07-24] (CyberLink) R2 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed] R2 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [142904 2012-05-22] (MSI) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-12-15] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [42040 2014-07-15] (Avira Operations GmbH & Co. KG) R1 CLBStor; C:\Windows\System32\Drivers\CLBStor.sys [24560 2012-02-02] (Cyberlink Co.,Ltd.) R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [377840 2012-02-02] (CyberLink Corporation.) R3 CLVirtualBus01; C:\Windows\System32\DRIVERS\CLVirtualBus01.sys [96008 2014-03-12] (CyberLink) R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-12-15] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2013-05-09] (Intel Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2005-02-04] (Padus, Inc.) [File not signed] R3 SkyNetNXPBDA_AMD64; C:\Windows\System32\DRIVERS\SkyNetNXPBDA_AMD64.sys [2128984 2011-04-13] (TechniSat Digital, S.A.) S3 skynetvirtualnetwork; C:\Windows\System32\DRIVERS\SkyNetVirtualNetwork_AMD64.SYS [140288 2011-04-13] (TechniSat Digital, S.A.) [File not signed] R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software) R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; D:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [32456 2014-07-24] (CyberLink Corp.) S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] U2 TMAgent; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-05 14:53 - 2014-09-05 14:53 - 00001012 _____ () C:\Users\W7\Documents\JRT.txt 2014-09-05 14:50 - 2014-09-05 14:50 - 00001012 _____ () C:\Users\W7\Desktop\JRT.txt 2014-09-05 14:46 - 2014-09-05 14:46 - 00000000 ____D () C:\Windows\ERUNT 2014-09-05 14:44 - 2014-09-05 14:45 - 01016261 _____ (Thisisu) C:\Users\W7\Downloads\JRT.exe 2014-09-05 14:34 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-05 14:33 - 2014-09-05 14:34 - 00000000 ____D () C:\AdwCleaner 2014-09-05 14:24 - 2014-09-05 14:25 - 01370483 _____ () C:\Users\W7\Downloads\adwcleaner_3.309.exe 2014-09-05 09:16 - 2014-09-05 14:58 - 00021180 _____ () C:\Users\W7\Downloads\FRST.txt 2014-09-05 09:16 - 2014-09-05 14:58 - 00000000 ____D () C:\FRST 2014-09-05 09:16 - 2014-09-05 09:16 - 00041207 _____ () C:\Users\W7\Downloads\Addition.txt 2014-09-05 09:13 - 2014-09-05 09:13 - 02104832 _____ (Farbar) C:\Users\W7\Downloads\FRST64.exe 2014-09-05 08:10 - 2014-09-05 08:13 - 35704992 _____ () C:\Users\W7\Downloads\GMX_Firefox_Setup.exe 2014-09-01 12:12 - 2014-09-05 14:36 - 00002352 _____ () C:\Windows\setupact.log 2014-09-01 12:12 - 2014-09-05 14:35 - 00008792 _____ () C:\Windows\PFRO.log 2014-09-01 12:12 - 2014-09-01 12:12 - 00000000 _____ () C:\Windows\setuperr.log 2014-08-29 21:20 - 2014-08-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerProducer 6 2014-08-29 21:20 - 2014-08-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 4 2014-08-29 21:19 - 2014-08-29 21:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13 2014-08-29 21:18 - 2014-08-29 21:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 11 2014-08-29 20:46 - 2014-08-29 20:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerBackup 2.6 2014-08-29 20:45 - 2014-08-29 20:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8 2014-08-29 19:48 - 2014-08-29 19:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaShow 6 2014-08-29 18:31 - 2014-09-05 14:34 - 00001089 _____ () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-08-29 18:17 - 2014-09-02 14:42 - 00000003 _____ () C:\Users\W7\AppData\Local\proxy.log 2014-08-29 18:09 - 2014-08-29 18:10 - 00577728 _____ (Firseria.-.Installer · sl) C:\Users\W7\Downloads\RocketDock.exe 2014-08-29 15:11 - 2014-08-29 15:11 - 00979928 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader(2).exe 2014-08-29 15:10 - 2014-08-29 15:10 - 00958992 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader(1).exe 2014-08-29 15:08 - 2014-08-29 15:08 - 00586216 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader.exe 2014-08-29 15:01 - 2014-08-29 15:04 - 24399248 _____ ( ) C:\Users\W7\Downloads\CyberLink.6.5.1718.38196__MEX110504-03.exe 2014-08-29 14:58 - 2014-08-29 15:10 - 139884968 _____ ( ) C:\Users\W7\Downloads\CyberLink.6.5.1229.33995__MEX101224-01.exe 2014-08-29 13:20 - 2014-08-29 13:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-08-28 16:35 - 2014-08-30 11:35 - 00000000 ____D () C:\Users\W7\Documents\CyberLink 2014-08-28 13:04 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 13:04 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 13:04 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-27 17:03 - 2014-08-27 17:03 - 00001337 _____ () C:\Users\W7\Desktop\PowerDVD13 - Verknüpfung.lnk 2014-08-27 17:02 - 2014-08-27 17:02 - 00001355 _____ () C:\Users\W7\Desktop\PowerBackup - Verknüpfung.lnk 2014-08-27 17:00 - 2014-08-28 17:50 - 00002126 _____ () C:\Users\W7\Desktop\CyberLink PowerDirector 11.lnk 2014-08-27 16:58 - 2014-08-27 16:58 - 00001409 _____ () C:\Users\W7\Desktop\PhotoDirector4 - Verknüpfung.lnk 2014-08-27 12:18 - 2014-08-27 12:18 - 00001423 _____ () C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk 2014-08-27 11:37 - 2014-08-27 11:37 - 00001088 _____ () C:\Users\Public\Desktop\CyberLink Power2Go 9.lnk 2014-08-27 11:37 - 2014-08-27 11:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9 2014-08-27 11:06 - 2014-08-27 11:06 - 00000000 ____D () C:\Users\W7\Cyberlink 2014-08-27 11:05 - 2014-08-30 11:37 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-08-27 10:23 - 2014-08-27 10:24 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDirector_Downloader(1).exe 2014-08-27 10:22 - 2014-08-27 16:59 - 00000000 ____D () C:\Users\Public\CyberLink 2014-08-27 09:37 - 2014-08-27 09:37 - 00000797 _____ () C:\Users\W7\Desktop\CyberLink_PowerDVD_Downloader(1).lnk 2014-08-27 01:00 - 2014-08-27 01:00 - 00000803 _____ () C:\Users\W7\Desktop\CyberLink_PowerProducer_Downloader.lnk 2014-08-26 21:45 - 2014-08-29 19:08 - 00000177 _____ () C:\ProgramData\Temp.log 2014-08-26 19:31 - 2014-08-26 21:12 - 516132442 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part4.rar 2014-08-26 17:00 - 2014-08-26 19:31 - 1048576000 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part3.rar 2014-08-26 16:31 - 2014-08-26 17:00 - 1048576000 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part2.rar 2014-08-26 10:17 - 2014-08-26 11:30 - 1048863800 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part1.exe 2014-08-25 18:04 - 2014-08-25 18:04 - 00000879 _____ () C:\Users\W7\Documents\MyBackup.PBJ 2014-08-22 19:30 - 2014-09-05 09:38 - 00000000 ____D () C:\Users\W7\Documents\ARADump 2014-08-19 12:20 - 2014-08-19 12:20 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go9 2014-08-19 12:13 - 2014-08-29 21:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2 2014-08-19 11:39 - 2014-08-19 11:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_CLVirtualBus01_01009.Wdf 2014-08-19 10:50 - 2014-08-19 10:50 - 01409896 