| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC sehr langsam, Programm lässt sich nicht deinstallieren.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
21.02.2015, 17:13
| #1 |
 |  PC sehr langsam, Programm lässt sich nicht deinstallieren. Hallo und guten Abend.... Mein PC reagiert sehr langsam, bzw. öffnet mir teilweise die Fenster nicht. Bitte entschuldigt vorab meine "patscherte" Ausdrucksweise, versuche dennoch das Problem so gut wie es mir möglich ist zu beschreiben. Windows Edition: Windows 7 Home Premium 64 Bit Betriebssystem Habe unter Programme diesen WebAssistant von Incredibar entdeckt und wollte dieses deinstallieren. Lässt es nicht zu... Name: Web Assistant 2.0.0.485 Herausgeber: IncrediBar Es kommt dann folgende Fehlermeldung: File "C:\Program Files\Web Assistant\unins000.dat" does not exist. Cannot uninstall. Bin der Hoffnung, wenn das deinstalliert ist, das mein PC vielleicht dann wieder schneller mit mir arbeitet.... Momentan läuft er Gefahr - auf Grund seiner Trägheit aus dem Fenster zu fliegen....  Lg. Melanie |
|
21.02.2015, 17:41
| #2 |
| /// the machine /// TB-Ausbilder    |  PC sehr langsam, Programm lässt sich nicht deinstallieren. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
21.02.2015, 18:49
| #3 | ||
| | PC sehr langsam, Programm lässt sich nicht deinstallieren.Zitat:
Ran by Mealnie Eisel (administrator) on MELANIEEISEL-HP on 21-02-2015 17:58:16 Running from C:\Users\Mealnie Eisel\Downloads Loaded Profiles: Mealnie Eisel (Available profiles: Mealnie Eisel) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe (Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2007592 2014-11-27] (Trend Micro Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [A1Webassistent] => C:\Program Files (x86)\A1\A1 Webassistent\A1Webassistent.exe /auto HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-04] (Advanced Micro Devices, Inc.) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {2ba5caa5-8189-11e2-81c0-3cd92b58676f} - I:\NokiaPCIA_Autorun.exe HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {9a8fbf65-8dba-11e3-bd0d-3cd92b58676f} - G:\iLinker.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = webssearches HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = webssearches HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms} HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = webssearches HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013 URLSearchHook: HKLM-x32 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms} SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms} SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms} SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013 SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.doko-search.com/?q={searchTerms}&affID=119776&tt=070313_9105&babsrc=SP_ss_mib2&mntrId=e4c07025000000000000e0469aa51a07 SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll () BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.) BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.) BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll () BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.) BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.) Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM-x32 - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.) Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.) Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.) Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.) Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.) Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - No File ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-20] (EasyBits Software Corp.) ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe webssearches FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll No File FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml FF Extension: General Crawler - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-05-28] FF Extension: |$EXTENSION_NAME$| - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-04-02] FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox FF Extension: No Name - C:\Program Files\Web Assistant\Firefox [2012-05-22] FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-22] FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-03] FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-25] FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Firefox\Profiles\o5mrdlun.default\extensions\quick_start@gmail.com FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-02-03] FF HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: Default -> hxxp://www.google.at/ CHR StartupUrls: Default -> "https://www.google.at/", "hxxp://www.facebook.com/", "hxxp://user.webnode.com/servers/auth/?is_logged=1&domain=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Flogin%2F&project_id=9657061&refurl=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Fadmin%2F" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google :inputType}{google:cursorPosition}{google:currentPageUrl}{google  ageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}s ugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03] CHR Extension: (Google Docs) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08] CHR Extension: (Google Drive) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08] CHR Extension: (Speedial) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2013-10-24] CHR Extension: (TV) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-04] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05] CHR Extension: (YouTube) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10] CHR Extension: (iWebar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2013-12-16] CHR Extension: (Google Search) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10] CHR Extension: (General Crawler) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2012-11-10] CHR Extension: (Google Sheets) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03] CHR Extension: (SweetIM for Facebook) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-01-06] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-09-08] CHR Extension: (New tab for Chrome™) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-11-10] CHR Extension: (wxDownload) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbajjgcocbjldbjjkbjpialgnmkfbobp [2013-09-08] CHR Extension: (entrusted) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk [2013-07-25] CHR Extension: (BitAccelerator) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl [2013-09-08] CHR Extension: (Google Wallet) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03] CHR Extension: (Trend Micro Toolbar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-02-03] CHR Extension: (Gmail) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09] CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\MEALNI~1\AppData\Local\newhb2.crx [2013-10-24] CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17] CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Mealnie Eisel\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-26] CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Mealnie Eisel\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-05-28] CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-08-22] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-07-03] CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-24] CHR HKLM-x32\...\Chrome\Extension: [kbajjgcocbjldbjjkbjpialgnmkfbobp] - C:\ProgramData\wxDownload\kbajjgcocbjldbjjkbjpialgnmkfbobp.crx [2012-10-31] CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17] CHR HKLM-x32\...\Chrome\Extension: [kngjfmklipimnkegmcilmbhchklgjgfl] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl.crx [2012-10-30] CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [mkcaingkodcbhcaaaeopicigkejmgknj] - C:\ProgramData\ADDICT-THING\mkcaingkodcbhcaaaeopicigkejmgknj.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-05-30] () [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc) R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [325656 2014-11-27] (Trend Micro Inc.) R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2011-10-21] (Solid Documents, LLC) [File not signed] S2 WebOptimizer; C:\Windows\system32\dmwu.exe [436344 2012-08-16] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed] R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] () R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2014-11-27] (Trend Micro Inc.) S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.) R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.) R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.) R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.) R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.) R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.) R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-21 17:58 - 2015-02-21 18:00 - 00038544 _____ () C:\Users\Mealnie Eisel\Downloads\FRST.txt 2015-02-21 17:57 - 2015-02-21 17:58 - 00000000 ___DC () C:\FRST 2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64.exe 2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64 (1).exe 2015-02-21 17:19 - 2015-02-21 17:34 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Musik Mimi 2015 2015-02-21 14:05 - 2015-02-21 14:05 - 00003370 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000 2015-02-21 14:05 - 2015-02-21 14:05 - 00003252 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000 2015-02-20 23:00 - 2015-02-20 23:00 - 00023011 _____ () C:\Users\Mealnie Eisel\Downloads\GermanTOP100SingleCharts02022015-NoGroup - ThePirateBay.TO.torrent 2015-02-20 21:46 - 2015-02-20 21:46 - 00000000 __SHD () C:\Users\Mealnie Eisel\AppData\Local\EmieBrowserModeList 2015-02-20 18:50 - 2015-02-20 18:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf 2015-02-20 18:48 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys 2015-02-20 18:48 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2015-02-20 18:47 - 2015-02-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie 2015-02-20 18:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll 2015-02-20 18:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys 2015-02-20 17:23 - 2015-02-20 17:23 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\NETGEAR 2015-02-19 19:16 - 2015-02-19 19:25 - 00007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg 2015-02-19 10:32 - 2015-02-19 23:13 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Tagesordner 2015-02-14 22:02 - 2015-02-14 22:02 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\{802CCBBE-BF78-4BCE-94FA-9BBB6141099B} 2015-02-13 13:39 - 2015-02-13 13:39 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Passwörter 2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BEWERBUNGEN 2015-02-12 22:16 - 2015-02-12 22:16 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\VERKAUF - BESTELLUNGEN 2015-02-12 22:13 - 2015-02-21 17:38 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Outlook-Dateien 2015-02-12 22:12 - 2015-02-12 22:27 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\ANTRÄGE - Verträge 2015-02-12 22:11 - 2015-02-12 22:31 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\DOKUMENTE Urkunden 2015-02-12 22:03 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FRANZ 2015-02-12 21:59 - 2015-02-12 22:01 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kündigung Verträge 2015-02-12 21:54 - 2015-02-12 22:30 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\OPA Wilfling 2015-02-12 21:54 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kredite - Finanzierungen 2015-02-12 21:53 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Unterschriften 2015-02-12 13:05 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-12 13:05 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-12 13:05 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-12 13:05 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-11 11:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 11:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 11:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 11:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 11:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 11:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 11:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 11:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 11:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 11:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 11:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 11:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 11:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-11 11:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 11:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 11:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 11:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 11:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-11 11:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 11:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 11:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 11:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 11:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-11 11:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-11 11:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 11:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 11:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 11:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 11:19 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 11:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 11:19 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 11:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-11 11:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-11 11:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 11:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 11:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 11:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 11:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-11 11:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 11:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 11:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 11:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 11:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 11:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 11:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 11:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 11:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 11:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 11:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 11:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 11:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 11:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 11:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-11 11:10 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 11:10 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 11:10 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 11:10 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 11:10 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 11:10 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 11:10 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 11:10 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 11:10 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-11 11:10 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-11 11:10 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-11 11:10 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 11:10 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-11 11:10 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 11:10 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 11:08 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 11:08 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-11 11:08 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-11 11:08 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-11 11:08 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-02-11 11:08 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-02-11 11:07 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 11:07 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 11:07 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-11 11:07 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-11 11:07 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-11 11:06 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 11:06 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 11:04 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 11:04 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-11 11:04 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-11 11:04 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-11 11:04 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 11:04 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 11:04 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-11 10:55 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-10 22:35 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Meldezettel 2015-02-10 20:02 - 2015-02-10 20:02 - 00000089 _____ () C:\Users\Mealnie Eisel\Desktop\Index C-D.url 2015-02-03 07:36 - 2015-02-03 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Password Manager 2015-02-03 07:26 - 2015-02-03 07:27 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe 2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 ____C (Trend Micro Inc.) C:\kbfilter.sys 2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\kbfilter.sys 2015-02-03 07:23 - 2014-11-27 11:03 - 00007799 ____C () C:\kbfilter.cat 2015-02-03 07:23 - 2014-11-27 11:03 - 00000098 ____C () C:\install.bat 2015-02-03 07:23 - 2014-11-27 11:03 - 00000081 ____C () C:\uninstall.bat 2015-02-03 07:06 - 2015-02-03 07:06 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\Trend Micro 2015-02-03 07:05 - 2015-02-03 07:05 - 00000000 __HDC () C:\TMRescueDisk 2015-02-03 07:04 - 2015-02-03 07:36 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2015-02-03 07:03 - 2015-02-03 07:03 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security 2015-02-03 07:01 - 2014-07-14 08:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys 2015-02-03 07:01 - 2014-07-14 08:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys 2015-02-03 07:01 - 2014-07-14 08:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys 2015-02-03 07:01 - 2014-07-09 17:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys 2015-02-03 07:01 - 2014-07-09 17:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys 2015-02-03 07:00 - 2014-07-09 17:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys 2015-02-03 07:00 - 2014-06-30 12:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys 2015-02-03 06:57 - 2015-02-03 06:57 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat 2015-02-03 06:55 - 2015-02-20 18:38 - 00000000 ____D () C:\ProgramData\Trend Micro 2015-02-03 06:55 - 2015-02-03 07:04 - 00000000 ____D () C:\Program Files\Trend Micro 2015-02-03 06:46 - 2015-02-03 06:46 - 00000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache 2015-02-02 23:08 - 2015-02-02 23:09 - 06630832 _____ (Trend Micro Inc.) C:\Users\Mealnie Eisel\Downloads\Trend_Micro_Maximum_Security_2015.exe 2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015.zip 2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015 (1).zip 2015-02-02 19:39 - 2015-02-16 18:07 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Referat Michelle und Jana 2015-02-01 18:42 - 2015-02-01 18:42 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Lightshot 2015-01-30 15:34 - 2015-01-30 15:34 - 00004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel 2015-01-29 23:40 - 2015-02-21 15:11 - 00000404 _____ () C:\Windows\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000.job 2015-01-29 23:40 - 2015-01-29 23:40 - 00003300 _____ () C:\Windows\System32\Tasks\update-sys 2015-01-29 23:40 - 2015-01-29 23:40 - 00003294 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000 2015-01-29 23:40 - 2015-01-29 23:40 - 00000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml 2015-01-29 23:39 - 2015-02-21 16:48 - 00000404 _____ () C:\Windows\Tasks\update-sys.job 2015-01-29 23:39 - 2015-01-29 23:39 - 00000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log 2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\Program Files (x86)\Skillbrains 2015-01-29 23:38 - 2015-01-29 23:38 - 02452808 _____ (Skillbrains ) C:\Users\Mealnie Eisel\Downloads\setup-lightshot.exe 2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c.ged 2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c (1).ged 2015-01-27 18:51 - 2015-01-27 18:52 - 04071424 _____ () C:\Users\Mealnie Eisel\Downloads\Prisonniers index.xls 2015-01-25 18:24 - 2015-01-25 18:24 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\Punkt 2015-01-25 18:20 - 2015-01-25 18:20 - 00030543 _____ () C:\Users\Mealnie Eisel\Downloads\Punkt.zip 2015-01-24 21:12 - 2015-02-13 15:31 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\StPrsSW 2015-01-24 21:12 - 2015-01-24 21:12 - 00003692 _____ () C:\Windows\System32\Tasks\StPrsSW ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-21 17:26 - 2014-03-20 17:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-21 17:24 - 2012-04-18 19:57 - 01589901 _____ () C:\Windows\WindowsUpdate.log 2015-02-21 17:14 - 2012-11-27 20:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-21 17:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-21 17:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-21 16:39 - 2012-09-23 20:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB65BFAC-209A-4527-8F2B-815F00D69B53} 2015-02-21 14:10 - 2011-09-20 12:45 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2015-02-21 14:10 - 2011-09-20 12:45 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2015-02-21 14:10 - 2009-07-14 06:13 - 00844356 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-21 14:04 - 2012-12-29 11:50 - 00000000 ____D () C:\Program Files (x86)\SmartTools 2015-02-21 14:04 - 2012-11-27 20:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-21 14:03 - 2011-09-20 13:51 - 00000000 ____D () C:\ProgramData\PDFC 2015-02-21 14:03 - 2010-11-21 04:47 - 00749188 _____ () C:\Windows\PFRO.log 2015-02-21 14:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-21 14:03 - 2009-07-14 05:51 - 00150140 _____ () C:\Windows\setupact.log 2015-02-21 00:37 - 2012-09-15 16:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Azureus 2015-02-20 23:46 - 2012-11-01 13:05 - 00000000 ____D () C:\Windows\pss 2015-02-20 21:52 - 2012-12-29 11:50 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools 2015-02-20 21:51 - 2015-01-17 22:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Add-in Express 2015-02-20 21:31 - 2014-08-21 19:59 - 00000000 ____D () C:\Program Files\Saturn 2015-02-20 18:53 - 2012-10-28 09:31 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Computerprogramme 2015-02-20 18:47 - 2012-04-19 18:35 - 00000000 ____D () C:\Program Files (x86)\NETGEAR 2015-02-20 18:47 - 2011-09-20 13:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-20 18:40 - 2012-04-18 20:00 - 00000000 ____D () C:\Users\Mealnie Eisel 2015-02-20 18:38 - 2013-09-08 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-02-20 18:38 - 2012-04-22 19:59 - 00000000 ____D () C:\ProgramData\HP 2015-02-20 18:38 - 2012-04-21 19:20 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\PhotoScape 2015-02-20 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2015-02-20 18:34 - 2012-07-03 18:43 - 00000000 ____D () C:\ProgramData\Real 2015-02-19 19:54 - 2013-09-08 13:46 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-02-18 20:17 - 2015-01-12 19:03 - 00000000 ____D () C:\Users\Mealnie Eisel\Nintendo Spiele 2015-02-18 10:24 - 2013-02-13 19:27 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Ahnenforschung 2015-02-16 11:30 - 2013-10-13 20:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Bücher & Zeitschriften 2 2015-02-15 18:40 - 2014-05-14 18:17 - 00000000 ____D () C:\Program Files (x86)\SupTab 2015-02-14 20:55 - 2014-05-14 18:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\SupTab 2015-02-13 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-12 22:44 - 2012-08-25 19:26 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Bibliothek 2015-02-12 22:32 - 2013-02-11 18:11 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Versicherung 2015-02-12 22:30 - 2012-08-25 19:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Schriftverkehr 2015-02-12 22:30 - 2012-05-21 18:26 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Sabrina 2015-02-12 22:28 - 2012-08-28 21:36 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BANK 2015-02-12 22:24 - 2013-02-11 17:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FINANZAMT 2015-02-12 22:23 - 2014-10-15 15:58 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Rechnungen1 2015-02-12 22:17 - 2012-05-30 14:55 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Melanie 2015-02-12 19:23 - 2014-08-21 20:15 - 00000000 ____D () C:\ProgramData\tmp 2015-02-12 18:41 - 2013-02-02 13:10 - 00000000 ____D () C:\Users\Mealnie Eisel\BANK 2015-02-12 12:24 - 2009-07-14 05:45 - 05033560 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 12:21 - 2014-12-11 11:03 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 12:21 - 2014-05-07 06:10 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-11 23:44 - 2012-04-21 09:39 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-11 23:44 - 2009-07-14 03:34 - 00000513 _____ () C:\Windows\win.ini 2015-02-11 23:41 - 2013-07-24 17:54 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-11 23:24 - 2012-05-03 20:44 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-09 15:43 - 2012-04-23 20:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Eigene Scans 2015-02-05 20:26 - 2014-03-20 17:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-05 20:26 - 2012-10-09 18:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-05 20:26 - 2012-10-09 18:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-05 13:10 - 2012-11-27 20:56 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-05 13:09 - 2012-11-27 20:56 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-03 15:06 - 2014-05-14 18:17 - 00000000 ____D () C:\ProgramData\WPM 2015-02-03 07:58 - 2013-03-17 15:51 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Video Converter Packages 2015-02-03 07:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2015-02-03 07:24 - 2012-10-31 22:24 - 00000000 ____D () C:\ProgramData\wxDownload 2015-02-03 07:24 - 2012-05-30 13:34 - 00000000 ____D () C:\Windows\AutoKMS 2015-02-03 07:14 - 2014-05-14 18:17 - 00000000 ____D () C:\ProgramData\IePluginService 2015-02-03 07:04 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-02-03 06:51 - 2013-07-27 14:46 - 00000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG 2015-02-03 06:34 - 2012-05-22 19:11 - 00000000 ____D () C:\ProgramData\Adobe 2015-02-03 06:33 - 2012-05-22 19:12 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-02-03 06:25 - 2012-05-30 13:34 - 00003486 _____ () C:\Windows\System32\Tasks\AutoKMS 2015-02-02 23:04 - 2012-06-03 18:09 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-02-02 22:32 - 2014-04-02 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-02 22:31 - 2013-04-08 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Norton Utilities 16 2015-02-02 22:31 - 2011-09-20 13:34 - 00000000 ____D () C:\ProgramData\Temp 2015-02-02 19:40 - 2013-04-09 18:00 - 00008058 _____ () C:\Windows\SysWOW64\AppLog.log 2015-02-02 17:01 - 2013-05-06 16:00 - 00260592 _____ () C:\Windows\SysWOW64\Engines.log 2015-01-30 15:17 - 2012-06-19 14:15 - 00000000 ____D () C:\Users\Mealnie Eisel\.gimp-2.8 2015-01-29 19:28 - 2012-05-23 21:16 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\CrashDumps ==================== Files in the root of some directories ======= 2012-11-01 14:53 - 2013-08-10 21:39 - 0000671 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\vso_ts_preview.xml 2013-07-27 14:46 - 2015-02-03 06:51 - 0000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG 2013-06-21 14:48 - 2013-06-28 15:23 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q2-TTL.DAT 2013-12-31 15:46 - 2014-01-03 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q5-TTL.DAT 2013-06-16 14:46 - 2014-01-27 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-TTL.DAT 2013-07-16 21:20 - 2013-07-16 21:22 - 145394418 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload 2013-07-16 21:20 - 2013-07-16 21:22 - 0001811 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload.aamd 2012-09-23 21:01 - 2012-09-23 21:08 - 0004608 _____ () C:\Users\Mealnie Eisel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-09-15 16:40 - 2012-09-15 16:40 - 0027520 _____ () C:\Users\Mealnie Eisel\AppData\Local\dt.dat 2015-02-03 06:46 - 2015-02-03 06:46 - 0000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache 2013-10-24 14:46 - 2013-10-24 14:46 - 0361117 _____ () C:\Users\Mealnie Eisel\AppData\Local\newhb2.crx 2015-01-30 15:34 - 2015-01-30 15:34 - 0004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel 2015-02-19 19:16 - 2015-02-19 19:25 - 0007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg 2015-01-29 23:39 - 2015-01-29 23:39 - 0000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log 2015-01-29 23:40 - 2015-01-29 23:40 - 0000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml 2012-08-24 21:10 - 2012-09-15 16:25 - 0000041 ___SH () C:\ProgramData\.zreglib 2012-04-22 19:59 - 2012-05-29 12:03 - 0001804 _____ () C:\ProgramData\hpzinstall.log Files to move or delete: ==================== C:\Users\Mealnie Eisel\jobq.dat C:\Users\Mealnie Eisel\Vuze_4.2.0.8a_windows.exe Some content of TEMP: ==================== C:\Users\Mealnie Eisel\AppData\Local\Temp\BackupSetup.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\BobyLyrics_1060-1090_v122.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\Extract.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\ffdshow.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\htmlayout.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel0.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel1.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\MatroskaSplitter.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\nse1E93.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nse2806.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nseAA76.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nseC854.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj11E5.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj1407.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj1B0A.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nsjB89B.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nsoB205.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nsuB7EE.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nsy9E08.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nsz243F.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\nszBFAC.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\SaveSenseUpdateVer.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\SmartbarExeInstaller.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\SP54699.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\sp64126.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\Sqlite3.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar46512836.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar7262907.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninst1.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall280380.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325028.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325215.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47038029.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47053879.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\UninstallHPSA.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\?odec Performer803975.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed Zitat:
Ran by Mealnie Eisel at 2015-02-21 18:02:30 Running from C:\Users\Mealnie Eisel\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Trend Micro Maximum Security (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Trend Micro Maximum Security (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - ) A1 Internet Software (x32 Version: 8.1.0.55 - A1 Telekom Austria AG) Hidden A1 Servicecenter (x32 Version: 1.1.0.11 - A1 Telekom Austria AG) Hidden A1 Webassistent (x32 Version: 4.1.0.163 - A1 Telekom Austria) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Reader XI (11.0.01) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl) Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\...\{37C7C98A-3857-B7D4-D7BD-F0E8179E8AFD}) (Version: 3.0.829.0 - ATI Technologies, Inc.) B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company) Convert X to DVD 3.4.7.121 (HKLM-x32\...\{4C335AD4-6821-4028-9A6C-13943762DB55}) (Version: 3.4.7.121 - Black Angel Doom) Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden DirectDownloader (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\DirectDownloader) (Version: - ) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink) Extract-CloneCD 5.3.1.4 Final version 1.5 (HKLM-x32\...\Extract-CloneCD 5.3.1.4 Final_is1) (Version: 1.5 - ) FamilySearch Indexing 3.17.3 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.3 - FamilySearch) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time) Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.7.717 - DVDVideoSoft Ltd.) Free YouTube Download version 3.1.29.608 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.29.608 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.) GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP) HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP) HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard) HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard) HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - ) Lightshot-5.2.0.17 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.17 - Skillbrains) Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS) Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden Nero - Burning Rom (HKLM-x32\...\{A4D7B764-4140-11D4-88EB-0050DA3579C0}) (Version: 5.5.9 - ahead software gmbh) NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR) NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR) Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.) Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden Qtrax Player (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\2926320025.portal.qtrax.com) (Version: - portal.qtrax.com) QuickShare (HKLM-x32\...\{B630320B-4B6A-4623-A05D-80DAA4C73CE9}) (Version: 1.38.61.10911 - Linkury Inc.) <==== ATTENTION QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Raptr (HKLM-x32\...\Raptr) (Version: - ) RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6321 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden Solid Converter PDF (HKLM-x32\...\{56BFAA6E-2BCC-4AED-9233-84731E66B205}) (Version: 7.1.934.0 - SolidDocuments) SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer) Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Trend Micro DirectPass (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.) Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1137 - Trend Micro Inc.) Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden Update for Video Converter (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\DSite) (Version: - ) <==== ATTENTION Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Ihr Firmenname) VCRT for DirectPass x64 (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden VCRT for DirectPass x86 (x32 Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden Video Converter Packages (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Video Converter Packages) (Version: - ) <==== ATTENTION VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO) Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.) Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.) Web Assistant 2.0.0.485 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.485 - IncrediBar) <==== ATTENTION WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WxDFast 1.66 (HKLM-x32\...\SP_a6a8650b) (Version: - ) wxDownload (HKLM-x32\...\{088DF54D-6FFC-8C91-02D5-A461DCC2E652}) (Version: - wxDownload) Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC) Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 18-02-2015 22:32:25 Geplanter Prüfpunkt 20-02-2015 17:24:18 Installiert NETGEAR WNA3100 wireless USB 2.0 driver 20-02-2015 17:46:59 Wiederherstellungsvorgang 20-02-2015 18:01:08 Windows Update 20-02-2015 18:22:58 Wiederherstellungsvorgang 20-02-2015 18:46:38 Installiert NETGEAR WNA3100 wireless USB 2.0 adapter 20-02-2015 21:42:22 Removed SweetIM for Messenger 3.7 20-02-2015 21:47:50 Removed Update Manager for SweetPacks 1.1 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0B0F8F6B-FE9D-4968-B43E-AE68F353DFE6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {0E544C56-C4C5-4336-839C-526CAFEEAAD8} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {1B6AB716-B0D4-496B-A7BC-BDE7EC4B6941} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {232D4D45-3E38-42B9-A9F2-88C8CEE732E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27] (Google Inc.) Task: {3782A18F-D8E8-47B0-92CF-8DED7834BE56} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {4469BAC6-E004-477A-9CCC-27659159DAB2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.) Task: {446AB000-BCA9-41E0-A716-369CF8720770} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard) Task: {5778D6BC-140E-442D-BC49-E13CCC3B5248} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] () Task: {62D14DB0-87D3-4038-A5CB-D3F97D7B2111} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18] (Adobe Systems Incorporated) Task: {65DE8AD7-4C52-4413-8F89-56ED053B2CC8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated) Task: {68C04B47-FC62-4E1C-A6CA-544954FB0B47} - System32\Tasks\RunAsStdUser Task => C:\Users\Mealnie Eisel\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe Task: {68F5730E-F150-463B-91E0-5841AA9EB551} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation) Task: {82308808-0CA2-4391-BA4B-73995E131984} - System32\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] () Task: {89D02B36-C0AB-4732-94EF-0D3C4611FF16} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION Task: {9810F24E-D6C0-4021-AECB-3FCBC4F101D2} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: {A0230023-54EB-4DE6-B6C2-CD58AE4EA6B5} - System32\Tasks\{ADAFEB43-C46A-4AEC-BC77-A2663C9A91BF} => pcalua.exe -a "C:\Users\Mealnie Eisel\Downloads\Vuze_4.2.0.8a_windows.exe" -d "C:\Users\Mealnie Eisel\Downloads" Task: {A165EAC5-9A1F-4C22-A2B2-2617819322BA} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2012-07-03] (RealNetworks, Inc.) Task: {B68DA53E-2739-4DAE-938E-73CCE7F27C1E} - System32\Tasks\StPrsSW => C:\Users\Mealnie [2012-05-30] () Task: {C5A42C39-16B7-4185-B725-13FCF1AA7DF7} - System32\Tasks\DSite => C:\Users\MEALNI~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {C75446B8-9E13-4FF3-B310-92FA258ED398} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION Task: {DEE7C674-A008-4FDD-B794-41D16FC4D2FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd) Task: {E128C7AB-8E11-465E-A568-A4F94A0DF789} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.) Task: {ECFDBC74-5C02-454E-BB72-5852261B5233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27] (Google Inc.) Task: {FBB3F25C-8D77-4CEB-BE7C-EA21518D1C70} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Habe mich gemacht... Trend Micro hatte mir das Programm zuerst geblockt... Lg. Melanie |
|
22.02.2015, 09:09
| #4 |
| /// the machine /// TB-Ausbilder | PC sehr langsam, Programm lässt sich nicht deinstallieren. Beide Logs bitte nochmal posten, sind unvollständig, und bitte in Codetags posten.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.02.2015, 14:50
| #5 |
| | FRST.txt Teil 1Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Mealnie Eisel (administrator) on MELANIEEISEL-HP on 21-02-2015 17:58:16
Running from C:\Users\Mealnie Eisel\Downloads
Loaded Profiles: Mealnie Eisel (Available profiles: Mealnie Eisel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2007592 2014-11-27] (Trend Micro Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [A1Webassistent] => C:\Program Files (x86)\A1\A1 Webassistent\A1Webassistent.exe /auto
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-04] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {2ba5caa5-8189-11e2-81c0-3cd92b58676f} - I:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {9a8fbf65-8dba-11e3-bd0d-3cd92b58676f} - G:\iLinker.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
URLSearchHook: HKLM-x32 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.doko-search.com/?q={searchTerms}&affID=119776&tt=070313_9105&babsrc=SP_ss_mib2&mntrId=e4c07025000000000000e0469aa51a07
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-20] (EasyBits Software Corp.)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: General Crawler - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-05-28]
FF Extension: |$EXTENSION_NAME$| - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-04-02]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: No Name - C:\Program Files\Web Assistant\Firefox [2012-05-22]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-03]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-25]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Firefox\Profiles\o5mrdlun.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-02-03]
FF HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/", "hxxp://www.facebook.com/", "hxxp://user.webnode.com/servers/auth/?is_logged=1&domain=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Flogin%2F&project_id=9657061&refurl=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Fadmin%2F"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08]
CHR Extension: (Google Drive) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08]
CHR Extension: (Speedial) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2013-10-24]
CHR Extension: (TV) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (iWebar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2013-12-16]
CHR Extension: (Google Search) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (General Crawler) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2012-11-10]
CHR Extension: (Google Sheets) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (SweetIM for Facebook) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-01-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-09-08]
CHR Extension: (New tab for Chrome™) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-11-10]
CHR Extension: (wxDownload) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbajjgcocbjldbjjkbjpialgnmkfbobp [2013-09-08]
CHR Extension: (entrusted) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk [2013-07-25]
CHR Extension: (BitAccelerator) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl [2013-09-08]
CHR Extension: (Google Wallet) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-02-03]
CHR Extension: (Gmail) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\MEALNI~1\AppData\Local\newhb2.crx [2013-10-24]
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17]
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Mealnie Eisel\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-26]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Mealnie Eisel\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-05-28]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-08-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-24]
CHR HKLM-x32\...\Chrome\Extension: [kbajjgcocbjldbjjkbjpialgnmkfbobp] - C:\ProgramData\wxDownload\kbajjgcocbjldbjjkbjpialgnmkfbobp.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17]
CHR HKLM-x32\...\Chrome\Extension: [kngjfmklipimnkegmcilmbhchklgjgfl] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl.crx [2012-10-30]
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mkcaingkodcbhcaaaeopicigkejmgknj] - C:\ProgramData\ADDICT-THING\mkcaingkodcbhcaaaeopicigkejmgknj.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-05-30] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [325656 2014-11-27] (Trend Micro Inc.)
R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2011-10-21] (Solid Documents, LLC) [File not signed]
S2 WebOptimizer; C:\Windows\system32\dmwu.exe [436344 2012-08-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2014-11-27] (Trend Micro Inc.)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 17:58 - 2015-02-21 18:00 - 00038544 _____ () C:\Users\Mealnie Eisel\Downloads\FRST.txt
2015-02-21 17:57 - 2015-02-21 17:58 - 00000000 ___DC () C:\FRST
2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64.exe
2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64 (1).exe
2015-02-21 17:19 - 2015-02-21 17:34 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Musik Mimi 2015
2015-02-21 14:05 - 2015-02-21 14:05 - 00003370 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000
2015-02-21 14:05 - 2015-02-21 14:05 - 00003252 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000
2015-02-20 23:00 - 2015-02-20 23:00 - 00023011 _____ () C:\Users\Mealnie Eisel\Downloads\GermanTOP100SingleCharts02022015-NoGroup - ThePirateBay.TO.torrent
2015-02-20 21:46 - 2015-02-20 21:46 - 00000000 __SHD () C:\Users\Mealnie Eisel\AppData\Local\EmieBrowserModeList
2015-02-20 18:50 - 2015-02-20 18:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2015-02-20 18:48 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2015-02-20 18:48 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-02-20 18:47 - 2015-02-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie
2015-02-20 18:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-02-20 18:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-02-20 17:23 - 2015-02-20 17:23 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\NETGEAR
2015-02-19 19:16 - 2015-02-19 19:25 - 00007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg
2015-02-19 10:32 - 2015-02-19 23:13 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Tagesordner
2015-02-14 22:02 - 2015-02-14 22:02 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\{802CCBBE-BF78-4BCE-94FA-9BBB6141099B}
2015-02-13 13:39 - 2015-02-13 13:39 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Passwörter
2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BEWERBUNGEN
2015-02-12 22:16 - 2015-02-12 22:16 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\VERKAUF - BESTELLUNGEN
2015-02-12 22:13 - 2015-02-21 17:38 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Outlook-Dateien
2015-02-12 22:12 - 2015-02-12 22:27 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\ANTRÄGE - Verträge
2015-02-12 22:11 - 2015-02-12 22:31 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\DOKUMENTE Urkunden
2015-02-12 22:03 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FRANZ
2015-02-12 21:59 - 2015-02-12 22:01 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kündigung Verträge
2015-02-12 21:54 - 2015-02-12 22:30 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\OPA Wilfling
2015-02-12 21:54 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kredite - Finanzierungen
2015-02-12 21:53 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Unterschriften
2015-02-12 13:05 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 13:05 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 13:05 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 13:05 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 11:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 11:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 11:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 11:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 11:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 11:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 11:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 11:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 11:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 11:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 11:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 11:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 11:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 11:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 11:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 11:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 11:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 11:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 11:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 11:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 11:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 11:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 11:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 11:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 11:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 11:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 11:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 11:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 11:19 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 11:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 11:19 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 11:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 11:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 11:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 11:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 11:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 11:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 11:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 11:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 11:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 11:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 11:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 11:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 11:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 11:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 11:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 11:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 11:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 11:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 11:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 11:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 11:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 11:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 11:10 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 11:10 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 11:10 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 11:10 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 11:10 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 11:10 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 11:10 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 11:10 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 11:10 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 11:10 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 11:10 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 11:10 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 11:10 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 11:10 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 11:10 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 11:08 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 11:08 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 11:08 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 11:08 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 11:08 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 11:08 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 11:07 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 11:07 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 11:07 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 11:07 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 11:07 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 11:06 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 11:06 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 11:04 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 11:04 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 11:04 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 11:04 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 11:04 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 11:04 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 11:04 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 10:55 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 22:35 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Meldezettel