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_Power2Go_Downloader.exe 2014-08-19 10:36 - 2014-08-19 10:36 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-08-19 10:26 - 2014-08-19 10:26 - 00002133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk 2014-08-19 10:26 - 2014-08-19 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor 2014-08-19 10:19 - 2014-08-19 11:35 - 373578968 _____ (Microsoft Corporation) C:\Users\W7\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe 2014-08-19 10:19 - 2014-08-19 10:31 - 39074536 _____ (Microsoft Corporation) C:\Users\W7\Downloads\FileFormatConverters.exe 2014-08-19 10:19 - 2014-08-19 10:24 - 08676128 _____ (Microsoft Corporation) C:\Users\W7\Downloads\Windows7UpgradeAdvisorSetup.exe 2014-08-19 09:42 - 2014-08-19 09:42 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDVD_Downloader(1).exe 2014-08-18 19:53 - 2014-08-18 19:53 - 00650840 _____ (ZDF ) C:\Users\W7\Downloads\setup.exe 2014-08-18 19:53 - 2014-08-18 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZDF 2014-08-18 19:53 - 2014-08-18 19:53 - 00000000 ____D () C:\Program Files\ZDF 2014-08-18 13:46 - 2014-08-28 12:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12 2014-08-18 13:01 - 2014-08-28 12:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 2014-08-18 12:45 - 2014-08-18 13:00 - 118742216 _____ () C:\Users\W7\Downloads\CLJ.v3618_45482_Spr_PTD130301-04.exe 2014-08-17 20:15 - 2014-08-17 20:16 - 18876296 _____ ( ) C:\Users\W7\Downloads\PowerBackup_140619_Patch_PBK140702-01.exe 2014-08-17 19:53 - 2014-08-27 11:20 - 00000803 _____ () C:\Users\W7\Desktop\CyberLink_PowerDirector_Downloader.lnk 2014-08-17 19:43 - 2014-08-17 19:50 - 98348128 _____ () C:\Users\W7\Downloads\PowerProducer_2923_GM6_Patch_PPD140502-01.exe 2014-08-17 19:32 - 2014-08-17 19:32 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerProducer_Downloader.exe 2014-08-17 11:56 - 2014-08-17 11:56 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go8 2014-08-17 11:54 - 2014-08-27 00:09 - 00001083 _____ () C:\Users\Public\Desktop\CyberLink Media Suite 11.lnk 2014-08-17 11:51 - 2014-08-18 14:17 - 00000000 ____D () C:\ProgramData\PDVD 2014-08-17 11:51 - 2014-08-17 11:51 - 00000000 ____D () C:\Users\W7\AppData\Local\MediaServer 2014-08-17 11:45 - 2011-12-26 21:37 - 00090608 _____ (CyberLink) C:\Windows\system32\Drivers\CLVirtualDrive.sys 2014-08-17 11:09 - 2014-08-26 22:18 - 00000246 _____ () C:\Windows\profile.ini 2014-08-17 10:28 - 2012-02-02 17:28 - 00377840 _____ (CyberLink Corporation.) C:\Windows\system32\Drivers\CLBUDF.sys 2014-08-17 10:28 - 2012-02-02 17:28 - 00024560 _____ (Cyberlink Co.,Ltd.) C:\Windows\system32\Drivers\CLBStor.sys 2014-08-16 02:31 - 2014-08-16 02:31 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2014-08-16 02:31 - 2014-08-16 02:31 - 00002195 _____ () C:\Users\Public\Desktop\WinZip.lnk 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\Users\W7\AppData\Local\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\ProgramData\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\Program Files\WinZip 2014-08-16 02:11 - 2014-08-16 02:29 - 58807808 _____ () C:\Users\W7\Downloads\wz185gev-64.msi 2014-08-15 13:43 - 2014-08-16 16:39 - 02689160 _____ (Microsoft Corporation) C:\Users\W7\Downloads\EIE11_DE-DE_MSN_WIN764L.EXE 2014-08-15 10:43 - 2014-08-15 10:43 - 00000000 ____D () C:\Users\W7\AppData\Local\Packages 2014-08-15 10:23 - 2014-08-15 10:23 - 00837376 _____ (CyberLink Corp. ) C:\Users\W7\Downloads\Power2Go_Patch(P2G131014-01).exe 2014-08-15 10:22 - 2014-08-15 10:31 - 125083048 _____ ( ) C:\Users\W7\Downloads\PowerDVD_v5509_RiTA10(NoCinema)_Patch_DVD130828-20.exe 2014-08-15 09:56 - 2014-08-15 09:56 - 00000000 __SHD () C:\Users\W7\AppData\Local\EmieUserList 2014-08-15 09:56 - 2014-08-15 09:56 - 00000000 __SHD () C:\Users\W7\AppData\Local\EmieSiteList 2014-08-14 14:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-14 14:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-14 14:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-14 14:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-14 14:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-14 14:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-14 14:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-14 14:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-14 12:59 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-14 12:59 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-14 12:59 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-14 12:59 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-14 12:59 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-14 12:59 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-14 12:59 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-14 12:59 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-14 12:59 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-14 12:59 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-14 12:59 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-14 12:59 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-14 12:59 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-14 12:59 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-14 12:59 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-14 12:59 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-14 12:59 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-14 12:59 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-14 12:59 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-14 12:59 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-14 12:59 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-14 12:59 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-14 12:59 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-14 12:59 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-14 12:59 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-14 12:59 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-14 12:59 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-14 12:59 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-14 12:59 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-14 12:59 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-14 12:59 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-14 12:59 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-14 12:59 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-14 12:59 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-14 12:59 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-14 12:59 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-14 12:59 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-14 12:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-14 12:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-14 12:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-14 12:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-14 12:59 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-14 12:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-14 12:59 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-14 12:59 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-14 12:59 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-14 12:59 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-14 12:59 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-14 12:59 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-14 12:59 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-14 12:59 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-14 12:59 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-14 12:59 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-14 12:59 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-14 12:59 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-14 12:58 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-14 12:58 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-14 12:58 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-14 12:58 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-14 12:58 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-14 12:58 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-14 12:58 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-14 12:58 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-14 12:58 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-14 12:58 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-14 12:58 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-14 12:58 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-14 12:58 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-14 12:58 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-14 12:58 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-14 12:58 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-14 12:58 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-14 12:58 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-14 12:58 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-14 12:58 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-14 12:58 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-14 12:55 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-14 12:55 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-14 12:55 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-14 12:55 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-14 08:20 - 2014-08-14 08:20 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go 2014-08-13 21:04 - 2014-08-14 17:32 - 00000000 ____D () C:\Users\W7\AppData\Roaming\Apple Computer 2014-08-13 21:04 - 2014-08-13 21:04 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-08-13 21:04 - 2014-08-13 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-13 21:04 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-08-13 21:03 - 2014-08-13 21:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-13 21:03 - 2014-08-13 21:04 - 00000000 ____D () C:\Program Files\iTunes 2014-08-13 21:03 - 2014-08-13 21:04 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\iPod 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\Bonjour 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-08-13 20:54 - 2014-08-13 21:04 - 00000000 ____D () C:\Users\W7\AppData\Local\Apple Computer 2014-08-13 20:54 - 2014-08-13 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-08-13 20:54 - 2014-08-13 20:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-08-13 18:00 - 2014-08-13 21:03 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-08-13 18:00 - 2014-08-13 21:03 - 00000000 ____D () C:\ProgramData\Apple 2014-08-13 18:00 - 2014-08-13 20:54 - 00001851 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-08-13 18:00 - 2014-08-13 18:00 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Users\W7\AppData\Local\Apple 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-08-13 17:58 - 2014-08-27 10:02 - 00000000 ____D () C:\Program Files\CyberLink 2014-08-13 16:53 - 2014-08-13 16:53 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDirector_Downloader.exe 2014-08-13 16:49 - 2014-08-29 17:02 - 00000000 _____ () C:\Windows\lgfwup.ini 2014-08-13 16:49 - 2001-08-29 21:00 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemdisp.tlb 2014-08-13 16:49 - 1998-07-22 00:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb6stkit.dll 2014-08-13 16:49 - 1998-07-22 00:00 - 00102160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6KO.DLL 2014-08-13 16:49 - 1998-06-24 00:00 - 00115016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX 2014-08-13 16:46 - 2014-08-29 16:24 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2014-08-13 16:42 - 2014-08-29 20:46 - 00000000 ____D () C:\Users\W7\AppData\Roaming\CyberLink 2014-08-13 16:42 - 2014-08-19 12:19 - 00000000 ____D () C:\Users\W7\AppData\Local\CyberLink 2014-08-13 16:41 - 2014-08-19 11:36 - 00000000 ____D () C:\ProgramData\install_clap 2014-08-13 16:40 - 2014-08-29 21:29 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2014-08-13 16:40 - 2014-08-29 20:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2014-08-13 16:40 - 2014-08-28 12:43 - 00001848 _____ () C:\Users\Public\Desktop\CyberLink BD Advisor.lnk 2014-08-13 16:40 - 2014-08-13 16:40 - 00000000 ____D () C:\ProgramData\CLSK 2014-08-13 16:36 - 2014-08-29 19:05 - 00000000 ____D () C:\ProgramData\CyberLink 2014-08-13 16:35 - 2014-08-29 15:36 - 00000000 ____D () C:\ProgramData\Temp ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-05 14:58 - 2014-09-05 09:16 - 00021180 _____ () C:\Users\W7\Downloads\FRST.txt 2014-09-05 14:58 - 2014-09-05 09:16 - 00000000 ____D () C:\FRST 2014-09-05 14:53 - 2014-09-05 14:53 - 00001012 _____ () C:\Users\W7\Documents\JRT.txt 2014-09-05 14:50 - 2014-09-05 14:50 - 00001012 _____ () C:\Users\W7\Desktop\JRT.txt 2014-09-05 14:46 - 2014-09-05 14:46 - 00000000 ____D () C:\Windows\ERUNT 2014-09-05 14:45 - 2014-09-05 14:44 - 01016261 _____ (Thisisu) C:\Users\W7\Downloads\JRT.exe 2014-09-05 14:44 - 2012-12-13 17:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-05 14:43 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-05 14:43 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-05 14:42 - 2011-04-12 09:43 - 00709900 _____ () C:\Windows\system32\perfh007.dat 2014-09-05 14:42 - 2011-04-12 09:43 - 00154336 _____ () C:\Windows\system32\perfc007.dat 2014-09-05 14:42 - 2009-07-14 07:13 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-05 14:39 - 2014-07-30 20:59 - 01954128 _____ () C:\Windows\WindowsUpdate.log 2014-09-05 14:36 - 2014-09-01 12:12 - 00002352 _____ () C:\Windows\setupact.log 2014-09-05 14:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-05 14:35 - 2014-09-01 12:12 - 00008792 _____ () C:\Windows\PFRO.log 2014-09-05 14:35 - 2012-12-13 17:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-05 14:34 - 2014-09-05 14:33 - 00000000 ____D () C:\AdwCleaner 2014-09-05 14:34 - 2014-08-29 18:31 - 00001089 _____ () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-09-05 