2015-02-10 20:02 - 2015-02-10 20:02 - 00000089 _____ () C:\Users\Mealnie Eisel\Desktop\Index C-D.url
2015-02-03 07:36 - 2015-02-03 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Password Manager
2015-02-03 07:26 - 2015-02-03 07:27 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 ____C (Trend Micro Inc.) C:\kbfilter.sys
2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\kbfilter.sys
2015-02-03 07:23 - 2014-11-27 11:03 - 00007799 ____C () C:\kbfilter.cat
2015-02-03 07:23 - 2014-11-27 11:03 - 00000098 ____C () C:\install.bat
2015-02-03 07:23 - 2014-11-27 11:03 - 00000081 ____C () C:\uninstall.bat
2015-02-03 07:06 - 2015-02-03 07:06 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\Trend Micro
2015-02-03 07:05 - 2015-02-03 07:05 - 00000000 __HDC () C:\TMRescueDisk
2015-02-03 07:04 - 2015-02-03 07:36 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-02-03 07:03 - 2015-02-03 07:03 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security
2015-02-03 07:01 - 2014-07-14 08:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-02-03 07:01 - 2014-07-14 08:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-02-03 07:01 - 2014-07-14 08:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-02-03 07:01 - 2014-07-09 17:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-02-03 07:01 - 2014-07-09 17:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-02-03 07:00 - 2014-07-09 17:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-02-03 07:00 - 2014-06-30 12:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-02-03 06:57 - 2015-02-03 06:57 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2015-02-03 06:55 - 2015-02-20 18:38 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-02-03 06:55 - 2015-02-03 07:04 - 00000000 ____D () C:\Program Files\Trend Micro
2015-02-03 06:46 - 2015-02-03 06:46 - 00000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache
2015-02-02 23:08 - 2015-02-02 23:09 - 06630832 _____ (Trend Micro Inc.) C:\Users\Mealnie Eisel\Downloads\Trend_Micro_Maximum_Security_2015.exe
2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015.zip
2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015 (1).zip
2015-02-02 19:39 - 2015-02-16 18:07 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Referat Michelle und Jana
2015-02-01 18:42 - 2015-02-01 18:42 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Lightshot
2015-01-30 15:34 - 2015-01-30 15:34 - 00004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel
2015-01-29 23:40 - 2015-02-21 15:11 - 00000404 _____ () C:\Windows\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000.job
2015-01-29 23:40 - 2015-01-29 23:40 - 00003300 _____ () C:\Windows\System32\Tasks\update-sys
2015-01-29 23:40 - 2015-01-29 23:40 - 00003294 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000
2015-01-29 23:40 - 2015-01-29 23:40 - 00000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml
2015-01-29 23:39 - 2015-02-21 16:48 - 00000404 _____ () C:\Windows\Tasks\update-sys.job
2015-01-29 23:39 - 2015-01-29 23:39 - 00000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log
2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2015-01-29 23:38 - 2015-01-29 23:38 - 02452808 _____ (Skillbrains ) C:\Users\Mealnie Eisel\Downloads\setup-lightshot.exe
2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c.ged
2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c (1).ged
2015-01-27 18:51 - 2015-01-27 18:52 - 04071424 _____ () C:\Users\Mealnie Eisel\Downloads\Prisonniers index.xls
2015-01-25 18:24 - 2015-01-25 18:24 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\Punkt
2015-01-25 18:20 - 2015-01-25 18:20 - 00030543 _____ () C:\Users\Mealnie Eisel\Downloads\Punkt.zip
2015-01-24 21:12 - 2015-02-13 15:31 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\StPrsSW
2015-01-24 21:12 - 2015-01-24 21:12 - 00003692 _____ () C:\Windows\System32\Tasks\StPrsSW
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 17:26 - 2014-03-20 17:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 17:24 - 2012-04-18 19:57 - 01589901 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 17:14 - 2012-11-27 20:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 17:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 17:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 16:39 - 2012-09-23 20:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB65BFAC-209A-4527-8F2B-815F00D69B53}
2015-02-21 14:10 - 2011-09-20 12:45 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-02-21 14:10 - 2011-09-20 12:45 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-02-21 14:10 - 2009-07-14 06:13 - 00844356 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-21 14:04 - 2012-12-29 11:50 - 00000000 ____D () C:\Program Files (x86)\SmartTools
2015-02-21 14:04 - 2012-11-27 20:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-21 14:03 - 2011-09-20 13:51 - 00000000 ____D () C:\ProgramData\PDFC
2015-02-21 14:03 - 2010-11-21 04:47 - 00749188 _____ () C:\Windows\PFRO.log
2015-02-21 14:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 14:03 - 2009-07-14 05:51 - 00150140 _____ () C:\Windows\setupact.log
2015-02-21 00:37 - 2012-09-15 16:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Azureus
2015-02-20 23:46 - 2012-11-01 13:05 - 00000000 ____D () C:\Windows\pss
2015-02-20 21:52 - 2012-12-29 11:50 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools
2015-02-20 21:51 - 2015-01-17 22:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Add-in Express
2015-02-20 21:31 - 2014-08-21 19:59 - 00000000 ____D () C:\Program Files\Saturn
2015-02-20 18:53 - 2012-10-28 09:31 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Computerprogramme
2015-02-20 18:47 - 2012-04-19 18:35 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2015-02-20 18:47 - 2011-09-20 13:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-20 18:40 - 2012-04-18 20:00 - 00000000 ____D () C:\Users\Mealnie Eisel
2015-02-20 18:38 - 2013-09-08 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 18:38 - 2012-04-22 19:59 - 00000000 ____D () C:\ProgramData\HP
2015-02-20 18:38 - 2012-04-21 19:20 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\PhotoScape
2015-02-20 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-20 18:34 - 2012-07-03 18:43 - 00000000 ____D () C:\ProgramData\Real
2015-02-19 19:54 - 2013-09-08 13:46 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-18 20:17 - 2015-01-12 19:03 - 00000000 ____D () C:\Users\Mealnie Eisel\Nintendo Spiele
2015-02-18 10:24 - 2013-02-13 19:27 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Ahnenforschung
2015-02-16 11:30 - 2013-10-13 20:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Bücher & Zeitschriften 2
2015-02-15 18:40 - 2014-05-14 18:17 - 00000000 ____D () C:\Program Files (x86)\SupTab
2015-02-14 20:55 - 2014-05-14 18:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\SupTab
2015-02-13 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 22:44 - 2012-08-25 19:26 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Bibliothek
2015-02-12 22:32 - 2013-02-11 18:11 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Versicherung
2015-02-12 22:30 - 2012-08-25 19:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Schriftverkehr
2015-02-12 22:30 - 2012-05-21 18:26 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Sabrina
2015-02-12 22:28 - 2012-08-28 21:36 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BANK
2015-02-12 22:24 - 2013-02-11 17:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FINANZAMT
2015-02-12 22:23 - 2014-10-15 15:58 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Rechnungen1
2015-02-12 22:17 - 2012-05-30 14:55 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Melanie
2015-02-12 19:23 - 2014-08-21 20:15 - 00000000 ____D () C:\ProgramData\tmp
2015-02-12 18:41 - 2013-02-02 13:10 - 00000000 ____D () C:\Users\Mealnie Eisel\BANK
2015-02-12 12:24 - 2009-07-14 05:45 - 05033560 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 12:21 - 2014-12-11 11:03 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 12:21 - 2014-05-07 06:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 23:44 - 2012-04-21 09:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 23:44 - 2009-07-14 03:34 - 00000513 _____ () C:\Windows\win.ini
2015-02-11 23:41 - 2013-07-24 17:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 23:24 - 2012-05-03 20:44 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 15:43 - 2012-04-23 20:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Eigene Scans
2015-02-05 20:26 - 2014-03-20 17:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 20:26 - 2012-10-09 18:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 20:26 - 2012-10-09 18:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 13:10 - 2012-11-27 20:56 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 13:09 - 2012-11-27 20:56 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 15:06 - 2014-05-14 18:17 - 00000000 ____D () C:\ProgramData\WPM
2015-02-03 07:58 - 2013-03-17 15:51 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Video Converter Packages
2015-02-03 07:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-02-03 07:24 - 2012-10-31 22:24 - 00000000 ____D () C:\ProgramData\wxDownload
2015-02-03 07:24 - 2012-05-30 13:34 - 00000000 ____D () C:\Windows\AutoKMS
2015-02-03 07:14 - 2014-05-14 18:17 - 00000000 ____D () C:\ProgramData\IePluginService
2015-02-03 07:04 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-03 06:51 - 2013-07-27 14:46 - 00000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG
2015-02-03 06:34 - 2012-05-22 19:11 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-03 06:33 - 2012-05-22 19:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-03 06:25 - 2012-05-30 13:34 - 00003486 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-02 23:04 - 2012-06-03 18:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-02-02 22:32 - 2014-04-02 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-02 22:31 - 2013-04-08 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Norton Utilities 16
2015-02-02 22:31 - 2011-09-20 13:34 - 00000000 ____D () C:\ProgramData\Temp
2015-02-02 19:40 - 2013-04-09 18:00 - 00008058 _____ () C:\Windows\SysWOW64\AppLog.log
2015-02-02 17:01 - 2013-05-06 16:00 - 00260592 _____ () C:\Windows\SysWOW64\Engines.log
2015-01-30 15:17 - 2012-06-19 14:15 - 00000000 ____D () C:\Users\Mealnie Eisel\.gimp-2.8
2015-01-29 19:28 - 2012-05-23 21:16 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\CrashDumps
==================== Files in the root of some directories =======
2012-11-01 14:53 - 2013-08-10 21:39 - 0000671 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\vso_ts_preview.xml
2013-07-27 14:46 - 2015-02-03 06:51 - 0000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG
2013-06-21 14:48 - 2013-06-28 15:23 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q2-TTL.DAT
2013-12-31 15:46 - 2014-01-03 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-16 14:46 - 2014-01-27 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-TTL.DAT
2013-07-16 21:20 - 2013-07-16 21:22 - 145394418 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload
2013-07-16 21:20 - 2013-07-16 21:22 - 0001811 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload.aamd
2012-09-23 21:01 - 2012-09-23 21:08 - 0004608 _____ () C:\Users\Mealnie Eisel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-15 16:40 - 2012-09-15 16:40 - 0027520 _____ () C:\Users\Mealnie Eisel\AppData\Local\dt.dat
2015-02-03 06:46 - 2015-02-03 06:46 - 0000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache
2013-10-24 14:46 - 2013-10-24 14:46 - 0361117 _____ () C:\Users\Mealnie Eisel\AppData\Local\newhb2.crx
2015-01-30 15:34 - 2015-01-30 15:34 - 0004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel
2015-02-19 19:16 - 2015-02-19 19:25 - 0007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg
2015-01-29 23:39 - 2015-01-29 23:39 - 0000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log
2015-01-29 23:40 - 2015-01-29 23:40 - 0000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml
2012-08-24 21:10 - 2012-09-15 16:25 - 0000041 ___SH () C:\ProgramData\.zreglib
2012-04-22 19:59 - 2012-05-29 12:03 - 0001804 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Mealnie Eisel\jobq.dat
C:\Users\Mealnie Eisel\Vuze_4.2.0.8a_windows.exe
Some content of TEMP:
====================
C:\Users\Mealnie Eisel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\BobyLyrics_1060-1090_v122.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\Extract.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\ffdshow.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\htmlayout.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel0.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel1.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\MatroskaSplitter.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\nse1E93.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nse2806.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nseAA76.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nseC854.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj11E5.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj1407.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj1B0A.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsjB89B.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsoB205.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsuB7EE.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsy9E08.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsz243F.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nszBFAC.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SaveSenseUpdateVer.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SP54699.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\sp64126.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\Sqlite3.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar46512836.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar7262907.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninst1.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall280380.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325028.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325215.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47038029.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47053879.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\?odec Performer803975.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Mealnie Eisel (administrator) on MELANIEEISEL-HP on 21-02-2015 17:58:16
Running from C:\Users\Mealnie Eisel\Downloads
Loaded Profiles: Mealnie Eisel (Available profiles: Mealnie Eisel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2007592 2014-11-27] (Trend Micro Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [A1Webassistent] => C:\Program Files (x86)\A1\A1 Webassistent\A1Webassistent.exe /auto
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-04] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {2ba5caa5-8189-11e2-81c0-3cd92b58676f} - I:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {9a8fbf65-8dba-11e3-bd0d-3cd92b58676f} - G:\iLinker.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
URLSearchHook: HKLM-x32 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.doko-search.com/?q={searchTerms}&affID=119776&tt=070313_9105&babsrc=SP_ss_mib2&mntrId=e4c07025000000000000e0469aa51a07
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-20] (EasyBits Software Corp.)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: General Crawler - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-05-28]
FF Extension: |$EXTENSION_NAME$| - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-04-02]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: No Name - C:\Program Files\Web Assistant\Firefox [2012-05-22]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-03]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-25]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Firefox\Profiles\o5mrdlun.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-02-03]
FF HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/", "hxxp://www.facebook.com/", "hxxp://user.webnode.com/servers/auth/?is_logged=1&domain=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Flogin%2F&project_id=9657061&refurl=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Fadmin%2F"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08]
CHR Extension: (Google Drive) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08]
CHR Extension: (Speedial) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2013-10-24]
CHR Extension: (TV) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (iWebar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2013-12-16]
CHR Extension: (Google Search) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (General Crawler) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2012-11-10]
CHR Extension: (Google Sheets) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (SweetIM for Facebook) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-01-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-09-08]
CHR Extension: (New tab for Chrome™) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-11-10]
CHR Extension: (wxDownload) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbajjgcocbjldbjjkbjpialgnmkfbobp [2013-09-08]
CHR Extension: (entrusted) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk [2013-07-25]
CHR Extension: (BitAccelerator) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl [2013-09-08]
CHR Extension: (Google Wallet) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-02-03]
CHR Extension: (Gmail) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\MEALNI~1\AppData\Local\newhb2.crx [2013-10-24]
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17]
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Mealnie Eisel\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-26]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Mealnie Eisel\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-05-28]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-08-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-24]
CHR HKLM-x32\...\Chrome\Extension: [kbajjgcocbjldbjjkbjpialgnmkfbobp] - C:\ProgramData\wxDownload\kbajjgcocbjldbjjkbjpialgnmkfbobp.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17]
CHR HKLM-x32\...\Chrome\Extension: [kngjfmklipimnkegmcilmbhchklgjgfl] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl.crx [2012-10-30]
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mkcaingkodcbhcaaaeopicigkejmgknj] - C:\ProgramData\ADDICT-THING\mkcaingkodcbhcaaaeopicigkejmgknj.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-05-30] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [325656 2014-11-27] (Trend Micro Inc.)
R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2011-10-21] (Solid Documents, LLC) [File not signed]
S2 WebOptimizer; C:\Windows\system32\dmwu.exe [436344 2012-08-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
|
|
22.02.2015, 14:54
| #6 |
| | FRST.txt Teil 2Code:
ATTFilter ==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2014-11-27] (Trend Micro Inc.)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 17:58 - 2015-02-21 18:00 - 00038544 _____ () C:\Users\Mealnie Eisel\Downloads\FRST.txt
2015-02-21 17:57 - 2015-02-21 17:58 - 00000000 ___DC () C:\FRST
2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64.exe
2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64 (1).exe
2015-02-21 17:19 - 2015-02-21 17:34 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Musik Mimi 2015
2015-02-21 14:05 - 2015-02-21 14:05 - 00003370 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000
2015-02-21 14:05 - 2015-02-21 14:05 - 00003252 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000
2015-02-20 23:00 - 2015-02-20 23:00 - 00023011 _____ () C:\Users\Mealnie Eisel\Downloads\GermanTOP100SingleCharts02022015-NoGroup - ThePirateBay.TO.torrent
2015-02-20 21:46 - 2015-02-20 21:46 - 00000000 __SHD () C:\Users\Mealnie Eisel\AppData\Local\EmieBrowserModeList
2015-02-20 18:50 - 2015-02-20 18:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2015-02-20 18:48 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2015-02-20 18:48 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-02-20 18:47 - 2015-02-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie
2015-02-20 18:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-02-20 18:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-02-20 17:23 - 2015-02-20 17:23 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\NETGEAR
2015-02-19 19:16 - 2015-02-19 19:25 - 00007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg
2015-02-19 10:32 - 2015-02-19 23:13 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Tagesordner
2015-02-14 22:02 - 2015-02-14 22:02 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\{802CCBBE-BF78-4BCE-94FA-9BBB6141099B}
2015-02-13 13:39 - 2015-02-13 13:39 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Passwörter
2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BEWERBUNGEN
2015-02-12 22:16 - 2015-02-12 22:16 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\VERKAUF - BESTELLUNGEN
2015-02-12 22:13 - 2015-02-21 17:38 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Outlook-Dateien
2015-02-12 22:12 - 2015-02-12 22:27 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\ANTRÄGE - Verträge
2015-02-12 22:11 - 2015-02-12 22:31 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\DOKUMENTE Urkunden
2015-02-12 22:03 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FRANZ
2015-02-12 21:59 - 2015-02-12 22:01 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kündigung Verträge
2015-02-12 21:54 - 2015-02-12 22:30 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\OPA Wilfling
2015-02-12 21:54 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kredite - Finanzierungen
2015-02-12 21:53 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Unterschriften
2015-02-12 13:05 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 13:05 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 13:05 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 13:05 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 11:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 11:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 11:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 11:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 11:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 11:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 11:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 11:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 11:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 11:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 11:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 11:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 11:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 11:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 11:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 11:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 11:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 11:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 11:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 11:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 11:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 11:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 11:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 11:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 11:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 11:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 11:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 11:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 11:19 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 11:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 11:19 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 11:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 11:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 11:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 11:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 11:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 11:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 11:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 11:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 11:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 11:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 11:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 11:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 11:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 11:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 11:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 11:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 11:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 11:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 11:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 11:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 11:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 11:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 11:10 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 11:10 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 11:10 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 11:10 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 11:10 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 11:10 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 11:10 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 11:10 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 11:10 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 11:10 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 11:10 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 11:10 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 11:10 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 11:10 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 11:10 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 11:08 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 11:08 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 11:08 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 11:08 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 11:08 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 11:08 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 11:07 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 11:07 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 11:07 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 11:07 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 11:07 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 11:06 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 11:06 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 11:04 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 11:04 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 11:04 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 11:04 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 11:04 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 11:04 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 11:04 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 10:55 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 22:35 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Meldezettel
2015-02-10 20:02 - 2015-02-10 20:02 - 00000089 _____ () C:\Users\Mealnie Eisel\Desktop\Index C-D.url
2015-02-03 07:36 - 2015-02-03 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Password Manager
2015-02-03 07:26 - 2015-02-03 07:27 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 ____C (Trend Micro Inc.) C:\kbfilter.sys
2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\kbfilter.sys
2015-02-03 07:23 - 2014-11-27 11:03 - 00007799 ____C () C:\kbfilter.cat
2015-02-03 07:23 - 2014-11-27 11:03 - 00000098 ____C () C:\install.bat
2015-02-03 07:23 - 2014-11-27 11:03 - 00000081 ____C () C:\uninstall.bat
2015-02-03 07:06 - 2015-02-03 07:06 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\Trend Micro
2015-02-03 07:05 - 2015-02-03 07:05 - 00000000 __HDC () C:\TMRescueDisk
2015-02-03 07:04 - 2015-02-03 07:36 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-02-03 07:03 - 2015-02-03 07:03 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security
2015-02-03 07:01 - 2014-07-14 08:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-02-03 07:01 - 2014-07-14 08:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-02-03 07:01 - 2014-07-14 08:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-02-03 07:01 - 2014-07-09 17:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-02-03 07:01 - 2014-07-09 17:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-02-03 07:00 - 2014-07-09 17:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-02-03 07:00 - 2014-06-30 12:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-02-03 06:57 - 2015-02-03 06:57 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2015-02-03 06:55 - 2015-02-20 18:38 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-02-03 06:55 - 2015-02-03 07:04 - 00000000 ____D () C:\Program Files\Trend Micro
2015-02-03 06:46 - 2015-02-03 06:46 - 00000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache
2015-02-02 23:08 - 2015-02-02 23:09 - 06630832 _____ (Trend Micro Inc.) C:\Users\Mealnie Eisel\Downloads\Trend_Micro_Maximum_Security_2015.exe
2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015.zip
2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015 (1).zip
2015-02-02 19:39 - 2015-02-16 18:07 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Referat Michelle und Jana
2015-02-01 18:42 - 2015-02-01 18:42 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Lightshot
2015-01-30 15:34 - 2015-01-30 15:34 - 00004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel
2015-01-29 23:40 - 2015-02-21 15:11 - 00000404 _____ () C:\Windows\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000.job
2015-01-29 23:40 - 2015-01-29 23:40 - 00003300 _____ () C:\Windows\System32\Tasks\update-sys
2015-01-29 23:40 - 2015-01-29 23:40 - 00003294 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000
2015-01-29 23:40 - 2015-01-29 23:40 - 00000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml
2015-01-29 23:39 - 2015-02-21 16:48 - 00000404 _____ () C:\Windows\Tasks\update-sys.job
2015-01-29 23:39 - 2015-01-29 23:39 - 00000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log
2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2015-01-29 23:38 - 2015-01-29 23:38 - 02452808 _____ (Skillbrains ) C:\Users\Mealnie Eisel\Downloads\setup-lightshot.exe
2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c.ged
2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c (1).ged
2015-01-27 18:51 - 2015-01-27 18:52 - 04071424 _____ () C:\Users\Mealnie Eisel\Downloads\Prisonniers index.xls
2015-01-25 18:24 - 2015-01-25 18:24 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\Punkt
2015-01-25 18:20 - 2015-01-25 18:20 - 00030543 _____ () C:\Users\Mealnie Eisel\Downloads\Punkt.zip
2015-01-24 21:12 - 2015-02-13 15:31 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\StPrsSW
2015-01-24 21:12 - 2015-01-24 21:12 - 00003692 _____ () C:\Windows\System32\Tasks\StPrsSW
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 17:26 - 2014-03-20 17:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 17:24 - 2012-04-18 19:57 - 01589901 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 17:14 - 2012-11-27 20:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 17:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 17:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 16:39 - 2012-09-23 20:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB65BFAC-209A-4527-8F2B-815F00D69B53}
2015-02-21 14:10 - 2011-09-20 12:45 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-02-21 14:10 - 2011-09-20 12:45 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-02-21 14:10 - 2009-07-14 06:13 - 00844356 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-21 14:04 - 2012-12-29 11:50 - 00000000 ____D () C:\Program Files (x86)\SmartTools
2015-02-21 14:04 - 2012-11-27 20:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-21 14:03 - 2011-09-20 13:51 - 00000000 ____D () C:\ProgramData\PDFC
2015-02-21 14:03 - 2010-11-21 04:47 - 00749188 _____ () C:\Windows\PFRO.log
2015-02-21 14:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 14:03 - 2009-07-14 05:51 - 00150140 _____ () C:\Windows\setupact.log
2015-02-21 00:37 - 2012-09-15 16:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Azureus
2015-02-20 23:46 - 2012-11-01 13:05 - 00000000 ____D () C:\Windows\pss
2015-02-20 21:52 - 2012-12-29 11:50 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools
2015-02-20 21:51 - 2015-01-17 22:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Add-in Express
2015-02-20 21:31 - 2014-08-21 19:59 - 00000000 ____D () C:\Program Files\Saturn
2015-02-20 18:53 - 2012-10-28 09:31 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Computerprogramme
2015-02-20 18:47 - 2012-04-19 18:35 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2015-02-20 18:47 - 2011-09-20 13:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-20 18:40 - 2012-04-18 20:00 - 00000000 ____D () C:\Users\Mealnie Eisel
2015-02-20 18:38 - 2013-09-08 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 18:38 - 2012-04-22 19:59 - 00000000 ____D () C:\ProgramData\HP
2015-02-20 18:38 - 2012-04-21 19:20 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\PhotoScape
2015-02-20 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-20 18:34 - 2012-07-03 18:43 - 00000000 ____D () C:\ProgramData\Real
2015-02-19 19:54 - 2013-09-08 13:46 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-18 20:17 - 2015-01-12 19:03 - 00000000 ____D () C:\Users\Mealnie Eisel\Nintendo Spiele
2015-02-18 10:24 - 2013-02-13 19:27 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Ahnenforschung
2015-02-16 11:30 - 2013-10-13 20:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Bücher & Zeitschriften 2
2015-02-15 18:40 - 2014-05-14 18:17 - 00000000 ____D () C:\Program Files (x86)\SupTab
2015-02-14 20:55 - 2014-05-14 18:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\SupTab
2015-02-13 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 22:44 - 2012-08-25 19:26 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Bibliothek
2015-02-12 22:32 - 2013-02-11 18:11 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Versicherung
2015-02-12 22:30 - 2012-08-25 19:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Schriftverkehr
2015-02-12 22:30 - 2012-05-21 18:26 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Sabrina
2015-02-12 22:28 - 2012-08-28 21:36 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BANK
2015-02-12 22:24 - 2013-02-11 17:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FINANZAMT
2015-02-12 22:23 - 2014-10-15 15:58 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Rechnungen1
2015-02-12 22:17 - 2012-05-30 14:55 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Melanie
2015-02-12 19:23 - 2014-08-21 20:15 - 00000000 ____D () C:\ProgramData\tmp
2015-02-12 18:41 - 2013-02-02 13:10 - 00000000 ____D () C:\Users\Mealnie Eisel\BANK
2015-02-12 12:24 - 2009-07-14 05:45 - 05033560 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 12:21 - 2014-12-11 11:03 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 12:21 - 2014-05-07 06:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 23:44 - 2012-04-21 09:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 23:44 - 2009-07-14 03:34 - 00000513 _____ () C:\Windows\win.ini
2015-02-11 23:41 - 2013-07-24 17:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 23:24 - 2012-05-03 20:44 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 15:43 - 2012-04-23 20:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Eigene Scans
2015-02-05 20:26 - 2014-03-20 17:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 20:26 - 2012-10-09 18:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 20:26 - 2012-10-09 18:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 13:10 - 2012-11-27 20:56 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 13:09 - 2012-11-27 20:56 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 15:06 - 2014-05-14 18:17 - 00000000 ____D () C:\ProgramData\WPM
2015-02-03 07:58 - 2013-03-17 15:51 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Video Converter Packages
2015-02-03 07:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-02-03 07:24 - 2012-10-31 22:24 - 00000000 ____D () C:\ProgramData\wxDownload
2015-02-03 07:24 - 2012-05-30 13:34 - 00000000 ____D () C:\Windows\AutoKMS
2015-02-03 07:14 - 2014-05-14 18:17 - 00000000 ____D () C:\ProgramData\IePluginService
2015-02-03 07:04 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-03 06:51 - 2013-07-27 14:46 - 00000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG
2015-02-03 06:34 - 2012-05-22 19:11 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-03 06:33 - 2012-05-22 19:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-03 06:25 - 2012-05-30 13:34 - 00003486 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-02 23:04 - 2012-06-03 18:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-02-02 22:32 - 2014-04-02 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-02 22:31 - 2013-04-08 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Norton Utilities 16
2015-02-02 22:31 - 2011-09-20 13:34 - 00000000 ____D () C:\ProgramData\Temp
2015-02-02 19:40 - 2013-04-09 18:00 - 00008058 _____ () C:\Windows\SysWOW64\AppLog.log
2015-02-02 17:01 - 2013-05-06 16:00 - 00260592 _____ () C:\Windows\SysWOW64\Engines.log
2015-01-30 15:17 - 2012-06-19 14:15 - 00000000 ____D () C:\Users\Mealnie Eisel\.gimp-2.8
2015-01-29 19:28 - 2012-05-23 21:16 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\CrashDumps
==================== Files in the root of some directories =======
2012-11-01 14:53 - 2013-08-10 21:39 - 0000671 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\vso_ts_preview.xml
2013-07-27 14:46 - 2015-02-03 06:51 - 0000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG
2013-06-21 14:48 - 2013-06-28 15:23 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q2-TTL.DAT
2013-12-31 15:46 - 2014-01-03 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-16 14:46 - 2014-01-27 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-TTL.DAT
2013-07-16 21:20 - 2013-07-16 21:22 - 145394418 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload
2013-07-16 21:20 - 2013-07-16 21:22 - 0001811 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload.aamd
2012-09-23 21:01 - 2012-09-23 21:08 - 0004608 _____ () C:\Users\Mealnie Eisel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-15 16:40 - 2012-09-15 16:40 - 0027520 _____ () C:\Users\Mealnie Eisel\AppData\Local\dt.dat
2015-02-03 06:46 - 2015-02-03 06:46 - 0000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache
2013-10-24 14:46 - 2013-10-24 14:46 - 0361117 _____ () C:\Users\Mealnie Eisel\AppData\Local\newhb2.crx
2015-01-30 15:34 - 2015-01-30 15:34 - 0004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel
2015-02-19 19:16 - 2015-02-19 19:25 - 0007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg
2015-01-29 23:39 - 2015-01-29 23:39 - 0000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log
2015-01-29 23:40 - 2015-01-29 23:40 - 0000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml
2012-08-24 21:10 - 2012-09-15 16:25 - 0000041 ___SH () C:\ProgramData\.zreglib
2012-04-22 19:59 - 2012-05-29 12:03 - 0001804 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Mealnie Eisel\jobq.dat
C:\Users\Mealnie Eisel\Vuze_4.2.0.8a_windows.exe
Some content of TEMP:
====================
C:\Users\Mealnie Eisel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\BobyLyrics_1060-1090_v122.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\Extract.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\ffdshow.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\htmlayout.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel0.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel1.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\MatroskaSplitter.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\nse1E93.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nse2806.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nseAA76.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nseC854.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj11E5.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj1407.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj1B0A.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsjB89B.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsoB205.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsuB7EE.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsy9E08.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsz243F.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nszBFAC.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SaveSenseUpdateVer.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SP54699.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\sp64126.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\Sqlite3.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar46512836.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar7262907.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninst1.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall280380.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325028.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325215.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47038029.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47053879.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\?odec Performer803975.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2015
Ran by Mealnie Eisel at 2015-02-21 18:02:30
Running from C:\Users\Mealnie Eisel\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Trend Micro Maximum Security (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Maximum Security (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
A1 Internet Software (x32 Version: 8.1.0.55 - A1 Telekom Austria AG) Hidden
A1 Servicecenter (x32 Version: 1.1.0.11 - A1 Telekom Austria AG) Hidden
A1 Webassistent (x32 Version: 4.1.0.163 - A1 Telekom Austria) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.01) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{37C7C98A-3857-B7D4-D7BD-F0E8179E8AFD}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
Convert X to DVD 3.4.7.121 (HKLM-x32\...\{4C335AD4-6821-4028-9A6C-13943762DB55}) (Version: 3.4.7.121 - Black Angel Doom)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DirectDownloader (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\DirectDownloader) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
Extract-CloneCD 5.3.1.4 Final version 1.5 (HKLM-x32\...\Extract-CloneCD 5.3.1.4 Final_is1) (Version: 1.5 - )
FamilySearch Indexing 3.17.3 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.3 - FamilySearch)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.7.717 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.1.29.608 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.29.608 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - )
Lightshot-5.2.0.17 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.17 - Skillbrains)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero - Burning Rom (HKLM-x32\...\{A4D7B764-4140-11D4-88EB-0050DA3579C0}) (Version: 5.5.9 - ahead software gmbh)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Qtrax Player (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\2926320025.portal.qtrax.com) (Version: - portal.qtrax.com)
QuickShare (HKLM-x32\...\{B630320B-4B6A-4623-A05D-80DAA4C73CE9}) (Version: 1.38.61.10911 - Linkury Inc.) <==== ATTENTION
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6321 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Solid Converter PDF (HKLM-x32\...\{56BFAA6E-2BCC-4AED-9233-84731E66B205}) (Version: 7.1.934.0 - SolidDocuments)
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Trend Micro DirectPass (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)
Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1137 - Trend Micro Inc.)
Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden
Update for Video Converter (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\DSite) (Version: - ) <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Ihr Firmenname)
VCRT for DirectPass x64 (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (x32 Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
Video Converter Packages (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Video Converter Packages) (Version: - ) <==== ATTENTION
VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
Web Assistant 2.0.0.485 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.485 - IncrediBar) <==== ATTENTION
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WxDFast 1.66 (HKLM-x32\...\SP_a6a8650b) (Version: - )
wxDownload (HKLM-x32\...\{088DF54D-6FFC-8C91-02D5-A461DCC2E652}) (Version: - wxDownload)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-02-2015 22:32:25 Geplanter Prüfpunkt
20-02-2015 17:24:18 Installiert NETGEAR WNA3100 wireless USB 2.0 driver
20-02-2015 17:46:59 Wiederherstellungsvorgang
20-02-2015 18:01:08 Windows Update
20-02-2015 18:22:58 Wiederherstellungsvorgang
20-02-2015 18:46:38 Installiert NETGEAR WNA3100 wireless USB 2.0 adapter
20-02-2015 21:42:22 Removed SweetIM for Messenger 3.7
20-02-2015 21:47:50 Removed Update Manager for SweetPacks 1.1
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B0F8F6B-FE9D-4968-B43E-AE68F353DFE6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {0E544C56-C4C5-4336-839C-526CAFEEAAD8} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {1B6AB716-B0D4-496B-A7BC-BDE7EC4B6941} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {232D4D45-3E38-42B9-A9F2-88C8CEE732E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27] (Google Inc.)
Task: {3782A18F-D8E8-47B0-92CF-8DED7834BE56} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {4469BAC6-E004-477A-9CCC-27659159DAB2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {446AB000-BCA9-41E0-A716-369CF8720770} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {5778D6BC-140E-442D-BC49-E13CCC3B5248} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {62D14DB0-87D3-4038-A5CB-D3F97D7B2111} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18] (Adobe Systems Incorporated)
Task: {65DE8AD7-4C52-4413-8F89-56ED053B2CC8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {68C04B47-FC62-4E1C-A6CA-544954FB0B47} - System32\Tasks\RunAsStdUser Task => C:\Users\Mealnie Eisel\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe
Task: {68F5730E-F150-463B-91E0-5841AA9EB551} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {82308808-0CA2-4391-BA4B-73995E131984} - System32\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {89D02B36-C0AB-4732-94EF-0D3C4611FF16} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {9810F24E-D6C0-4021-AECB-3FCBC4F101D2} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {A0230023-54EB-4DE6-B6C2-CD58AE4EA6B5} - System32\Tasks\{ADAFEB43-C46A-4AEC-BC77-A2663C9A91BF} => pcalua.exe -a "C:\Users\Mealnie Eisel\Downloads\Vuze_4.2.0.8a_windows.exe" -d "C:\Users\Mealnie Eisel\Downloads"
Task: {A165EAC5-9A1F-4C22-A2B2-2617819322BA} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2012-07-03] (RealNetworks, Inc.)
Task: {B68DA53E-2739-4DAE-938E-73CCE7F27C1E} - System32\Tasks\StPrsSW => C:\Users\Mealnie [2012-05-30] ()
Task: {C5A42C39-16B7-4185-B725-13FCF1AA7DF7} - System32\Tasks\DSite => C:\Users\MEALNI~1\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C75446B8-9E13-4FF3-B310-92FA258ED398} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {DEE7C674-A008-4FDD-B794-41D16FC4D2FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {E128C7AB-8E11-465E-A568-A4F94A0DF789} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {ECFDBC74-5C02-454E-BB72-5852261B5233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27] (Google Inc.)