14:25 - 2014-09-05 14:24 - 01370483 _____ () C:\Users\W7\Downloads\adwcleaner_3.309.exe 2014-09-05 09:38 - 2014-08-22 19:30 - 00000000 ____D () C:\Users\W7\Documents\ARADump 2014-09-05 09:16 - 2014-09-05 09:16 - 00041207 _____ () C:\Users\W7\Downloads\Addition.txt 2014-09-05 09:13 - 2014-09-05 09:13 - 02104832 _____ (Farbar) C:\Users\W7\Downloads\FRST64.exe 2014-09-05 08:18 - 2012-12-13 17:12 - 00001169 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-05 08:18 - 2012-12-13 17:12 - 00001157 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-05 08:17 - 2014-08-03 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-05 08:13 - 2014-09-05 08:10 - 35704992 _____ () C:\Users\W7\Downloads\GMX_Firefox_Setup.exe 2014-09-04 09:48 - 2012-12-14 15:08 - 00000072 _____ () C:\Users\Public\LMDebug.log 2014-09-02 14:42 - 2014-08-29 18:17 - 00000003 _____ () C:\Users\W7\AppData\Local\proxy.log 2014-09-01 12:12 - 2014-09-01 12:12 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-01 09:17 - 2012-12-20 19:26 - 00000000 ____D () C:\Users\W7\AppData\Local\Microsoft Help 2014-08-31 17:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-08-31 16:34 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-08-30 11:37 - 2014-08-27 11:05 - 00000000 ____D () C:\Users\Public\Documents\CyberLink 2014-08-30 11:35 - 2014-08-28 16:35 - 00000000 ____D () C:\Users\W7\Documents\CyberLink 2014-08-30 07:41 - 2009-07-14 06:45 - 00315576 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-29 21:29 - 2014-08-19 12:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2 2014-08-29 21:29 - 2014-08-13 16:40 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2014-08-29 21:20 - 2014-08-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerProducer 6 2014-08-29 21:20 - 2014-08-29 21:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 4 2014-08-29 21:20 - 2012-12-13 17:02 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-29 21:19 - 2014-08-29 21:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 13 2014-08-29 21:18 - 2014-08-29 21:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 11 2014-08-29 20:46 - 2014-08-29 20:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerBackup 2.6 2014-08-29 20:46 - 2014-08-13 16:42 - 00000000 ____D () C:\Users\W7\AppData\Roaming\CyberLink 2014-08-29 20:46 - 2014-08-13 16:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite 2014-08-29 20:45 - 2014-08-29 20:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8 2014-08-29 19:48 - 2014-08-29 19:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaShow 6 2014-08-29 19:08 - 2014-08-26 21:45 - 00000177 _____ () C:\ProgramData\Temp.log 2014-08-29 19:05 - 2014-08-13 16:36 - 00000000 ____D () C:\ProgramData\CyberLink 2014-08-29 18:10 - 2014-08-29 18:09 - 00577728 _____ (Firseria.-.Installer · sl) C:\Users\W7\Downloads\RocketDock.exe 2014-08-29 17:02 - 2014-08-13 16:49 - 00000000 _____ () C:\Windows\lgfwup.ini 2014-08-29 16:24 - 2014-08-13 16:46 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2014-08-29 16:24 - 2003-03-18 21:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2014-08-29 15:36 - 2014-08-13 16:35 - 00000000 ____D () C:\ProgramData\Temp 2014-08-29 15:11 - 2014-08-29 15:11 - 00979928 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader(2).exe 2014-08-29 15:10 - 2014-08-29 15:10 - 00958992 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader(1).exe 2014-08-29 15:10 - 2014-08-29 14:58 - 139884968 _____ ( ) C:\Users\W7\Downloads\CyberLink.6.5.1229.33995__MEX101224-01.exe 2014-08-29 15:08 - 2014-08-29 15:08 - 00586216 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_MediaEspresso_Downloader.exe 2014-08-29 15:04 - 2014-08-29 15:01 - 24399248 _____ ( ) C:\Users\W7\Downloads\CyberLink.6.5.1718.38196__MEX110504-03.exe 2014-08-29 13:20 - 2014-08-29 13:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-08-28 17:50 - 2014-08-27 17:00 - 00002126 _____ () C:\Users\W7\Desktop\CyberLink PowerDirector 11.lnk 2014-08-28 12:43 - 2014-08-18 13:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12 2014-08-28 12:43 - 2014-08-18 13:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 2014-08-28 12:43 - 2014-08-13 16:40 - 00001848 _____ () C:\Users\Public\Desktop\CyberLink BD Advisor.lnk 2014-08-27 17:03 - 2014-08-27 17:03 - 00001337 _____ () C:\Users\W7\Desktop\PowerDVD13 - Verknüpfung.lnk 2014-08-27 17:02 - 2014-08-27 17:02 - 00001355 _____ () C:\Users\W7\Desktop\PowerBackup - Verknüpfung.lnk 2014-08-27 16:59 - 2014-08-27 10:22 - 00000000 ____D () C:\Users\Public\CyberLink 2014-08-27 16:58 - 2014-08-27 16:58 - 00001409 _____ () C:\Users\W7\Desktop\PhotoDirector4 - Verknüpfung.lnk 2014-08-27 16:47 - 2014-08-03 16:18 - 00000320 _____ () C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job 2014-08-27 12:18 - 2014-08-27 12:18 - 00001423 _____ () C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk 2014-08-27 11:37 - 2014-08-27 11:37 - 00001088 _____ () C:\Users\Public\Desktop\CyberLink Power2Go 9.lnk 2014-08-27 11:37 - 2014-08-27 11:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9 2014-08-27 11:20 - 2014-08-17 19:53 - 00000803 _____ () C:\Users\W7\Desktop\CyberLink_PowerDirector_Downloader.lnk 2014-08-27 11:06 - 2014-08-27 11:06 - 00000000 ____D () C:\Users\W7\Cyberlink 2014-08-27 11:06 - 2012-12-13 16:58 - 00000000 ____D () C:\Users\W7 2014-08-27 10:24 - 2014-08-27 10:23 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDirector_Downloader(1).exe 2014-08-27 10:02 - 2014-08-13 17:58 - 00000000 ____D () C:\Program Files\CyberLink 2014-08-27 09:37 - 2014-08-27 09:37 - 00000797 _____ () C:\Users\W7\Desktop\CyberLink_PowerDVD_Downloader(1).lnk 2014-08-27 01:00 - 2014-08-27 01:00 - 00000803 _____ () C:\Users\W7\Desktop\CyberLink_PowerProducer_Downloader.lnk 2014-08-27 00:09 - 2014-08-17 11:54 - 00001083 _____ () C:\Users\Public\Desktop\CyberLink Media Suite 11.lnk 2014-08-26 22:18 - 2014-08-17 11:09 - 00000246 _____ () C:\Windows\profile.ini 2014-08-26 21:12 - 2014-08-26 19:31 - 516132442 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part4.rar 2014-08-26 19:31 - 2014-08-26 17:00 - 1048576000 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part3.rar 2014-08-26 17:00 - 2014-08-26 16:31 - 1048576000 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part2.rar 2014-08-26 11:30 - 2014-08-26 10:17 - 1048863800 ____N () C:\Users\W7\Downloads\CMS11_GM1_Ultimate_MES130418-04_TR130621-024.part1.exe 2014-08-25 18:04 - 2014-08-25 18:04 - 00000879 _____ () C:\Users\W7\Documents\MyBackup.PBJ 2014-08-23 04:07 - 2014-08-28 13:04 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 13:04 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 13:04 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-19 12:20 - 2014-08-19 12:20 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go9 2014-08-19 12:19 - 2014-08-13 16:42 - 00000000 ____D () C:\Users\W7\AppData\Local\CyberLink 2014-08-19 11:39 - 2014-08-19 11:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_CLVirtualBus01_01009.Wdf 2014-08-19 11:36 - 2014-08-13 16:41 - 00000000 ____D () C:\ProgramData\install_clap 2014-08-19 11:35 - 2014-08-19 10:19 - 373578968 _____ (Microsoft Corporation) C:\Users\W7\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe 2014-08-19 10:50 - 2014-08-19 10:50 - 01409896 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_Power2Go_Downloader.exe 2014-08-19 10:36 - 2014-08-19 10:36 - 00000000 ____D () C:\Program Files (x86)\MSECache 2014-08-19 10:31 - 2014-08-19 10:19 - 39074536 _____ (Microsoft Corporation) C:\Users\W7\Downloads\FileFormatConverters.exe 2014-08-19 10:26 - 2014-08-19 10:26 - 00002133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk 2014-08-19 10:26 - 2014-08-19 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor 2014-08-19 10:24 - 2014-08-19 10:19 - 08676128 _____ (Microsoft Corporation) C:\Users\W7\Downloads\Windows7UpgradeAdvisorSetup.exe 2014-08-19 09:42 - 2014-08-19 09:42 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDVD_Downloader(1).exe 2014-08-18 19:53 - 2014-08-18 19:53 - 00650840 _____ (ZDF ) C:\Users\W7\Downloads\setup.exe 2014-08-18 19:53 - 2014-08-18 19:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZDF 2014-08-18 19:53 - 2014-08-18 19:53 - 00000000 ____D () C:\Program Files\ZDF 2014-08-18 19:37 - 2012-12-21 18:34 - 00000689 _____ () C:\Users\W7\eve2.ini 2014-08-18 19:31 - 2012-12-13 17:20 - 00000000 ____D () C:\Users\W7\AppData\Roaming\vlc 2014-08-18 17:14 - 2012-12-13 17:18 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-18 17:14 - 2012-12-13 17:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-18 17:14 - 2012-12-13 17:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-18 14:17 - 2014-08-17 11:51 - 00000000 ____D () C:\ProgramData\PDVD 2014-08-18 13:00 - 2014-08-18 12:45 - 118742216 _____ () C:\Users\W7\Downloads\CLJ.v3618_45482_Spr_PTD130301-04.exe 2014-08-17 20:16 - 2014-08-17 20:15 - 18876296 _____ ( ) C:\Users\W7\Downloads\PowerBackup_140619_Patch_PBK140702-01.exe 2014-08-17 19:50 - 2014-08-17 19:43 - 98348128 _____ () C:\Users\W7\Downloads\PowerProducer_2923_GM6_Patch_PPD140502-01.exe 2014-08-17 19:32 - 2014-08-17 19:32 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerProducer_Downloader.exe 2014-08-17 18:57 - 2012-12-21 18:06 - 00000000 ____D () C:\Users\W7\AppData\Local\DoNotTrackPlus 2014-08-17 14:36 - 2012-12-21 18:34 - 00000000 ____D () C:\Users\W7\AppData\Roaming\NVIDIA 2014-08-17 11:56 - 2014-08-17 11:56 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go8 2014-08-17 11:51 - 2014-08-17 11:51 - 00000000 ____D () C:\Users\W7\AppData\Local\MediaServer 2014-08-17 09:23 - 2014-04-02 17:41 - 00002194 _____ () C:\Users\W7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2014-08-16 16:39 - 2014-08-15 13:43 - 02689160 _____ (Microsoft Corporation) C:\Users\W7\Downloads\EIE11_DE-DE_MSN_WIN764L.EXE 2014-08-16 12:54 - 2012-12-14 14:39 - 00003696 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm 2014-08-16 02:31 - 2014-08-16 02:31 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2014-08-16 02:31 - 2014-08-16 02:31 - 00002195 _____ () C:\Users\Public\Desktop\WinZip.lnk 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\Users\W7\AppData\Local\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\ProgramData\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 2014-08-16 02:31 - 2014-08-16 02:31 - 00000000 ____D () C:\Program Files\WinZip 2014-08-16 02:29 - 2014-08-16 02:11 - 58807808 _____ () C:\Users\W7\Downloads\wz185gev-64.msi 2014-08-16 01:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-15 10:43 - 2014-08-15 10:43 - 00000000 ____D () C:\Users\W7\AppData\Local\Packages 2014-08-15 10:42 - 2003-02-21 05:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2014-08-15 10:31 - 2014-08-15 10:22 - 125083048 _____ ( ) C:\Users\W7\Downloads\PowerDVD_v5509_RiTA10(NoCinema)_Patch_DVD130828-20.exe 2014-08-15 10:23 - 2014-08-15 10:23 - 00837376 _____ (CyberLink Corp. ) C:\Users\W7\Downloads\Power2Go_Patch(P2G131014-01).exe 2014-08-15 09:56 - 2014-08-15 09:56 - 00000000 __SHD () C:\Users\W7\AppData\Local\EmieUserList 2014-08-15 09:56 - 2014-08-15 09:56 - 00000000 __SHD () C:\Users\W7\AppData\Local\EmieSiteList 2014-08-15 09:15 - 2012-12-20 15:40 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-08-14 17:32 - 2014-08-13 21:04 - 00000000 ____D () C:\Users\W7\AppData\Roaming\Apple Computer 2014-08-14 14:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-14 14:13 - 2012-12-20 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-14 14:08 - 2013-07-29 23:20 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-14 14:07 - 2012-12-14 14:23 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-14 14:04 - 2014-05-06 19:51 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-14 08:20 - 2014-08-14 08:20 - 00000000 ____D () C:\Users\W7\AppData\Local\Power2Go 2014-08-13 21:04 - 2014-08-13 21:04 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-08-13 21:04 - 2014-08-13 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-13 21:04 - 2014-08-13 21:03 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-13 21:04 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\iTunes 2014-08-13 21:04 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-08-13 21:04 - 2014-08-13 20:54 - 00000000 ____D () C:\Users\W7\AppData\Local\Apple Computer 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\iPod 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files\Bonjour 2014-08-13 21:03 - 2014-08-13 21:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-08-13 21:03 - 2014-08-13 18:00 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-08-13 21:03 - 2014-08-13 18:00 - 00000000 ____D () C:\ProgramData\Apple 2014-08-13 20:54 - 2014-08-13 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-08-13 20:54 - 2014-08-13 20:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-08-13 20:54 - 2014-08-13 18:00 - 00001851 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-08-13 18:00 - 2014-08-13 18:00 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Users\W7\AppData\Local\Apple 2014-08-13 18:00 - 2014-08-13 18:00 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-08-13 16:53 - 2014-08-13 16:53 - 01029080 _____ (CyberLink) C:\Users\W7\Downloads\CyberLink_PowerDirector_Downloader.exe 2014-08-13 16:51 - 2012-12-13 17:44 - 00073304 _____ () C:\Users\W7\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-13 16:40 - 2014-08-13 16:40 - 00000000 ____D () C:\ProgramData\CLSK 2014-08-08 13:41 - 2013-10-29 12:47 - 00001076 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-08-07 04:06 - 2014-08-14 12:55 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-14 12:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Some content of TEMP: ==================== C:\Users\W7\AppData\Local\Temp\avgnt.exe C:\Users\W7\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-28 10:15 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02 Ran by W7 at 2014-09-05 14:59:00 Running from C:\Users\W7\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon) Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: - Avira) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: - Apple Inc.) Avira System Speedup (HKLM-x32\...