Task: {FBB3F25C-8D77-4CEB-BE7C-EA21518D1C70} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
|
|
22.02.2015, 18:51
| #7 |
| /// the machine /// TB-Ausbilder | PC sehr langsam, Programm lässt sich nicht deinstallieren. Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.02.2015, 22:13
| #8 |
| | Danke Hallo "Schrauber".... Vielen lieben DANK für die HILFE... Habe die Programme dank deiner Hilfe deinstallieren können bis auf den Web Assistant 2.0.0.485 (gehört irgendwie zu Google Chrome) , als ich dieses dann direkt mit der "Zielscheibe" aus den Programmen gelöscht habe, war mein Google Chrome auch futsch... Habe ihn wieder neu installiert. *thanks* Lg. Melanie |
|
23.02.2015, 16:37
| #9 |
| /// the machine /// TB-Ausbilder | PC sehr langsam, Programm lässt sich nicht deinstallieren. und der Rest?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.02.2015, 12:10
| #10 |
| | Rest Hallo Schrauber... Der REST konnte DANK deiner Hilfe restlos von meinem PC entfernt werden. Der PC "geht" nun ein bissl schneller.... Wenn ich im April meine Abfertigung für 18 1/2 Jahre bekomme, werde ich mir einen neuen PC zulegen, der von Profis für mich zusammengestellt, stärkere Leistung aufweist und aufgesetzt wird. Da ich Ahnenforschung betreibe und dadurch sehr viele wichtige Daten archiviert werden müssen, denke ich über die Möglichkeit von NASDAQ nach, damit diese nicht verloren gehen. Dies wäre für mich ansonsten der absolute worst case....  Lg. Melanie |
|
24.02.2015, 17:12
| #11 |
| /// the machine /// TB-Ausbilder | PC sehr langsam, Programm lässt sich nicht deinstallieren. Mit Rest meinte ich eigentlich eher den Rest der obigen Anleitung, Combofix. Der Rechner ist noch lange nicht sauber. Combofix kannste aber auch weglassen, aber dann das hier: Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.02.2015, 23:12
| #12 |
| | mbam.txtCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 27.02.2015 21:23:36, SYSTEM, MELANIEEISEL-HP, Protection, Malware Protection, Starting, Protection, 27.02.2015 21:23:37, SYSTEM, MELANIEEISEL-HP, Protection, Malware Protection, Started, Protection, 27.02.2015 21:23:37, SYSTEM, MELANIEEISEL-HP, Protection, Malicious Website Protection, Starting, Update, 27.02.2015 21:23:43, SYSTEM, MELANIEEISEL-HP, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, Update, 27.02.2015 21:23:43, SYSTEM, MELANIEEISEL-HP, Manual, Rootkit Database, 2014.11.18.1, 2015.2.25.1, Protection, 27.02.2015 21:23:47, SYSTEM, MELANIEEISEL-HP, Protection, Malicious Website Protection, Started, Update, 27.02.2015 21:24:08, SYSTEM, MELANIEEISEL-HP, Manual, Malware Database, 2014.11.20.6, 2015.2.27.8, Protection, 27.02.2015 21:24:08, SYSTEM, MELANIEEISEL-HP, Protection, Refresh, Starting, Protection, 27.02.2015 21:24:08, SYSTEM, MELANIEEISEL-HP, Protection, Malicious Website Protection, Stopping, Protection, 27.02.2015 21:24:13, SYSTEM, MELANIEEISEL-HP, Protection, Malicious Website Protection, Stopped, Protection, 27.02.2015 21:24:30, SYSTEM, MELANIEEISEL-HP, Protection, Refresh, Success, Protection, 27.02.2015 21:24:30, SYSTEM, MELANIEEISEL-HP, Protection, Malicious Website Protection, Starting, Protection, 27.02.2015 21:24:32, SYSTEM, MELANIEEISEL-HP, Protection, Malicious Website Protection, Started, (end) Code:
ATTFilter # AdwCleaner v4.111 - Bericht erstellt 27/02/2015 um 22:38:01
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Mealnie Eisel - MELANIEEISEL-HP
# Gestarted von : C:\Users\Mealnie Eisel\Downloads\AdwCleaner_4.111.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : WebOptimizer
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\iMesh
Ordner Gelöscht : C:\ProgramData\optimizerpro1
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\wxDownload
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload
Ordner Gelöscht : C:\Program Files (x86)\1ClickDownload
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\iMesh Applications
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\Red Sky
Ordner Gelöscht : C:\Program Files (x86)\VideoConverter
Ordner Gelöscht : C:\Program Files (x86)\YourFileDownloader
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT
Ordner Gelöscht : C:\Users\MEALNI~1\AppData\Local\Temp\NativeMessaging
Ordner Gelöscht : C:\Users\MEALNI~1\AppData\Local\Temp\Softonic
Ordner Gelöscht : C:\Program Files\Web Assistant
Ordner Gelöscht : C:\Windows\System32\ARFC
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\DirectDownloader
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\iMesh
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\NativeMessaging
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\LocalLow\mediabarim
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\LocalLow\wincoreimband
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\LocalLow\wxDownload
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\ExpressFiles
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\goforfiles
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\HPAppData
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\Media Finder
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\SearchProtect
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\YourFileDownloader
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\download Manager
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DirectDownloader
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl
Ordner Gelöscht : C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbajjgcocbjldbjjkbjpialgnmkfbobp
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\dmwu.exe
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Mealnie Eisel\daemonprocess.txt
Datei Gelöscht : C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
***** [ Geplante Tasks ] *****
Task Gelöscht : DSite
Task Gelöscht : Express FilesUpdate
Task Gelöscht : GoforFilesUpdate
Task Gelöscht : update-sys
Task Gelöscht : YourFile Update
Task Gelöscht : RunAsStdUser Task
Task Gelöscht : Go for FilesUpdate
Task Gelöscht : update-S-1-5-21-3101752624-4108848433-446223082-1000
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kbajjgcocbjldbjjkbjpialgnmkfbobp
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKCU\Software\Classes\keepmysearch
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Lightshot]
Schlüssel Gelöscht : HKCU\Software\Classes\MF
Schlüssel Gelöscht : HKCU\Software\e28dd9b33cee44
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKCU\Software\AVG Nation toolbar
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\ExpressFiles
Schlüssel Gelöscht : HKCU\Software\GoforFiles
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\MediaFinder
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Nation toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\ExpressFiles
Schlüssel Gelöscht : HKLM\SOFTWARE\GoforFiles
Schlüssel Gelöscht : HKLM\SOFTWARE\SP Global
Schlüssel Gelöscht : HKLM\SOFTWARE\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
Schlüssel Gelöscht : HKLM\SOFTWARE\YourFileDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{088DF54D-6FFC-8C91-02D5-A461DCC2E652}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WNLT
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17631
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Mozilla Firefox v
-\\ Google Chrome v40.0.2214.115
*************************
AdwCleaner[R0].txt - [25456 Bytes] - [27/02/2015 22:32:26]
AdwCleaner[S0].txt - [24442 Bytes] - [27/02/2015 22:38:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24502 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Mealnie Eisel on 27.02.2015 at 22:48:36,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
~~~ Files
Successfully deleted: [File] "C:\Users\Mealnie Eisel\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Mealnie Eisel\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Mealnie Eisel\appdata\locallow\addict-thing"
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{07B23158-B9DD-4B63-8D25-FADA2EAEEBD0}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{1D42BC7B-22E7-4429-B755-6304498FF9EC}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{1E43C791-C84A-4B4B-B049-002BCF78E2CC}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{20F1C799-2D85-4D33-9EAF-573DD707A6D4}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{28733ED0-76AB-4761-82D3-76BDD3DCDE0F}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{2AD592C0-2956-49A5-82CF-9EFB96FF05C7}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{33F5B8D4-F1B0-4125-A487-4769F717F5B0}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{34AA854F-BF3F-4247-8471-F90DA9A49C2C}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{3C31AFE1-A059-41DC-8726-68B6FC216FB9}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{3CE1BF9E-698E-426F-965D-709DE31C03CD}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{3F1ED67D-6117-4551-977D-20E83B5DFFDE}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{40E88C8E-F888-4476-8601-C11B8B2EE8A8}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{4F8B7636-2656-44F0-9263-11269A26A453}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{54C07A02-EC6E-46A1-9BE1-1615B202CBDC}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{6822684B-BD85-410F-AA9F-180314799132}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{6C995C67-FE2F-4698-8D2A-9A841B07066C}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{6E6C0843-23F6-4985-B6F5-05ED2D4AB15D}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{7401284C-908A-417A-BD12-FFA12E179B99}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{78D42C5C-A39A-4897-8C28-F611BDD399A5}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{802CCBBE-BF78-4BCE-94FA-9BBB6141099B}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{8ED16C43-6372-4542-898E-3E90603664CF}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{9B999F7D-C800-4313-8F05-50DC27236BA2}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{A0C093F8-DED9-42ED-A232-B8967ACF2DB6}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{BD2D77A3-7A77-42C1-9460-0F81205F6256}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{C776416C-47E0-48D4-A8ED-6DD68A20DDE3}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{D4276FB7-2E49-47F3-A2B6-75A8E9973881}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{EC313ECC-24E1-458F-9520-BA66E5ECE180}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{EEA13608-595E-4F91-837F-553E45DE3400}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{F018E05B-8650-48AB-B420-41A33F2959E6}
Successfully deleted: [Empty Folder] C:\Users\Mealnie Eisel\appdata\local\{F5AB1F05-DEF8-4D3F-BF9A-2390EC6FFEDE}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.02.2015 at 23:01:46,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01 Ran by Mealnie Eisel (administrator) on MELANIEEISEL-HP on 27-02-2015 23:05:12 Running from C:\Users\Mealnie Eisel\Downloads Loaded Profiles: Mealnie Eisel (Available profiles: Mealnie Eisel) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe (Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64 (2).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2007592 2014-11-27] (Trend Micro Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-04] (Advanced Micro Devices, Inc.) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {2ba5caa5-8189-11e2-81c0-3cd92b58676f} - I:\NokiaPCIA_Autorun.exe HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {9a8fbf65-8dba-11e3-bd0d-3cd92b58676f} - G:\iLinker.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.) BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.) BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.) Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM-x32 - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.) Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.) Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.) Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.) Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.) Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-20] (EasyBits Software Corp.) ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: |$EXTENSION_NAME$| - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-04-02] FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-22] FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-03] FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-02-03] FF HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: Default -> hxxp://www.google.at/ CHR StartupUrls: Default -> "https://www.google.at/", "hxxp://www.facebook.com/", "hxxp://user.webnode.com/servers/auth/?is_logged=1&domain=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Flogin%2F&project_id=9657061&refurl=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Fadmin%2F" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03] CHR Extension: (Google Docs) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08] CHR Extension: (Google Drive) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08] CHR Extension: (TV) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-04] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05] CHR Extension: (YouTube) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10] CHR Extension: (Google Search) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10] CHR Extension: (Google Sheets) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-09-08] CHR Extension: (Google Wallet) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03] CHR Extension: (Trend Micro Toolbar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-02-03] CHR Extension: (Gmail) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09] CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-07-03] CHR HKLM-x32\...\Chrome\Extension: [mkcaingkodcbhcaaaeopicigkejmgknj] - C:\ProgramData\ADDICT-THING\mkcaingkodcbhcaaaeopicigkejmgknj.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] S4 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-05-30] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc) R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [325656 2014-11-27] (Trend Micro Inc.) R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2011-10-21] (Solid Documents, LLC) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed] R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] () S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=qb -dt=60000 -ad -bt=0 [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2014-11-27] (Trend Micro Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-27] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.) R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.) R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.) R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.) R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.) R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.) R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-27 23:04 - 2015-02-27 23:04 - 02087936 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64 (2).exe 2015-02-27 23:01 - 2015-02-27 23:01 - 00004505 _____ () C:\Users\Mealnie Eisel\Desktop\JRT.txt 2015-02-27 22:47 - 2015-02-27 22:48 - 01388274 _____ (Thisisu) C:\Users\Mealnie Eisel\Downloads\JRT.exe 2015-02-27 22:32 - 2015-02-27 22:39 - 00000000 ___DC () C:\AdwCleaner 2015-02-27 22:30 - 2015-02-27 22:31 - 02126848 _____ () C:\Users\Mealnie Eisel\Downloads\AdwCleaner_4.111.exe 2015-02-27 22:27 - 2015-02-27 22:27 - 00001444 _____ () C:\Users\Mealnie Eisel\Desktop\mbam.txt 2015-02-27 21:23 - 2015-02-27 22:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-27 21:22 - 2015-02-27 21:22 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-02-27 21:22 - 2015-02-27 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-27 21:22 - 2015-02-27 21:22 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-02-27 21:22 - 2015-02-27 21:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-02-27 21:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-02-27 21:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-02-27 21:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-02-27 21:15 - 2015-02-27 21:17 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Mealnie Eisel\Downloads\mbam-setup-2.0.4.1028.exe 2015-02-27 21:00 - 2015-02-27 22:42 - 00003370 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000 2015-02-27 21:00 - 2015-02-27 22:42 - 00003252 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000 2015-02-25 23:20 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 23:20 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-23 17:40 - 2015-02-23 17:40 - 01167680 _____ (Elex do Brasil Participações Ltda) C:\Users\Mealnie Eisel\Downloads\yet_another_cleaner_mmacn.exe 2015-02-22 21:54 - 2015-02-22 21:54 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-02-22 21:54 - 2015-02-22 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-02-22 21:52 - 2015-02-22 21:59 - 06103040 _____ () C:\Program Files (x86)\GUT351E.tmp 2015-02-22 21:52 - 2015-02-22 21:52 - 00000000 ____D () C:\Program Files (x86)\GUM34B0.tmp 2015-02-22 19:57 - 2015-02-22 20:00 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\Microsoft Games 2015-02-22 19:11 - 2015-02-22 19:11 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-02-22 19:07 - 2015-02-22 19:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mealnie Eisel\Downloads\revosetup95.exe 2015-02-21 18:05 - 2015-02-21 18:05 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64.exe 2015-02-21 18:02 - 2015-02-21 18:03 - 00023044 _____ () C:\Users\Mealnie Eisel\Downloads\Addition.txt 2015-02-21 17:58 - 2015-02-27 23:05 - 00026889 _____ () C:\Users\Mealnie Eisel\Downloads\FRST.txt 2015-02-21 17:57 - 2015-02-27 23:05 - 00000000 ___DC () C:\FRST 2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64 (1).exe 2015-02-20 23:00 - 2015-02-20 23:00 - 00023011 _____ () C:\Users\Mealnie Eisel\Downloads\GermanTOP100SingleCharts02022015-NoGroup - ThePirateBay.TO.torrent 2015-02-20 21:46 - 2015-02-20 21:46 - 00000000 __SHD () C:\Users\Mealnie Eisel\AppData\Local\EmieBrowserModeList 2015-02-20 18:50 - 2015-02-20 18:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf 2015-02-20 18:48 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys 2015-02-20 18:48 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2015-02-20 18:47 - 2015-02-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie 2015-02-20 18:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll 2015-02-20 18:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys 2015-02-20 17:23 - 2015-02-20 17:23 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\NETGEAR 2015-02-19 19:16 - 2015-02-19 19:25 - 00007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg 2015-02-19 10:32 - 2015-02-26 23:32 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Tagesordner 2015-02-13 13:39 - 2015-02-13 13:39 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Passwörter 2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BEWERBUNGEN 2015-02-12 22:16 - 2015-02-12 22:16 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\VERKAUF - BESTELLUNGEN 2015-02-12 22:13 - 2015-02-27 22:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Outlook-Dateien 2015-02-12 22:12 - 2015-02-12 22:27 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\ANTRÄGE - Verträge 2015-02-12 22:11 - 2015-02-12 22:31 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\DOKUMENTE Urkunden 2015-02-12 22:03 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FRANZ 2015-02-12 21:59 - 2015-02-12 22:01 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kündigung Verträge 2015-02-12 21:54 - 2015-02-12 22:30 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\OPA Wilfling 2015-02-12 21:54 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kredite - Finanzierungen 2015-02-12 21:53 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Unterschriften 2015-02-12 13:05 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-12 13:05 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-12 13:05 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-12 13:05 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-11 11:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 11:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 11:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 11:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 11:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 11:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 11:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 11:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 11:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 11:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 11:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 11:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 11:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-11 11:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 11:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 11:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 11:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 11:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-11 11:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 11:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 11:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 11:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 11:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-11 11:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-11 11:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 11:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 11:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 11:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 11:19 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 11:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 11:19 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 11:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-11 11:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-11 11:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 11:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 11:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 11:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 11:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-11 11:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 11:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 11:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 11:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 11:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 11:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 11:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 11:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 11:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 11:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 11:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 11:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 11:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 11:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 11:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-11 11:10 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 11:10 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 11:10 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 11:10 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 11:10 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 11:10 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 11:10 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 11:10 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 11:10 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-11 11:10 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-11 11:10 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-11 11:10 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 11:10 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-11 11:10 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 11:10 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 11:08 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 11:08 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-11 11:08 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-11 11:08 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-11 11:08 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-02-11 11:08 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-02-11 11:07 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 11:07 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 11:07 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-11 11:07 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-11 11:07 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-11 11:06 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 11:06 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 11:04 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 11:04 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-11 11:04 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-11 11:04 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-11 11:04 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 11:04 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 11:04 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-11 10:55 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-10 22:35 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Meldezettel 2015-02-03 07:36 - 2015-02-03 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Password Manager 2015-02-03 07:26 - 2015-02-03 07:27 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe 2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 ____C (Trend Micro Inc.) C:\kbfilter.sys 2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\kbfilter.sys 2015-02-03 07:23 - 2014-11-27 11:03 - 00007799 ____C () C:\kbfilter.cat 2015-02-03 07:23 - 2014-11-27 11:03 - 00000098 ____C () C:\install.bat 2015-02-03 07:23 - 2014-11-27 11:03 - 00000081 ____C () C:\uninstall.bat 2015-02-03 07:06 - 2015-02-03 07:06 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\Trend Micro 2015-02-03 07:05 - 2015-02-03 07:05 - 00000000 __HDC () C:\TMRescueDisk 2015-02-03 07:04 - 2015-02-03 07:36 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2015-02-03 07:03 - 2015-02-03 07:03 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security 2015-02-03 07:01 - 2014-07-14 08:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys 2015-02-03 07:01 - 2014-07-14 08:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys 2015-02-03 07:01 - 2014-07-14 08:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys 2015-02-03 07:01 - 2014-07-09 17:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys 2015-02-03 07:01 - 2014-07-09 17:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys 2015-02-03 07:00 - 2014-07-09 17:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys 2015-02-03 07:00 - 2014-06-30 12:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys 2015-02-03 06:57 - 2015-02-03 06:57 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat 2015-02-03 06:55 - 2015-02-22 12:41 - 00000000 ____D () C:\ProgramData\Trend Micro 2015-02-03 06:55 - 2015-02-03 07:04 - 00000000 ____D () C:\Program Files\Trend Micro 2015-02-03 06:46 - 2015-02-03 06:46 - 00000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache 2015-02-02 23:08 - 2015-02-02 23:09 - 06630832 _____ (Trend Micro Inc.) C:\Users\Mealnie Eisel\Downloads\Trend_Micro_Maximum_Security_2015.exe 2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015.zip 2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015 (1).zip 2015-02-02 19:39 - 2015-02-16 18:07 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Referat Michelle und Jana 2015-02-01 18:42 - 2015-02-01 18:42 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Lightshot 2015-01-30 15:34 - 2015-01-30 15:34 - 00004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel 2015-01-29 23:40 - 2015-01-29 23:40 - 00000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml 2015-01-29 23:39 - 2015-01-29 23:39 - 00000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log 2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\Program Files (x86)\Skillbrains 2015-01-29 23:38 - 2015-01-29 23:38 - 02452808 _____ (Skillbrains ) C:\Users\Mealnie Eisel\Downloads\setup-lightshot.exe 2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c.ged 2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c (1).ged ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-27 22:54 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-27 22:54 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-27 22:41 - 2012-11-27 20:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-27 22:41 - 2011-09-20 13:51 - 00000000 ____D () C:\ProgramData\PDFC 2015-02-27 22:41 - 2010-11-21 04:47 - 01523908 _____ () C:\Windows\PFRO.log 2015-02-27 22:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-27 22:41 - 2009-07-14 05:51 - 00150756 _____ () C:\Windows\setupact.log 2015-02-27 22:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security 2015-02-27 22:40 - 2012-04-18 19:57 - 02061044 _____ () C:\Windows\WindowsUpdate.log 2015-02-27 22:39 - 2012-04-22 18:03 - 00001013 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-27 22:38 - 2012-04-18 20:00 - 00000000 ____D () C:\Users\Mealnie Eisel 2015-02-27 22:27 - 2014-03-20 17:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-27 22:14 - 2012-11-27 20:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-27 21:41 - 2012-09-23 20:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB65BFAC-209A-4527-8F2B-815F00D69B53} 2015-02-25 21:38 - 2011-09-20 12:45 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2015-02-25 21:38 - 2011-09-20 12:45 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2015-02-25 21:38 - 2009-07-14 06:13 - 00844356 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-23 17:34 - 2012-05-23 21:16 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\CrashDumps 2015-02-22 21:57 - 2012-10-28 09:31 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Computerprogramme 2015-02-22 21:54 - 2012-11-27 20:55 - 00000000 ____D () C:\Program Files (x86)\Google 2015-02-21 14:04 - 2012-12-29 11:50 - 00000000 ____D () C:\Program Files (x86)\SmartTools 2015-02-21 00:37 - 2012-09-15 16:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Azureus 2015-02-20 23:46 - 2012-11-01 13:05 - 00000000 ____D () C:\Windows\pss 2015-02-20 21:52 - 2012-12-29 11:50 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools 2015-02-20 21:51 - 2015-01-17 22:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Add-in Express 2015-02-20 21:31 - 2014-08-21 19:59 - 00000000 ____D () C:\Program Files\Saturn 2015-02-20 18:47 - 2012-04-19 18:35 - 00000000 ____D () C:\Program Files (x86)\NETGEAR 2015-02-20 18:47 - 2011-09-20 13:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-20 18:38 - 2012-04-22 19:59 - 00000000 ____D () C:\ProgramData\HP 2015-02-20 18:38 - 2012-04-21 19:20 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\PhotoScape 2015-02-20 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2015-02-20 18:34 - 2012-07-03 18:43 - 00000000 ____D () C:\ProgramData\Real 2015-02-18 20:17 - 2015-01-12 19:03 - 00000000 ____D () C:\Users\Mealnie Eisel\Nintendo Spiele 2015-02-18 10:24 - 2013-02-13 19:27 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Ahnenforschung 2015-02-16 11:30 - 2013-10-13 20:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Bücher & Zeitschriften 2 2015-02-13 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-13 15:31 - 2015-01-24 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\StPrsSW 2015-02-12 22:44 - 2012-08-25 19:26 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Bibliothek 2015-02-12 22:32 - 2013-02-11 18:11 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Versicherung 2015-02-12 22:30 - 2012-08-25 19:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Schriftverkehr 2015-02-12 22:30 - 2012-05-21 18:26 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Sabrina 2015-02-12 22:28 - 2012-08-28 21:36 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BANK 2015-02-12 22:24 - 2013-02-11 17:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FINANZAMT 2015-02-12 22:23 - 2014-10-15 15:58 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Rechnungen1 2015-02-12 22:17 - 2012-05-30 14:55 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Melanie 2015-02-12 19:23 - 2014-08-21 20:15 - 00000000 ____D () C:\ProgramData\tmp 2015-02-12 18:41 - 2013-02-02 13:10 - 00000000 ____D () C:\Users\Mealnie Eisel\BANK 2015-02-12 12:24 - 2009-07-14 05:45 - 05033560 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 12:21 - 2014-12-11 11:03 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 12:21 - 2014-05-07 06:10 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-11 23:44 - 2012-04-21 09:39 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-11 23:44 - 2009-07-14 03:34 - 00000513 _____ () C:\Windows\win.ini 2015-02-11 23:41 - 2013-07-24 17:54 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-11 23:24 - 2012-05-03 20:44 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-09 15:43 - 2012-04-23 20:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Eigene Scans 2015-02-05 20:26 - 2014-03-20 17:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-05 20:26 - 2012-10-09 18:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-05 20:26 - 2012-10-09 18:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-05 13:10 - 2012-11-27 20:56 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-05 13:09 - 2012-11-27 20:56 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-03 07:58 - 2013-03-17 15:51 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Video Converter Packages 2015-02-03 07:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2015-02-03 07:24 - 2012-05-30 13:34 - 00000000 ____D () C:\Windows\AutoKMS 2015-02-03 07:04 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-02-03 06:51 - 2013-07-27 14:46 - 00000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG 2015-02-03 06:34 - 2012-05-22 19:11 - 00000000 ____D () C:\ProgramData\Adobe 2015-02-03 06:33 - 2012-05-22 19:12 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-02-03 06:25 - 2012-05-30 13:34 - 00003486 _____ () C:\Windows\System32\Tasks\AutoKMS 2015-02-02 23:04 - 2012-06-03 18:09 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-02-02 22:32 - 2014-04-02 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-02 22:31 - 2013-04-08 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Norton Utilities 16 2015-02-02 22:31 - 2011-09-20 13:34 - 00000000 ____D () C:\ProgramData\Temp 2015-02-02 19:40 - 2013-04-09 18:00 - 00008058 _____ () C:\Windows\SysWOW64\AppLog.log 2015-02-02 17:01 - 2013-05-06 16:00 - 00260592 _____ () C:\Windows\SysWOW64\Engines.log 2015-01-30 15:17 - 2012-06-19 14:15 - 00000000 ____D () C:\Users\Mealnie Eisel\.gimp-2.8 ==================== Files in the root of some directories ======= 2015-02-22 21:52 - 2015-02-22 21:59 - 6103040 _____ () C:\Program Files (x86)\GUT351E.tmp 2012-11-01 14:53 - 2013-08-10 21:39 - 0000671 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\vso_ts_preview.xml 2013-07-27 14:46 - 2015-02-03 06:51 - 0000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG 2013-06-21 14:48 - 2013-06-28 15:23 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q2-TTL.DAT 2013-12-31 15:46 - 2014-01-03 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q5-TTL.DAT 2013-06-16 14:46 - 2014-01-27 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-TTL.DAT 2013-07-16 21:20 - 2013-07-16 21:22 - 145394418 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload 2013-07-16 21:20 - 2013-07-16 21:22 - 0001811 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload.aamd 2012-09-23 21:01 - 2012-09-23 21:08 - 0004608 _____ () C:\Users\Mealnie Eisel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-09-15 16:40 - 2012-09-15 16:40 - 0027520 _____ () C:\Users\Mealnie Eisel\AppData\Local\dt.dat 2015-02-03 06:46 - 2015-02-03 06:46 - 0000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache 2013-10-24 14:46 - 2013-10-24 14:46 - 0361117 _____ () C:\Users\Mealnie Eisel\AppData\Local\newhb2.crx 2015-01-30 15:34 - 2015-01-30 15:34 - 0004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel 2015-02-19 19:16 - 2015-02-19 19:25 - 0007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg 2015-01-29 23:39 - 2015-01-29 23:39 - 0000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log 2015-01-29 23:40 - 2015-01-29 23:40 - 0000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml 2012-08-24 21:10 - 2012-09-15 16:25 - 0000041 ___SH () C:\ProgramData\.zreglib 2012-04-22 19:59 - 2012-05-29 12:03 - 0001804 _____ () C:\ProgramData\hpzinstall.log Files to move or delete: ==================== C:\Users\Mealnie Eisel\jobq.dat C:\Users\Mealnie Eisel\Vuze_4.2.0.8a_windows.exe Some content of TEMP: ==================== C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\Extract.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\ffdshow.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\htmlayout.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel0.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel1.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\MatroskaSplitter.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\Quarantine.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\SP54699.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\sp64126.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\Sqlite3.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar46512836.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninst1.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325028.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325215.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47053879.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\UninstallHPSA.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 13:46 ==================== End Of Log ============================ --- --- --- --- --- --- Hallo Schrauber.... Hoffe das ich alles richtig gemacht habe...  Lg. Melanie |
|
28.02.2015, 12:34
| #13 |
| /// the machine /// TB-Ausbilder | PC sehr langsam, Programm lässt sich nicht deinstallieren.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.03.2015, 21:18
| #14 |
| | ESET.log.txtCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ce130c3a33a5a144a6d88740221683d4
# engine=22698
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-01 07:26:58
# local_time=2015-03-01 08:26:58 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Trend Micro Maximum Security'
# compatibility_mode=527 16777213 100 100 162822 19354923 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 51642973 176867868 0 0
# scanned=789953
# found=121
# cleaned=83
# scan_time=23946
sh=310A479FE964693C4ADA6B1E5EB445499823487D ft=1 fh=262868985b94de90 vn="Variante von Win32/InstalleRex.U evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\_Setupx.dll"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{68FC2B43-26DF-7198-9373-6EFDB31F09B5}\_Setupx.dll"
sh=4759543B3ED7F32B3987F8DCCE1F95F94134E268 ft=1 fh=93e398a40953e8c9 vn="Variante von Win32/InstalleRex.U evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{FCF1F52A-CD12-F218-C4E1-C92FF8DD0457}\_Setupx.dll"
sh=3400046C996E0D40BFDA36663BE83C5AF213497E ft=1 fh=ee0b8dcbe432084b vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\escortShld.dll"
sh=C9B1C1D6B536D17E425934058F0D49A0876B8C14 ft=1 fh=0271089e341685c4 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\uninstall.exe"
sh=B268732563F607687B0B5E63991763FEBF315D46 ft=1 fh=a9a8061b52917652 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\bh\delta.dll"
sh=9ED38A88BCBBCF2E5EC5FCBD8CF24DF5E418553A ft=1 fh=99b9587a530f83f4 vn="Variante von Win32/InstallBrain.H evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Uninstall Information\ib_uninst_514\uninstall.exe"
sh=9ED38A88BCBBCF2E5EC5FCBD8CF24DF5E418553A ft=1 fh=99b9587a530f83f4 vn="Variante von Win32/InstallBrain.H evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Uninstall Information\ib_uninst_569\uninstall.exe"
sh=6F3A3B433459E6773C9FBE8CFB154DB6534EFA86 ft=1 fh=60bff0ff01dbe663 vn="Variante von Win32/InstallCore.A evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\VideoConverter\VideoConverter.exe"
sh=3E37507BBD4C0287689634B2CDD77E59679681AF ft=1 fh=cbd9e88b633aff58 vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Vuze\.install4j\user\mism.exe"
sh=8A09A270D06E023110DFCB19538293F3EC750881 ft=1 fh=4bafcc2dac870a7f vn="Variante von Win32/SProtector.A evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\WxDFast\sprotector.dll"
sh=42FD62771017AE5FC1F502DA73CA29497C85EA60 ft=1 fh=b213a3e37dc51115 vn="Variante von Win32/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\WxDFast\uninstall.exe"
sh=20D8054196C94236BF69C78FF9122185A34B4348 ft=1 fh=c21cbc2eeb28013b vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Yontoo\YontooIEClient.dll"
sh=23A64C5EE89583A78C8FBD361F111765EBDE8DAF ft=1 fh=7deac2e14e95319a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Computerprogramme3\FreeYouTubeDownload_29.exe"
sh=FD7A99E4A1B4A7573D5A1DAC23588465F86B3421 ft=1 fh=e4127c332769b14f vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Computerprogramme3\SoftonicDownloader66221.exe"
sh=1006F68BBDD4CDA69C8D0E6A066A52A354456340 ft=1 fh=370122eec8520dbe vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Computerprogramme3\vlc_1.0.5_win32.exe"
sh=20D4414C399AAB10065D4D4C6A75EA43B6A7867D ft=1 fh=acfdc31bacb2ecfc vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Downloads3\Facemoods.exe"
sh=070DD1ECA22997991C402CC7533609E8C068E37F ft=1 fh=d1a922e3ea894c18 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Downloads3\FreeVideoToDVDConverter.exe"
sh=6D95DFA3F44A1D710D44158561798BD7DBD503AD ft=1 fh=0ec585c6abab741d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Downloads3\FreeVideoToJPGConverter.exe"
sh=BC9C15BF55E28B1027E0A1C37FA50CD9CED9741E ft=1 fh=b91ecc9c37799f37 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Downloads3\FreeYouTubeUploader.exe"
sh=CC73C98D7DBC183B186B6A7DC071F58171A0AEAD ft=1 fh=817919ddda30fd18 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Downloads3\registrybooster.exe"
sh=55E785C503CF5C7DCB1D2B647BF389C71892E52F ft=1 fh=2d25ebd84474db9d vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="I:\Melanie Festplatte Fujitsu\Downloads3\SoftonicDownloader_fuer_pdf24-pdf-creator.exe"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe"
sh=5C4422B8A162AFE9048E367C5B9C1932CCA25A9E ft=1 fh=2958be9b3cb0c285 vn="Win32/Toolbar.Conduit.AC evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Conduit\CT3281675\plugins\TBVerifier.dll"
sh=1409EBB3A3E32D47579100DF86DC75C2C3251B1D ft=1 fh=1bb22fea6c29b3c4 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\deltaApp.dll"
sh=D698B030B32596B463C472026A960115CF8BA08D ft=1 fh=757d60309ad51e46 vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\deltaEng.dll"
sh=FF2381AE65749BA610DF97FAF88952CF15FEF138 ft=1 fh=d64f7ddedf260d1b vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\deltasrv.exe"
sh=074AD2C240AB3B311E098DA70E99C4C89063B7C8 ft=1 fh=6104037dd21597ba vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\deltaTlbr.dll"
sh=3400046C996E0D40BFDA36663BE83C5AF213497E ft=1 fh=ee0b8dcbe432084b vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\escortShld.dll"
sh=C9B1C1D6B536D17E425934058F0D49A0876B8C14 ft=1 fh=0271089e341685c4 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\uninstall.exe"
sh=B268732563F607687B0B5E63991763FEBF315D46 ft=1 fh=a9a8061b52917652 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\bh\delta.dll"
sh=9ED38A88BCBBCF2E5EC5FCBD8CF24DF5E418553A ft=1 fh=99b9587a530f83f4 vn="Variante von Win32/InstallBrain.H evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Uninstall Information\ib_uninst_514\uninstall.exe"
sh=9ED38A88BCBBCF2E5EC5FCBD8CF24DF5E418553A ft=1 fh=99b9587a530f83f4 vn="Variante von Win32/InstallBrain.H evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Uninstall Information\ib_uninst_569\uninstall.exe"
sh=6F3A3B433459E6773C9FBE8CFB154DB6534EFA86 ft=1 fh=60bff0ff01dbe663 vn="Variante von Win32/InstallCore.A evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\VideoConverter\VideoConverter.exe"
sh=3E37507BBD4C0287689634B2CDD77E59679681AF ft=1 fh=cbd9e88b633aff58 vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Vuze\.install4j\user\mism.exe"
sh=8A09A270D06E023110DFCB19538293F3EC750881 ft=1 fh=4bafcc2dac870a7f vn="Variante von Win32/SProtector.A evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\WxDFast\sprotector.dll"
sh=42FD62771017AE5FC1F502DA73CA29497C85EA60 ft=1 fh=b213a3e37dc51115 vn="Variante von Win32/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\WxDFast\uninstall.exe"
sh=20D8054196C94236BF69C78FF9122185A34B4348 ft=1 fh=c21cbc2eeb28013b vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="I:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Yontoo\YontooIEClient.dll"
sh=4333CB9813FF250F1D3548F40B5E93254011FF94 ft=1 fh=f3ce5856c9729f07 vn="Variante von Win32/Toolbar.BitCocktail.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\InstallerHelper.dll.vir"
sh=47DDE5DDC4EF1CFB63F8018FBD87AE68E6491A95 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Firefox\chrome\content\main.js.vir"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=5C4422B8A162AFE9048E367C5B9C1932CCA25A9E ft=1 fh=2958be9b3cb0c285 vn="Win32/Toolbar.Conduit.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\CT3281675\plugins\TBVerifier.dll.vir"
sh=6F3A3B433459E6773C9FBE8CFB154DB6534EFA86 ft=1 fh=60bff0ff01dbe663 vn="Variante von Win32/InstallCore.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoConverter\VideoConverter.exe.vir"
sh=5F83EC091F2E56C574A626FFEF768EFB632D7EDE ft=1 fh=4031d79ff4418eb0 vn="Win32/GenUpdater evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\optimizerpro1\runtime.dll.vir"
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="Variante von Win32/Adware.Yontoo.B Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=EAC0D67EE27F6DE9EB54C88EF0520AC23FF419AE ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\wxDownload\5091989b4dc9c.html.vir"
sh=20EF074CAE364B98161459E7EE3DD811D6873451 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\wxDownload\kbajjgcocbjldbjjkbjpialgnmkfbobp.crx.vir"
sh=8E4CC5443FA49294260767E12CEAE49F8E73A1E8 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbajjgcocbjldbjjkbjpialgnmkfbobp\4_0\50919718d2b9d1351718680.js.vir"
sh=CAC2EE8DDF6A64B037A357017CA4C4221141BD70 ft=1 fh=6d3baa21187c5208 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Mealnie Eisel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=079F5212D0CC3059077736D55C4B04C6CBBFD2B8 ft=1 fh=573a726a370e6e65 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Mealnie Eisel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Mealnie Eisel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir"
sh=678148EE00B38B9AAD38C549719F66F1D4E16604 ft=1 fh=0b483d240f3d026b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Mealnie Eisel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=714331D93476EA651807B6C995D40DDC337AD838 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.DU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Mealnie Eisel\AppData\LocalLow\wxDownload\5091989b4dcd4.js.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=9ED38A88BCBBCF2E5EC5FCBD8CF24DF5E418553A ft=1 fh=99b9587a530f83f4 vn="Variante von Win32/InstallBrain.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Uninstall Information\ib_uninst_514\uninstall.exe"
sh=9ED38A88BCBBCF2E5EC5FCBD8CF24DF5E418553A ft=1 fh=99b9587a530f83f4 vn="Variante von Win32/InstallBrain.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Uninstall Information\ib_uninst_569\uninstall.exe"
sh=3E37507BBD4C0287689634B2CDD77E59679681AF ft=1 fh=cbd9e88b633aff58 vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Vuze\.install4j\user\mism.exe"
sh=310A479FE964693C4ADA6B1E5EB445499823487D ft=1 fh=262868985b94de90 vn="Variante von Win32/InstalleRex.U evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\InstallMate\{19355D02-0E24-4300-B23F-EC963C772066}\_Setupx.dll"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\InstallMate\{68FC2B43-26DF-7198-9373-6EFDB31F09B5}\_Setupx.dll"
sh=4759543B3ED7F32B3987F8DCCE1F95F94134E268 ft=1 fh=93e398a40953e8c9 vn="Variante von Win32/InstalleRex.U evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\ProgramData\InstallMate\{FCF1F52A-CD12-F218-C4E1-C92FF8DD0457}\_Setupx.dll"
sh=8B2FBDE7017D7667ED5F801F9CFFDC77670417CD ft=1 fh=9ae7f7a1130acaa4 vn="Variante von Win32/InstallShare.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\InstallShare\2_15009_installer.exe"
sh=794FE79E188BD68FE378128D8236D6689485502B ft=1 fh=46ef57f44b8d8672 vn="Variante von Win32/ExpressFiles.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325028.exe"
sh=CCD90EE6E9B1ADFF9657E8F2C126BC6CB5C2EB24 ft=1 fh=91473923cd86549e vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\Temp\is-ED6AT.tmp\OptProCrash.dll"