\AviraSpeedup) (Version: - Avira System Speedup) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: - Apple Inc.) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Conflict Desert Storm II (HKLM-x32\...\{08F0DDCB-05C1-4A0E-B9E7-9EE077A2EDAD}) (Version: - ) CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.5425 - CyberLink Corp.) CyberLink Holiday Magic Style Pack 2 (x32 Version: 2.0 - CyberLink Corp.) Hidden CyberLink LabelPrint 2.5 (x32 Version: - CyberLink Corp.) Hidden CyberLink Media Suite 10 (x32 Version: 10.2021 - CyberLink Corp.) Hidden CyberLink Media Suite 11 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3019_44673 - CyberLink Corp.) Hidden CyberLink MediaShow 6 (HKLM-x32\...\InstallShield_{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}) (Version: 6.0.5225 - CyberLink Corp.) CyberLink MediaShow 6 (x32 Version: 6.0.5225 - CyberLink Corp.) Hidden CyberLink PhotoDirector 4 (HKLM-x32\...\InstallShield_{44510C84-AE2A-4079-A75B-D44E68D73B9A}) (Version: 4.0.4211.0 - CyberLink Corp.) CyberLink PhotoDirector 4 (x32 Version: 4.0.4211.0 - CyberLink Corp.) Hidden CyberLink Power2Go 7 (x32 Version: - CyberLink Corp.) Hidden CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: - CyberLink Corp.) CyberLink Power2Go 8 (x32 Version: - CyberLink Corp.) Hidden CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.1827.0 - CyberLink Corp.) CyberLink Power2Go 9 (x32 Version: 9.0.1827.0 - CyberLink Corp.) Hidden CyberLink PowerBackup 2.6 (x32 Version: 2.6.1324b - CyberLink Corp.) Hidden CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: - CyberLink Corp.) CyberLink PowerDirector 11 (x32 Version: - CyberLink Corp.) Hidden CyberLink PowerDVD 10 (x32 Version: 10.0.4125.52 - CyberLink Corp.) Hidden CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3018.57 - CyberLink Corp.) CyberLink PowerDVD 13 (x32 Version: 13.0.3018.57 - CyberLink Corp.) Hidden CyberLink PowerDVD Copy 1.5 (x32 Version: - CyberLink Corp.) Hidden CyberLink PowerProducer 5.5 (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - CyberLink Corp.) CyberLink PowerProducer 5.5 (x32 Version: - CyberLink Corp.) Hidden CyberLink PowerProducer 6 (HKLM-x32\...\InstallShield_{D7EACFE3-BC6A-48bb-B28C-4DBF318225E3}) (Version: 6.0.1820.0 - CyberLink Corp.) CyberLink PowerProducer 6 (x32 Version: 6.0.1820.0 - CyberLink Corp.) Hidden CyberLink Romance Pack v3 2 (HKLM-x32\...\InstallShield_{D66DE2CC-64DF-402D-B270-33F2A6C67F0C}) (Version: 2.0 - CyberLink Corp.) CyberLink Romance Pack v3 2 (x32 Version: 2.0 - CyberLink Corp.) Hidden CyberLink Travel Pack (x32 Version: 1.0 - CyberLink Corp.) Hidden CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: - CyberLink Corp.) CyberLink WaveEditor 2 (x32 Version: - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Desert Storm (HKLM-x32\...\{9FB2CE8C-E86C-4368-B3C9-F472898F926E}) (Version: - ) DIE SIEDLER - Aufstieg eines Königreichs (Alle Produkte) (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft) DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM-x32\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte) Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft) DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version: - CM&V) Eve v2 (HKLM-x32\...\InstallShield_{5BD4122B-DF26-4FED-9BC6-D1B355BB6804}) (Version: - MainConcept AG) Eve v2 (x32 Version: - MainConcept AG) Hidden Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: - Google) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: - Apple Inc.) Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle) Java SE Development Kit 7 Update 10 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170100}) (Version: - Oracle) Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: - MainConcept GmbH) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Corporation (Version: - Microsoft Corporation) Hidden Microsoft Corporation (x32 Version: - Microsoft Corporation) Hidden Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation) NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: - Samsung Electronics Co., Ltd.) SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden SmootherWeb (HKCU Version: 1.0 - SmootherWeb LLC) Hidden Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.010 - MSI) SuperEasy Driver Updater v.1.1.1 (HKLM-x32\...\{039BC111-D60F-A6FF-85F4-7992EA886B8D}_is1) (Version: 1.1.1 - SuperEasy Software GmbH & Co. KG) TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: - UBISOFT) Um die Welt in 80 Tagen 1.0 (HKLM-x32\...\Um die Welt in 80 Tagen_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation) Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.123 - MSI) WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. ) Yahoo Community Smartbar Engine (HKCU\...\{1a4575d3-b88a-4d28-91bd-10715d53b2cc}) (Version: - Linkury Inc.) <==== ATTENTION ZDFmediathek Version 2.1.6 (HKLM\...\ZDFmediathek_is1) (Version: - ZDF) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3702731666-1061839965-1659386759-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\W7\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 31-08-2014 11:05:42 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {295D3285-F7B2-47A8-BC9E-B95F64F2D582} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {3DCED7C5-B1E4-4C07-B664-3C74CB3342FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-18] (Adobe Systems Incorporated) Task: {533B99EB-D2C6-48FF-B618-14AC797B2E8C} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software) Task: {9B506FF9-4773-4F17-9B9D-539E3755C60F} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe [2013-11-01] (SuperEasy Software) Task: {B124F2EE-2A70-4D3B-A3F2-E294552A08B0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {B9257D40-B418-40A0-9233-80353834180B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {D60F9982-5E07-45FB-A18E-3DD57187FC3A} - System32\Tasks\{2A671375-9947-42AA-8731-257B24A36542} => C:\Program Files (x86)\DVBViewer TE2\DVBViewerTE.exe [2012-12-20] (CM&V Hackbart) Task: {EA8B09B8-B29E-417C-A245-C4ECF568FAD4} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [2014-05-15] (Avira) Task: {F19E57F6-51EC-47E1-B51D-6CC7492D2C17} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3702731666-1061839965-1659386759-1000 Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe ==================== Loaded Modules (whitelisted) ============= 2012-12-20 16:19 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-08-03 17:05 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll 2011-06-21 08:42 - 2011-06-21 08:42 - 00034304 _____ () C:\Windows\System32\sst3cl6.dll 2014-08-13 18:01 - 2012-08-08 21:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2014-08-29 20:45 - 2013-05-28 14:33 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll 2014-08-29 20:45 - 2013-03-06 05:04 - 01353688 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\DEU\P2GRC.dll 2014-08-29 20:45 - 2013-05-28 14:33 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-03-09 14:21 - 2011-03-09 14:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2014-08-29 20:45 - 2013-03-05 05:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-05 11:41 - 2013-03-05 11:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2014-08-29 21:18 - 2011-08-24 04:39 - 00081920 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\koan\_ctypes.pyd 2014-08-29 21:18 - 2011-08-24 04:39 - 00053248 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_socket.pyd 2014-08-29 21:18 - 2011-08-24 04:39 - 00655360 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_ssl.pyd 2014-08-29 21:18 - 2013-06-18 05:51 - 00043272 _____ () C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll 2013-05-20 11:02 - 2013-05-20 11:02 - 00016856 _____ () D:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvcPS.dll 2014-08-29 19:08 - 2013-02-27 16:09 - 33747928 _____ () D:\Program Files (x86)\CyberLink\InstantBurn\Win2K\res.dll 2014-08-03 17:11 - 2013-05-09 04:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-08-03 16:00 - 2014-08-26 10:14 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ==================== Faulty Device Manager Devices ============= Name: Microsoft PS/2-Maus Description: Microsoft PS/2-Maus Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Standardtastatur (PS/2) Description: Standardtastatur (PS/2) Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardtastaturen) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-09-05 14:35:59.911 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-05 14:35:59.864 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-05 07:38:25.036 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-05 07:38:24.989 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 15:27:46.677 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 15:27:46.630 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 12:08:17.020 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 12:08:16.974 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 09:41:31.662 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-04 09:41:31.615 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\SkyNetVirtualNetwork_AMD64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Percentage of memory in use: 25% Total physical RAM: 8154.04 MB Available physical RAM: 6103.22 MB Total Pagefile: 16306.27 MB Available Pagefile: 14015.54 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (Volume) (Fixed) (Total:119.24 GB) (Free:44.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (System) (Fixed) (Total:921.75 GB) (Free:797.82 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: ACE505B3) Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 16900433) Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27) Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
![]() | #7 | |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() windows version installerZitat:
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #8 |
| ![]() windows version installer Der Pfad C:\Program Data\CLSK sagt mir überhaupt nichts. Bitte, was steckt dahinter, damit ich nicht noch einmal etwas Falsches installiere. Oder hat das was mit CyberLink Programmen zu tun? Für Deine Hilfe meinen herzlichen Dank. ich hoffe jetzt ist alles beseitigt. |
![]() | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() windows version installer Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter cmd: dir /s /a C:\ProgramData\CLSK Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #10 |
| ![]() windows version installerCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02 Ran by W7 at 2014-09-05 16:55:56 Run:1 Running from C:\Users\W7\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** cmd: dir /s /a C:\ProgramData\CLSK ***************** ========= dir /s /a C:\ProgramData\CLSK ========= Datentr�ger in Laufwerk C: ist Volume Volumeseriennummer: C2E0-5E16 Verzeichnis von C:\ProgramData\CLSK 13.08.2014 16:40 <DIR> . 13.08.2014 16:40 <DIR> .. 29.08.2014 21:29 3.148 {8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}.ini 1 Datei(en), 3.148 Bytes Anzahl der angezeigten Dateien: 1 Datei(en), 3.148 Bytes 2 Verzeichnis(se), Bytes frei ========= End of CMD: ========= ==== End of Fixlog ==== |
![]() | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() windows version installer Ist ein fast leeres Verzeichnis, kann im Prinzip weg. Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte ![]()
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #12 |
| ![]() windows version installer 4 Malware entfernt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 06.09.2014 Scan Time: 11:38:11 Logfile: Protokoll Malware.txt Administrator: Yes Version: Malware Database: v2014.09.06.01 Rootkit Database: v2014.08.21.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: W7 Scan Type: Threat Scan Result: Completed Objects Scanned: 356114 Time Elapsed: 5 min, 27 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.SafetySearch.A, HKLM\SOFTWARE\WOW6432NODE\SafetySearch, Quarantined, [a1c828c2c1ba5adc89c75d9fe12138c8], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 3 PUP.Optional.Firseria, C:\Users\W7\Downloads\RocketDock.exe, Quarantined, [e782509abdbe290d62bd4bcc53b22ad6], PUP.Optional.SnapDo.A, C:\Windows\Installer\3c34b8.msi, Quarantined, [5f0a0edccbb04aec9a73eda54db4e41c], PUP.Optional.Proxy.A, C:\Users\W7\AppData\Local\proxy.log, Quarantined, [40292bbfed8eb68095d2a95061a14cb4], Physical Sectors: 0 (No malicious items detected) (end) win32 istdoch eigentlich orginal installiert? ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe= # OnlineScanner.ocx= # api_version=3.0.2 # EOSSerial=88a19324df174141b31b38b3c648b50a # engine=20028 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-09-06 12:19:50 # local_time=2014-09-06 02:19:50 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 36486273 161635840 0 0 # scanned=296137 # found=40 # cleaned=0 # scan_time=6212 sh=B769E896816BCCCA909BA712A993DE15021ED20A ft=1 fh=30d2e17a95811690 vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe" sh=AA07CD90588C25680369957F8F529608655E0237 ft=1 fh=23897b766e0640f0 vn="Variante von Win32/InstallCore.PO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Local\Temp\ICReinstall_nsbF6D.tmp" sh=424B2DE42EA9A1F61BD5A1A91411868AFE92AB75 ft=1 fh=c1a87d50ed4b62a3 vn="Variante von Win32/InstallCore.PZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Local\Temp\ICReinstall_nsqF8A2.tmp" sh=AA07CD90588C25680369957F8F529608655E0237 ft=1 fh=23897b766e0640f0 vn="Variante von