sh=CB04CF2E1FF180F393AECD6A8EFE2243B2A8A42F ft=1 fh=a6c36641ec230d7e vn="Win32/ELEX.AJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\Temp\n1015\webssearches_0905-11f33b8c.exe"
sh=8D542157131284FCFB9D9537665A5751F5736E20 ft=1 fh=c71c0011a3c61ca5 vn="Variante von Win32/AdWare.HotBar.T Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\Temp\nsz1AC.tmp\Install.dll"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\Temp\upd29EF\BabMaint.x"
sh=7664F6A327E5201011200E703489577A0971AB77 ft=1 fh=c71c0011451c6a93 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\Temp\upd29EF\BUSolution.x"
sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\Temp\{77DFCD15-CAE4-4DDB-A190-ECAC173A43CA}\setup.exe"
sh=DB5E4E4F64BAA359255F230C658BE286E266892A ft=1 fh=cc4c339215781df4 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\AppData\Local\Temp\{C280A9E7-64FC-4092-80CF-CC9222D94E3E}\setup.exe"
sh=1EFC26161846D31105C13D22A4BC1E9462773575 ft=1 fh=8016a4094638baae vn="Win32/ELEX.BY evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mealnie Eisel\Downloads\yet_another_cleaner_mmacn.exe"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=A70EFAB5F2D2D83AD2B7E0304169C73F6D0EC700 ft=1 fh=011924ad9c4ebdbf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=23B3E5F508EB6FC76D67A873A5AAC2D34C3CE5E1 ft=1 fh=b86fe1495473b541 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Communicator\mgcommon.dll"
sh=7DB65607A18C67C0C8C0310E0FF23A202AB3F070 ft=1 fh=9f565fd3b0ad3b83 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Communicator\mgcommunication.dll"
sh=3176C30E3A30990C42C968951B6BB2ADFD0B1C00 ft=1 fh=12a0591694d39321 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Communicator\mgsimcommon.dll"
sh=08647AB20AED7B8385931FDF5B4A48165131A061 ft=1 fh=b4c21070436958b0 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Communicator\mgxml_wrapper.dll"
sh=C6A9FB024D614702667E0768E0B673BA3A31F504 ft=1 fh=aa62bac49704426f vn="Variante von Win32/SweetIM.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Communicator\SweetPacksUpdateManager.exe"
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Communicator\resources\sqlite\mgSqlite3.dll"
sh=721CF1EB4D08F0E398C1FF4DD60418B2C3B1F251 ft=1 fh=76d9c3b1ddabf16b vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\ContentPackagesActivationHandler.exe"
sh=632F8C4E3211B853162BA9FAA5E2C5DD183410AE ft=1 fh=2b963662ff145a5f vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgAdaptersProxy.dll"
sh=72EF877DC8F68917C3A3DFEC410CA918F883D65B ft=1 fh=bb5c7d466240515d vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgArchive.dll"
sh=EC698435956BB659F58EA2FEAC2F77C05A34E88C ft=1 fh=3c4d9042e8d654c2 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgcommon.dll"
sh=FDDACB12BE22CD908B31CCE495E8E09A4AC27543 ft=1 fh=a3c7fa381f3fa71e vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgcommunication.dll"
sh=4951DA48B889C75F0C26459AB9805185A4109D3C ft=1 fh=560800bb6ccf20c0 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgconfig.dll"
sh=1FDC35500193716178B1D52990F2B9DF9F2CACF3 ft=1 fh=bc165621979bb64e vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgFlashPlayer.dll"
sh=E601752F4FFF43B60EB869F967DA6296A9B1012F ft=1 fh=95d32721a7b63a1d vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mghooking.dll"
sh=0B610A4502EDFABB557083A2B09C8A5BE1950885 ft=1 fh=dca33625513b64d0 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgICQAuto.dll"
sh=6306B1538EB6A2FF95B4F093E406EFD2CCF432F6 ft=1 fh=d3def728bfa40354 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgICQMessengerAdapter.dll"
sh=B65DC7C70D149522DCE8E177CEF15F5A443035BB ft=1 fh=98ec444fb630d969 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mglogger.dll"
sh=C6A45101EB49F99737373A683EC84EA75BB62576 ft=1 fh=f20892d6b65a0370 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgMediaPlayer.dll"
sh=B77CD72AD4B01B7AE12294A528E39320F9ED3E52 ft=1 fh=d7b730206d828842 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgMsnAuto.dll"
sh=CA31B7F77BE924E727D66140B0F71E41E9F04395 ft=1 fh=f4497b38d41b5710 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgMsnMessengerAdapter.dll"
sh=3B586633B40C0ED2086F3D811848B47356957707 ft=1 fh=b10c46915b943e5a vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgsimcommon.dll"
sh=A7564E5AA1C43DC40B79B4AB2618469A5DAAC0CE ft=1 fh=8a6531c9b423aa1f vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgSweetIM.dll"
sh=B5054B2B2A3B5FD9F6506BC317F3B4E560658C25 ft=1 fh=96e77847753278f6 vn="Variante von Win32/SweetIM.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgUpdateSupport.dll"
sh=99AABAACFD9ECD4CD0CCB2E9F1EEA692AF05792F ft=1 fh=d8573ee5d719baee vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgxml_wrapper.dll"
sh=30CFA42F54A2DB4530765057C984A9318631BC9C ft=1 fh=3b5a118795a19a80 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgYahooAuto.dll"
sh=3DC4672471C2904E3D7AAF46BA640899E580CBB8 ft=1 fh=80120dc0e7916e57 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\mgYahooMessengerAdapter.dll"
sh=CB8E8CC79BCC050599002537552BBB1AC22FB74F ft=1 fh=061ee74c2ddeab0b vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\SweetIM.exe"
sh=C8F1E3F28152C6C010B7AE8FA4D167E3C388FF0C ft=1 fh=84ff0b58ed098a1d vn="Win32/SweetIM.K evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\$RECYCLE.BIN\S-1-5-21-3101752624-4108848433-446223082-1000\$R0O44JJ\Messenger\resources\sqlite\mgSqlite3.dll"
sh=23A64C5EE89583A78C8FBD361F111765EBDE8DAF ft=1 fh=7deac2e14e95319a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Computerprogramme\FreeYouTubeDownload_29.exe"
sh=FD7A99E4A1B4A7573D5A1DAC23588465F86B3421 ft=1 fh=e4127c332769b14f vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Computerprogramme\SoftonicDownloader66221.exe"
sh=1006F68BBDD4CDA69C8D0E6A066A52A354456340 ft=1 fh=370122eec8520dbe vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Computerprogramme\vlc_1.0.5_win32.exe"
sh=20D4414C399AAB10065D4D4C6A75EA43B6A7867D ft=1 fh=acfdc31bacb2ecfc vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Downloads\Facemoods.exe"
sh=070DD1ECA22997991C402CC7533609E8C068E37F ft=1 fh=d1a922e3ea894c18 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Downloads\FreeVideoToDVDConverter.exe"
sh=6D95DFA3F44A1D710D44158561798BD7DBD503AD ft=1 fh=0ec585c6abab741d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Downloads\FreeVideoToJPGConverter.exe"
sh=BC9C15BF55E28B1027E0A1C37FA50CD9CED9741E ft=1 fh=b91ecc9c37799f37 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Downloads\FreeYouTubeUploader.exe"
sh=CC73C98D7DBC183B186B6A7DC071F58171A0AEAD ft=1 fh=817919ddda30fd18 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Downloads\registrybooster.exe"
sh=55E785C503CF5C7DCB1D2B647BF389C71892E52F ft=1 fh=2d25ebd84474db9d vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Downloads\SoftonicDownloader_fuer_pdf24-pdf-creator.exe"
sh=6FFF6BB47B1CF7DEF4B73F56C2FAF8F042EFF47A ft=1 fh=d8f32a62685f4f2c vn="Variante von Win32/Adware.HotBar.H Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\DESKTOP PC Melanie\Downloads\XvidSetup.exe"
sh=19AF4E0AEE527814E7BD288541323774E25CDC2A ft=1 fh=7d666d70407092f2 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\Downloads\FreeAudioCDToMP3Converter.exe"
sh=660DBBCCB3CECB907102247E33A2763B885BC22F ft=1 fh=08d795d06aaee6ee vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\Downloads\FreeYouTubeToMP3Converter.exe"
sh=7D45B35AFD21B793595D8E087BDC7BEB97328CA4 ft=1 fh=174359d2f27621cf vn="Win32/RegistryBooster evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\Downloads\registrybooster.exe"
sh=F88D45A7ACC911B3C71C97694742F46BAF806C53 ft=1 fh=a2a5339ca23ac5d8 vn="Win32/SoftonicDownloader evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\Downloads\SoftonicDownloader_fuer_jahreskalender-2012-fur-excel.exe"
sh=26C5CC92C355D7AAEF3F70479E25CFB9DE73FC35 ft=1 fh=1df8bc41e7f4c46c vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\ALLES in EINEM 2013-2014\Melanie 2014\Downloads\SweetImSetup.exe"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe"
sh=5C4422B8A162AFE9048E367C5B9C1932CCA25A9E ft=1 fh=2958be9b3cb0c285 vn="Win32/Toolbar.Conduit.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Conduit\CT3281675\plugins\TBVerifier.dll"
sh=1409EBB3A3E32D47579100DF86DC75C2C3251B1D ft=1 fh=1bb22fea6c29b3c4 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\deltaApp.dll"
sh=D698B030B32596B463C472026A960115CF8BA08D ft=1 fh=757d60309ad51e46 vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\deltaEng.dll"
sh=FF2381AE65749BA610DF97FAF88952CF15FEF138 ft=1 fh=d64f7ddedf260d1b vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\deltasrv.exe"
sh=074AD2C240AB3B311E098DA70E99C4C89063B7C8 ft=1 fh=6104037dd21597ba vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="G:\Sicherung DATEN PC Melanie 2015\Bibliotheken\Computerprogramme\Delta\delta\1.8.10.0\deltaTlbr.dll"
Code:
ATTFilter Results of screen317's Security Check version 0.99.96 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Trend Micro Maximum Security Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` JavaFX 2.1.1 Java 8 Update 25 Java version 32-bit out of Date! Java 64-bit 8 Update 31 Adobe Flash Player 16.0.0.305 Adobe Reader XI Google Chrome (40.0.2214.115) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe Trend Micro UniClient UiFrmWrk uiWatchDog.exe Trend Micro Titanium plugin Pt\PtSvcHost.exe Trend Micro Titanium plugin Pt\PtWatchDog.exe Trend Micro TMIDS PwmSvc.exe Trend Micro Titanium plugin Pt\PtSessionAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015 Ran by Mealnie Eisel (administrator) on MELANIEEISEL-HP on 01-03-2015 21:12:22 Running from C:\Users\Mealnie Eisel\Downloads\FRST-OlderVersion Loaded Profiles: Mealnie Eisel (Available profiles: Mealnie Eisel) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe (Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2007592 2014-11-27] (Trend Micro Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-04] (Advanced Micro Devices, Inc.) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {2ba5caa5-8189-11e2-81c0-3cd92b58676f} - I:\NokiaPCIA_Autorun.exe HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {9a8fbf65-8dba-11e3-bd0d-3cd92b58676f} - G:\iLinker.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.) BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.) BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.) Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM-x32 - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.) Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.) Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.) Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.) Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.) Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.) Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-20] (EasyBits Software Corp.) ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: |$EXTENSION_NAME$| - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-04-02] FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-22] FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-03] FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-02-03] FF HKLM-x32\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-02-03] FF HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HomePage: Default -> hxxp://www.google.at/ CHR StartupUrls: Default -> "https://www.google.at/", "hxxp://www.facebook.com/", "hxxp://user.webnode.com/servers/auth/?is_logged=1&domain=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Flogin%2F&project_id=9657061&refurl=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Fadmin%2F" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03] CHR Extension: (Google Docs) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08] CHR Extension: (Google Drive) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08] CHR Extension: (TV) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-04] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05] CHR Extension: (YouTube) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10] CHR Extension: (Google Search) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10] CHR Extension: (Google Sheets) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-09-08] CHR Extension: (Google Wallet) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03] CHR Extension: (Trend Micro Toolbar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-02-03] CHR Extension: (Gmail) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09] CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-07-03] CHR HKLM-x32\...\Chrome\Extension: [mkcaingkodcbhcaaaeopicigkejmgknj] - C:\ProgramData\ADDICT-THING\mkcaingkodcbhcaaaeopicigkejmgknj.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] S4 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-05-30] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc) R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [325656 2014-11-27] (Trend Micro Inc.) R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2011-10-21] (Solid Documents, LLC) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed] R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] () S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=qb -dt=60000 -ad -bt=0 [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2014-11-27] (Trend Micro Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-01] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.) R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.) R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.) R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.) R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.) R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.) R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-01 21:11 - 2015-03-01 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\FRST-OlderVersion 2015-03-01 20:45 - 2015-03-01 20:45 - 00852594 _____ () C:\Users\Mealnie Eisel\Downloads\SecurityCheck.exe 2015-03-01 13:42 - 2015-03-01 13:42 - 02347384 _____ (ESET) C:\Users\Mealnie Eisel\Downloads\esetsmartinstaller_deu.exe 2015-02-28 15:02 - 2015-03-01 20:44 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\StrickInge 2015-02-27 23:14 - 2015-02-27 23:14 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Bewerbung 2015-02-27 22:47 - 2015-02-27 22:48 - 01388274 _____ (Thisisu) C:\Users\Mealnie Eisel\Downloads\JRT.exe 2015-02-27 22:32 - 2015-02-27 22:39 - 00000000 ___DC () C:\AdwCleaner 2015-02-27 22:30 - 2015-02-27 22:31 - 02126848 _____ () C:\Users\Mealnie Eisel\Downloads\AdwCleaner_4.111.exe 2015-02-27 21:23 - 2015-03-01 20:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-27 21:22 - 2015-02-27 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-27 21:22 - 2015-02-27 21:22 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-02-27 21:22 - 2015-02-27 21:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-02-27 21:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-02-27 21:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-02-27 21:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-02-27 21:15 - 2015-02-27 21:17 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Mealnie Eisel\Downloads\mbam-setup-2.0.4.1028.exe 2015-02-27 21:00 - 2015-03-01 11:36 - 00003370 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000 2015-02-27 21:00 - 2015-03-01 11:36 - 00003252 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000 2015-02-25 23:20 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 23:20 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-22 21:54 - 2015-02-22 21:54 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-02-22 21:54 - 2015-02-22 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-02-22 21:52 - 2015-02-22 21:59 - 06103040 _____ () C:\Program Files (x86)\GUT351E.tmp 2015-02-22 21:52 - 2015-02-22 21:52 - 00000000 ____D () C:\Program Files (x86)\GUM34B0.tmp 2015-02-22 19:57 - 2015-02-22 20:00 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\Microsoft Games 2015-02-22 19:11 - 2015-02-22 19:11 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2015-02-22 19:07 - 2015-02-22 19:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mealnie Eisel\Downloads\revosetup95.exe 2015-02-21 18:05 - 2015-03-01 21:11 - 02092544 ____C (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64.exe 2015-02-21 18:02 - 2015-02-21 18:03 - 00023044 _____ () C:\Users\Mealnie Eisel\Downloads\Addition.txt 2015-02-21 17:58 - 2015-02-27 23:07 - 00062749 _____ () C:\Users\Mealnie Eisel\Downloads\FRST.txt 2015-02-21 17:57 - 2015-03-01 21:12 - 00000000 ___DC () C:\FRST 2015-02-20 23:00 - 2015-02-20 23:00 - 00023011 _____ () C:\Users\Mealnie Eisel\Downloads\GermanTOP100SingleCharts02022015-NoGroup - ThePirateBay.TO.torrent 2015-02-20 21:46 - 2015-02-20 21:46 - 00000000 __SHD () C:\Users\Mealnie Eisel\AppData\Local\EmieBrowserModeList 2015-02-20 18:50 - 2015-02-20 18:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf 2015-02-20 18:48 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys 2015-02-20 18:48 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll 2015-02-20 18:47 - 2015-02-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie 2015-02-20 18:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll 2015-02-20 18:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll 2015-02-20 18:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys 2015-02-20 17:23 - 2015-02-20 17:23 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\NETGEAR 2015-02-19 19:16 - 2015-02-19 19:25 - 00007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg 2015-02-19 10:32 - 2015-02-27 23:13 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Tagesordner 2015-02-13 13:39 - 2015-02-13 13:39 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Passwörter 2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BEWERBUNGEN 2015-02-12 22:16 - 2015-02-12 22:16 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\VERKAUF - BESTELLUNGEN 2015-02-12 22:13 - 2015-03-01 21:08 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Outlook-Dateien 2015-02-12 22:12 - 2015-02-12 22:27 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\ANTRÄGE - Verträge 2015-02-12 22:11 - 2015-02-12 22:31 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\DOKUMENTE Urkunden 2015-02-12 22:03 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FRANZ 2015-02-12 21:59 - 2015-02-12 22:01 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kündigung Verträge 2015-02-12 21:54 - 2015-02-12 22:30 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\OPA Wilfling 2015-02-12 21:54 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kredite - Finanzierungen 2015-02-12 21:53 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Unterschriften 2015-02-12 13:05 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-12 13:05 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-12 13:05 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-12 13:05 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-11 11:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 11:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 11:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 11:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 11:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 11:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 11:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 11:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 11:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 11:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 11:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 11:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 11:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-11 11:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 11:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 11:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 11:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 11:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-11 11:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-11 11:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 11:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 11:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 11:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 11:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-11 11:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-11 11:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 11:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 11:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 11:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 11:19 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 11:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 11:19 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 11:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-11 11:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-11 11:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 11:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 11:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 11:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 11:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-11 11:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 11:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 11:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 11:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 11:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 11:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 11:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 11:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 11:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 11:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 11:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 11:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 11:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 11:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 11:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 11:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 11:17 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-11 11:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-11 11:10 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 11:10 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 11:10 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 11:10 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 11:10 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 11:10 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 11:10 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 11:10 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 11:10 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 11:10 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-11 11:10 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-11 11:10 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-11 11:10 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 11:10 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-11 11:10 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 11:10 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 11:08 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 11:08 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-11 11:08 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-11 11:08 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-11 11:08 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-02-11 11:08 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-02-11 11:07 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 11:07 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 11:07 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-11 11:07 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-11 11:07 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-11 11:06 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 11:06 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 11:04 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 11:04 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-11 11:04 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-11 11:04 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-11 11:04 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 11:04 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 11:04 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-11 10:55 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-10 22:35 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Meldezettel 2015-02-03 07:36 - 2015-02-03 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Password Manager 2015-02-03 07:26 - 2015-02-03 07:27 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe 2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 ____C (Trend Micro Inc.) C:\kbfilter.sys 2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\kbfilter.sys 2015-02-03 07:23 - 2014-11-27 11:03 - 00007799 ____C () C:\kbfilter.cat 2015-02-03 07:23 - 2014-11-27 11:03 - 00000098 ____C () C:\install.bat 2015-02-03 07:23 - 2014-11-27 11:03 - 00000081 ____C () C:\uninstall.bat 2015-02-03 07:06 - 2015-02-03 07:06 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\Trend Micro 2015-02-03 07:05 - 2015-02-03 07:05 - 00000000 __HDC () C:\TMRescueDisk 2015-02-03 07:04 - 2015-02-03 07:36 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2015-02-03 07:03 - 2015-02-03 07:03 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security 2015-02-03 07:01 - 2014-07-14 08:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys 2015-02-03 07:01 - 2014-07-14 08:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys 2015-02-03 07:01 - 2014-07-14 08:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys 2015-02-03 07:01 - 2014-07-09 17:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys 2015-02-03 07:01 - 2014-07-09 17:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys 2015-02-03 07:00 - 2014-07-09 17:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys 2015-02-03 07:00 - 2014-06-30 12:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys 2015-02-03 06:57 - 2015-02-03 06:57 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat 2015-02-03 06:55 - 2015-02-22 12:41 - 00000000 ____D () C:\ProgramData\Trend Micro 2015-02-03 06:55 - 2015-02-03 07:04 - 00000000 ____D () C:\Program Files\Trend Micro 2015-02-03 06:46 - 2015-02-03 06:46 - 00000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache 2015-02-02 23:08 - 2015-02-02 23:09 - 06630832 _____ (Trend Micro Inc.) C:\Users\Mealnie Eisel\Downloads\Trend_Micro_Maximum_Security_2015.exe 2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015.zip 2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015 (1).zip 2015-02-02 19:39 - 2015-02-16 18:07 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Referat Michelle und Jana 2015-02-01 18:42 - 2015-02-01 18:42 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Lightshot 2015-01-30 15:34 - 2015-01-30 15:34 - 00004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-01 21:14 - 2012-11-27 20:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-01 20:44 - 2013-02-13 19:27 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Ahnenforschung 2015-03-01 20:26 - 2014-03-20 17:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-01 20:16 - 2012-08-24 23:23 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\InstallShare 2015-03-01 19:46 - 2012-04-18 19:57 - 01151264 _____ () C:\Windows\WindowsUpdate.log 2015-03-01 17:51 - 2012-09-23 20:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB65BFAC-209A-4527-8F2B-815F00D69B53} 2015-03-01 13:14 - 2012-11-27 20:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-01 12:35 - 2011-09-20 13:51 - 00000000 ____D () C:\ProgramData\PDFC 2015-03-01 11:54 - 2011-09-20 12:45 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2015-03-01 11:54 - 2011-09-20 12:45 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2015-03-01 11:54 - 2009-07-14 06:13 - 00844356 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-01 11:43 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-01 11:43 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-01 11:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-01 11:34 - 2009-07-14 05:51 - 00150868 _____ () C:\Windows\setupact.log 2015-02-28 12:46 - 2010-11-21 04:47 - 01524262 _____ () C:\Windows\PFRO.log 2015-02-28 00:10 - 2012-10-28 09:31 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Computerprogramme 2015-02-27 22:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security 2015-02-27 22:39 - 2012-04-22 18:03 - 00001013 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-02-27 22:38 - 2012-04-18 20:00 - 00000000 ____D () C:\Users\Mealnie Eisel 2015-02-23 17:34 - 2012-05-23 21:16 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\CrashDumps 2015-02-22 21:54 - 2012-11-27 20:55 - 00000000 ____D () C:\Program Files (x86)\Google 2015-02-21 14:04 - 2012-12-29 11:50 - 00000000 ____D () C:\Program Files (x86)\SmartTools 2015-02-21 00:37 - 2012-09-15 16:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Azureus 2015-02-20 23:46 - 2012-11-01 13:05 - 00000000 ____D () C:\Windows\pss 2015-02-20 21:52 - 2012-12-29 11:50 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools 2015-02-20 21:51 - 2015-01-17 22:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Add-in Express 2015-02-20 21:31 - 2014-08-21 19:59 - 00000000 ____D () C:\Program Files\Saturn 2015-02-20 18:47 - 2012-04-19 18:35 - 00000000 ____D () C:\Program Files (x86)\NETGEAR 2015-02-20 18:47 - 2011-09-20 13:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-20 18:38 - 2012-04-22 19:59 - 00000000 ____D () C:\ProgramData\HP 2015-02-20 18:38 - 2012-04-21 19:20 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\PhotoScape 2015-02-20 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2015-02-20 18:34 - 2012-07-03 18:43 - 00000000 ____D () C:\ProgramData\Real 2015-02-18 20:17 - 2015-01-12 19:03 - 00000000 ____D () C:\Users\Mealnie Eisel\Nintendo Spiele 2015-02-16 11:30 - 2013-10-13 20:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Bücher & Zeitschriften 2 2015-02-13 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-13 15:31 - 2015-01-24 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\StPrsSW 2015-02-12 22:44 - 2012-08-25 19:26 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Bibliothek 2015-02-12 22:32 - 2013-02-11 18:11 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Versicherung 2015-02-12 22:30 - 2012-08-25 19:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Schriftverkehr 2015-02-12 22:30 - 2012-05-21 18:26 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Sabrina 2015-02-12 22:28 - 2012-08-28 21:36 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BANK 2015-02-12 22:24 - 2013-02-11 17:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FINANZAMT 2015-02-12 22:23 - 2014-10-15 15:58 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Rechnungen1 2015-02-12 22:17 - 2012-05-30 14:55 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Melanie 2015-02-12 19:23 - 2014-08-21 20:15 - 00000000 ____D () C:\ProgramData\tmp 2015-02-12 18:41 - 2013-02-02 13:10 - 00000000 ____D () C:\Users\Mealnie Eisel\BANK 2015-02-12 12:24 - 2009-07-14 05:45 - 05033560 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 12:21 - 2014-12-11 11:03 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 12:21 - 2014-05-07 06:10 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-11 23:44 - 2012-04-21 09:39 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-11 23:44 - 2009-07-14 03:34 - 00000513 _____ () C:\Windows\win.ini 2015-02-11 23:41 - 2013-07-24 17:54 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-11 23:24 - 2012-05-03 20:44 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-09 15:43 - 2012-04-23 20:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Eigene Scans 2015-02-05 20:26 - 2014-03-20 17:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-05 20:26 - 2012-10-09 18:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-05 20:26 - 2012-10-09 18:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-05 13:10 - 2012-11-27 20:56 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-05 13:09 - 2012-11-27 20:56 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-03 07:58 - 2013-03-17 15:51 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Video Converter Packages 2015-02-03 07:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2015-02-03 07:24 - 2012-05-30 13:34 - 00000000 ____D () C:\Windows\AutoKMS 2015-02-03 07:04 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-02-03 06:51 - 2013-07-27 14:46 - 00000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG 2015-02-03 06:34 - 2012-05-22 19:11 - 00000000 ____D () C:\ProgramData\Adobe 2015-02-03 06:33 - 2012-05-22 19:12 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-02-03 06:25 - 2012-05-30 13:34 - 00003486 _____ () C:\Windows\System32\Tasks\AutoKMS 2015-02-02 23:04 - 2012-06-03 18:09 - 00000000 ____D () C:\Program Files (x86)\AVG 2015-02-02 22:32 - 2014-04-02 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-02 22:31 - 2013-04-08 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Norton Utilities 16 2015-02-02 22:31 - 2011-09-20 13:34 - 00000000 ____D () C:\ProgramData\Temp 2015-02-02 19:40 - 2013-04-09 18:00 - 00008058 _____ () C:\Windows\SysWOW64\AppLog.log 2015-02-02 17:01 - 2013-05-06 16:00 - 00260592 _____ () C:\Windows\SysWOW64\Engines.log 2015-01-30 15:17 - 2012-06-19 14:15 - 00000000 ____D () C:\Users\Mealnie Eisel\.gimp-2.8 ==================== Files in the root of some directories ======= 2015-02-22 21:52 - 2015-02-22 21:59 - 6103040 _____ () C:\Program Files (x86)\GUT351E.tmp 2012-11-01 14:53 - 2013-08-10 21:39 - 0000671 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\vso_ts_preview.xml 2013-07-27 14:46 - 2015-02-03 06:51 - 0000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG 2013-06-21 14:48 - 2013-06-28 15:23 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q2-TTL.DAT 2013-12-31 15:46 - 2014-01-03 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q5-TTL.DAT 2013-06-16 14:46 - 2014-01-27 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-TTL.DAT 2013-07-16 21:20 - 2013-07-16 21:22 - 145394418 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload 2013-07-16 21:20 - 2013-07-16 21:22 - 0001811 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload.aamd 2012-09-23 21:01 - 2012-09-23 21:08 - 0004608 _____ () C:\Users\Mealnie Eisel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-09-15 16:40 - 2012-09-15 16:40 - 0027520 _____ () C:\Users\Mealnie Eisel\AppData\Local\dt.dat 2015-02-03 06:46 - 2015-02-03 06:46 - 0000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache 2013-10-24 14:46 - 2013-10-24 14:46 - 0361117 _____ () C:\Users\Mealnie Eisel\AppData\Local\newhb2.crx 2015-01-30 15:34 - 2015-01-30 15:34 - 0004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel 2015-02-19 19:16 - 2015-02-19 19:25 - 0007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg 2015-01-29 23:39 - 2015-01-29 23:39 - 0000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log 2015-01-29 23:40 - 2015-01-29 23:40 - 0000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml 2012-08-24 21:10 - 2012-09-15 16:25 - 0000041 ___SH () C:\ProgramData\.zreglib 2012-04-22 19:59 - 2012-05-29 12:03 - 0001804 _____ () C:\ProgramData\hpzinstall.log Files to move or delete: ==================== C:\Users\Mealnie Eisel\jobq.dat C:\Users\Mealnie Eisel\Vuze_4.2.0.8a_windows.exe Some content of TEMP: ==================== C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\Extract.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\ffdshow.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\htmlayout.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel0.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel1.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\MatroskaSplitter.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\Quarantine.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\SP54699.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\sp64126.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\Sqlite3.dll C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar46512836.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninst1.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325215.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47053879.exe C:\Users\Mealnie Eisel\AppData\Local\Temp\UninstallHPSA.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 13:46 ==================== End Of Log ============================ --- --- --- |
|
01.03.2015, 21:19
| #15 |
| | Addition.txt 01.03.2015Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-02-2015
Ran by Mealnie Eisel at 2015-03-01 21:14:50
Running from C:\Users\Mealnie Eisel\Downloads\FRST-OlderVersion
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Trend Micro Maximum Security (Disabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Maximum Security (Disabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
A1 Internet Software (x32 Version: 8.1.0.55 - A1 Telekom Austria AG) Hidden
A1 Servicecenter (x32 Version: 1.1.0.11 - A1 Telekom Austria AG) Hidden
A1 Webassistent (x32 Version: 4.1.0.163 - A1 Telekom Austria) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.01) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{37C7C98A-3857-B7D4-D7BD-F0E8179E8AFD}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
Convert X to DVD 3.4.7.121 (HKLM-x32\...\{4C335AD4-6821-4028-9A6C-13943762DB55}) (Version: 3.4.7.121 - Black Angel Doom)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DirectDownloader (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\DirectDownloader) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
Extract-CloneCD 5.3.1.4 Final version 1.5 (HKLM-x32\...\Extract-CloneCD 5.3.1.4 Final_is1) (Version: 1.5 - )
FamilySearch Indexing 3.17.3 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.3 - FamilySearch)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.7.717 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.1.29.608 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.29.608 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - )
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero - Burning Rom (HKLM-x32\...\{A4D7B764-4140-11D4-88EB-0050DA3579C0}) (Version: 5.5.9 - ahead software gmbh)
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Qtrax Player (HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\2926320025.portal.qtrax.com) (Version: - portal.qtrax.com)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6321 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Solid Converter PDF (HKLM-x32\...\{56BFAA6E-2BCC-4AED-9233-84731E66B205}) (Version: 7.1.934.0 - SolidDocuments)
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Trend Micro DirectPass (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)
Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1137 - Trend Micro Inc.)
Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
USB Video/Audio Device Driver (HKLM-x32\...\{3717C4F2-7412-4793-9BB8-D73D2817B3D6}) (Version: 1.00.0000 - Ihr Firmenname)
VCRT for DirectPass x64 (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (x32 Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
20-02-2015 17:24:18 Installiert NETGEAR WNA3100 wireless USB 2.0 driver
20-02-2015 17:46:59 Wiederherstellungsvorgang
20-02-2015 18:01:08 Windows Update
20-02-2015 18:22:58 Wiederherstellungsvorgang
20-02-2015 18:46:38 Installiert NETGEAR WNA3100 wireless USB 2.0 adapter
20-02-2015 21:42:22 Removed SweetIM for Messenger 3.7
20-02-2015 21:47:50 Removed Update Manager for SweetPacks 1.1
22-02-2015 19:13:35 Revo Uninstaller's restore point - QuickShare
22-02-2015 19:25:15 Revo Uninstaller's restore point - Update for Video Converter
22-02-2015 19:46:33 Revo Uninstaller's restore point - Video Converter Packages
22-02-2015 20:39:20 Revo Uninstaller's restore point - Update for Video Converter
22-02-2015 20:39:58 Revo Uninstaller's restore point - Update for Video Converter
22-02-2015 20:40:52 Revo Uninstaller's restore point - Update for Video Converter
22-02-2015 20:41:51 Revo Uninstaller's restore point - Update for Video Converter
22-02-2015 21:40:13 Revo Uninstaller's restore point - Google Chrome
25-02-2015 23:19:17 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B0F8F6B-FE9D-4968-B43E-AE68F353DFE6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {0E544C56-C4C5-4336-839C-526CAFEEAAD8} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {1B6AB716-B0D4-496B-A7BC-BDE7EC4B6941} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {232D4D45-3E38-42B9-A9F2-88C8CEE732E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27] (Google Inc.)
Task: {3782A18F-D8E8-47B0-92CF-8DED7834BE56} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {446AB000-BCA9-41E0-A716-369CF8720770} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {62D14DB0-87D3-4038-A5CB-D3F97D7B2111} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18] (Adobe Systems Incorporated)
Task: {65DE8AD7-4C52-4413-8F89-56ED053B2CC8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {68F5730E-F150-463B-91E0-5841AA9EB551} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {8C72BB06-6310-4F55-86B3-EAC3B5328122} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {A0230023-54EB-4DE6-B6C2-CD58AE4EA6B5} - System32\Tasks\{ADAFEB43-C46A-4AEC-BC77-A2663C9A91BF} => pcalua.exe -a "C:\Users\Mealnie Eisel\Downloads\Vuze_4.2.0.8a_windows.exe" -d "C:\Users\Mealnie Eisel\Downloads"
Task: {A165EAC5-9A1F-4C22-A2B2-2617819322BA} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2012-07-03] (RealNetworks, Inc.)
Task: {B68DA53E-2739-4DAE-938E-73CCE7F27C1E} - System32\Tasks\StPrsSW => C:\Users\Mealnie [2012-05-30] ()
Task: {B8CBDA52-9B0F-4343-95A1-3EB5C50287B6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {DEE7C674-A008-4FDD-B794-41D16FC4D2FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {ECFDBC74-5C02-454E-BB72-5852261B5233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2012-08-22 13:52 - 2011-10-21 01:00 - 00024576 _____ () C:\Windows\System32\solidlocalmon.dll
2015-02-03 06:59 - 2014-07-20 20:05 - 00089088 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll
2015-02-03 06:59 - 2014-07-20 20:05 - 00018944 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll
2015-02-03 06:59 - 2014-07-20 20:05 - 00049664 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll
2015-02-20 18:47 - 2013-11-11 15:10 - 00307928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-04-19 18:35 - 2011-01-04 14:34 - 04545024 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2015-02-20 18:47 - 2013-11-22 19:34 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2011-07-04 00:20 - 2011-07-04 00:20 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-14 13:20 - 2011-03-14 13:20 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2015-02-20 18:47 - 2013-10-30 19:06 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-04-19 18:35 - 2009-08-28 15:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2015-02-20 18:47 - 2013-11-01 17:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-12-21 00:15 - 2010-12-21 00:15 - 01041248 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-02-22 21:54 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-22 21:54 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-22 21:54 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-22 21:54 - 2015-02-17 23:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:22DBE122626EC5BE
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:792D4CF1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: jswpsapi => 3
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: vToolbarUpdater11.2.0 => 2
MSCONFIG\Services: WebOptimizer => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WSWNA1100 => 2
MSCONFIG\startupfolder: C:^Users^Mealnie Eisel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Direct Downloader.lnk => C:\Windows\pss\Direct Downloader.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Mealnie Eisel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Mealnie Eisel\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: DAEMON Tools Lite =>
MSCONFIG\startupreg: Device Detection => C:\Program Files (x86)\Lidl_Fotos\dd.exe
MSCONFIG\startupreg: EADM =>
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: Facebook Update =>
MSCONFIG\startupreg: Google Update =>
MSCONFIG\startupreg: Media Finder =>
MSCONFIG\startupreg: NeroCheck => C:\Windows\SysWOW64\\NeroCheck.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Mealnie Eisel\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: NokiaSuite.exe =>
MSCONFIG\startupreg: Optimizer Pro =>
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PlayVolcanoSA => "C:\Users\Mealnie Eisel\AppData\Local\PlayVolcanoSA\bin\1.0.10.0\PlayVolcanoSA.exe"
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype =>
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
==================== Accounts: =============================
Administrator (S-1-5-21-3101752624-4108848433-446223082-500 - Administrator - Disabled)
Gast (S-1-5-21-3101752624-4108848433-446223082-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3101752624-4108848433-446223082-1002 - Limited - Enabled)
Mealnie Eisel (S-1-5-21-3101752624-4108848433-446223082-1000 - Administrator - Enabled) => C:\Users\Mealnie Eisel
==================== Faulty Device Manager Devices =============
Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/01/2015 09:10:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mealnie Eisel\Downloads\esetsmartinstaller_deu.exe
Error: (03/01/2015 08:38:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (03/01/2015 01:43:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mealnie Eisel\Downloads\esetsmartinstaller_deu.exe
Error: (03/01/2015 01:43:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mealnie Eisel\Downloads\esetsmartinstaller_deu.exe
Error: (03/01/2015 11:36:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/28/2015 00:48:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/01/2015 06:21:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (03/01/2015 01:48:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Trend Micro Solution Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/01/2015 11:40:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Office Software Protection Platform" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/01/2015 11:40:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Office Software Protection Platform erreicht.
Error: (03/01/2015 11:38:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/01/2015 11:38:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HomeGroupListener erreicht.
Error: (03/01/2015 11:37:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (03/01/2015 11:35:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (03/01/2015 11:34:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 28.02.2015 um 23:18:40 unerwartet heruntergefahren.
Error: (02/28/2015 00:48:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (03/01/2015 09:10:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mealnie Eisel\Downloads\esetsmartinstaller_deu.exe
Error: (03/01/2015 08:38:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (03/01/2015 01:43:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mealnie Eisel\Downloads\esetsmartinstaller_deu.exe
Error: (03/01/2015 01:43:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mealnie Eisel\Downloads\esetsmartinstaller_deu.exe
Error: (03/01/2015 11:36:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/28/2015 00:48:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: AMD E-350 Processor
Percentage of memory in use: 91%
Total physical RAM: 1643.98 MB
Available physical RAM: 144.63 MB
Total Pagefile: 4283.3 MB
Available Pagefile: 985.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:453.82 GB) (Free:170.71 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.84 GB) (Free:1.41 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (FESTPLATTE MELANIE) (Fixed) (Total:931.48 GB) (Free:529.61 GB) NTFS
Drive i: (SAMSUNG) (Fixed) (Total:1863.01 GB) (Free:919.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0BE64E73)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.8 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 1863 GB) (Disk ID: 14B1F8BB)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
| Themen zu PC sehr langsam, Programm lässt sich nicht deinstallieren. |
| deinstallieren, deinstalliert, edition, entdeck, entdeckt, eventueller virus, fehlermeldung, fenster, file, files, folge, folgende, gefahr, guten, home, langsam, melani, not, pc sehr langsam, problem, programm, programme, reagiert, schneller, versuche, windows 7, öffnet |
dann auf 
und dann auf 
. 
Hybrid-Darstellung