Win32/InstallCore.PO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Local\Temp\nsbF6D.tmp" sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_26.dll" sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_27.dll" sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_28.dll" sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_29.dll" sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_30.dll" sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_31.dll" sh=84646799913CD4405311AD3FDA71846DD23F2BB9 ft=1 fh=d6bab377f18d1027 vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\Downloads\supereasy_driver_updater_1.1.1_8159.exe" sh=8D75501F0F174E76E545758CE9ED21BA0E00FC86 ft=1 fh=44abec81575eb1dc vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\Downloads\supereasy_driver_updater_1.1.1_sm.exe" sh=8897369209BC58C470D772DE87987B5BFB2589E2 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\W7\Downloads\wz185gev-64.msi" sh=8897369209BC58C470D772DE87987B5BFB2589E2 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\3b4ed31.msi" sh=DD8D791EF618CF7E811163BD85712B508835F16B ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\3c34be.msi" sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\sppsm.dll.vir" sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\spusm.dll.vir" sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srbu.dll.vir" sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srptc.dll.vir" sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\LPT\sppsm.dll.vir" sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\LPT\spusm.dll.vir" sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\LPT\srbu.dll.vir" sh=FFB6DEEA914EDB830A2065A83CC43B06952DCDFB ft=1 fh=bbcfb579c6e9abfa vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\LPT\srptc.dll.vir" sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir" sh=78D9E0411C1526954C2CBE6323DEEB2785DDEE4A ft=1 fh=fdb7dcf1b7f59c67 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir" sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir" sh=1FF9AF16D449C2BFB1EF1E7FA06BCDAA583F30A3 ft=1 fh=149a39831ca470ca vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir" sh=911497C3842999564F201A892883380B0DDC0F6D ft=1 fh=6071f30fc8aea719 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\spbl.dll.vir" sh=0A97E76D470BDF2FEC3210A9481458F73FA11FC5 ft=1 fh=0a1e00ceb507ee08 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\sppsm.dll.vir" sh=5203FC48184140370D77A233D2B87E38789D1FAE ft=1 fh=4a7e921095e7b713 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\spusm.dll.vir" sh=BDA09511E34B5B402029090624B8C16B2740EFBB ft=1 fh=4cddddbd6f60add9 vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\srbu.dll.vir" sh=C017F422723F95B2F7A57B0EAED2615F60C0A233 ft=1 fh=0d7aa04b8ca04d08 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir" sh=00E358003E82516A33E3D834CDA66362E1CE113D ft=1 fh=bed6c6187d6e6527 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir" sh=3A3E33010480F28C82F13F9B82A8A8250A4E24C9 ft=1 fh=dac6c464e5f8caf3 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir" sh=E924ACC7D0ADA5E9DCD9BF470F43C111DA7DCAC0 ft=1 fh=f7ce5c0d4777c675 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir" sh=3104A4AF7EE939C3A72311EEFC655D9E90C84E6D ft=1 fh=20179e17001b2b68 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir" sh=4BEC847ED8A9161B730C7FC3CE8BF88B459AFC26 ft=1 fh=64a2134b5fbfb573 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll.vir" sh=188BCFB0653F0BBCE88A1E22BC3CC8FD0C433134 ft=1 fh=96d9225e06f9ddbf vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_31.dll.vir" sh=4515264B3B1C7731C5D9F747D09D161306FAC905 ft=1 fh=b69ff78d4cad6f36 vn="Variante von Win32/VOPackage.V evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Roaming\VOPackage\runasu.exe.vir" sh=BBA2790DAE645624C5F78D83F7F039F17AC9E062 ft=1 fh=b685378ed350a7f0 vn="Variante von Win32/VOPackage.W evtl. unerwünschte Anwendung" ac=I fn="D:\AdwCleaner\Quarantine\C\Users\W7\AppData\Roaming\VOPackage\VOsrv.exe.vir" Eset Online Scanner V3 habe ich noch nicht entfernt, weil ich noch warte, welchen Ratschlag Du mir zu den win32 und MISL - evtl. unerwünschte Anwendung gibst. Sollen diese im Eset Online Scanner deinstalliert werden oder bleiben oder mit dem Eset Online Scanner V3 entfernt werden? Danke Wallaby |
![]() | #13 | |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() windows version installerZitat:
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_26.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_27.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_28.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_29.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_30.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_31.dll C:\Users\W7\Downloads\supereasy_driver_updater_1.1.1_8159.exe C:\Users\W7\Downloads\supereasy_driver_updater_1.1.1_sm.exe C:\Users\W7\Downloads\wz185gev-64.msi C:\Windows\Installer\3b4ed31.msi C:\Windows\Installer\3c34be.msi Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #14 |
| ![]() windows version installerCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02 Ran by W7 at 2014-09-06 20:12:29 Run:2 Running from C:\Users\W7\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_26.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_27.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_28.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_29.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_30.dll C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_31.dll C:\Users\W7\Downloads\supereasy_driver_updater_1.1.1_8159.exe C:\Users\W7\Downloads\supereasy_driver_updater_1.1.1_sm.exe C:\Users\W7\Downloads\wz185gev-64.msi C:\Windows\Installer\3b4ed31.msi C:\Windows\Installer\3c34be.msi ***************** C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_26.dll => Moved successfully. C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_27.dll => Moved successfully. C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_28.dll => Moved successfully. C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_29.dll => Moved successfully. C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_30.dll => Moved successfully. C:\Users\W7\AppData\Roaming\Mozilla\Firefox\Profiles\mx65e4l8.default\extensions\{0e46de61-0fff-800a-e5ea-90751eaa937a}\components\SmartbarFireFoxRemotePlugin_31.dll => Moved successfully. C:\Users\W7\Downloads\supereasy_driver_updater_1.1.1_8159.exe => Moved successfully. C:\Users\W7\Downloads\supereasy_driver_updater_1.1.1_sm.exe => Moved successfully. C:\Users\W7\Downloads\wz185gev-64.msi => Moved successfully. C:\Windows\Installer\3b4ed31.msi => Moved successfully. C:\Windows\Installer\3c34be.msi => Moved successfully. ==== End of Fixlog ==== |
![]() | #15 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() windows version installer TFC - Temp File Cleaner Lade dir ![]()
Sieht soweit ok aus ![]() Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() |