|
Log-Analyse und Auswertung: Bei jede bewegung auf meinem PC geht ein Popup aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
18.03.2015, 00:15 | #1 |
| Bei jede bewegung auf meinem PC geht ein Popup auf Also bei mir gehen auf allen Browser immer, egal was ich mache ein popup auf wie bekomme ich das wieder im Grif? Habe auch schon logs gemacht! HTML-Code: Users shortcut scan result (x64) Version: 11-03-2015 Ran by Tce at 2015-03-18 00:10:26 Running from C:\Users\Tce\Desktop Boot Mode: Normal ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk -> C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 10.lnk -> C:\Program Files (x86)\Adobe\Elements 10 Organizer\Photoshop Elements 10.0.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Contact a friend for assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk -> C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\regipe.exe (I.R.I.S. Image Recognition Integarted Systems) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome Center.lnk -> C:\Program Files (x86)\Packard Bell\Welcome Center\OEMWelcomeCenter.exe (Acer Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZooEasy v12\Anwenderhandbuch.lnk -> C:\ZooEasy\ZooEasy v12\ZooEasy_Dui.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZooEasy v12\Datenbank aktualisieren.lnk -> C:\ZooEasy\ZooEasy v12\Repair.exe (ZooEasy) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZooEasy v12\ZooEasy v12.lnk -> C:\ZooEasy\ZooEasy v12\ZooEasy.exe (ZooEasy) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety.lnk -> C:\Windows\Installer\{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}\fssicon.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mesh.lnk -> C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead Systems\Ulead AutoDetector.lnk -> C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead PhotoImpact 12\PhotoImpact 12.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact 12\Iedit.exe (Ulead Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead PhotoImpact 12\PhotoImpact Album 12.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact 12\album.exe (Ulead Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead PhotoImpact 12\Ulead GIF Animator 5.05.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact 12\AnyGif\ga_main.exe (Ulead Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead Photo Explorer 8.6\Ulead Instant Viewer.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.6\eviewer.exe (Ulead Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead Photo Explorer 8.6\Ulead Photo Explorer 8.6.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.6\Pex.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead COOL 360\Read Me.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead COOL 360\README.HLP () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead COOL 360\Ulead COOL 360 Viewer.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead COOL 360\UPViewer.exe (Ulead Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead COOL 360\Ulead COOL 360.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead COOL 360\UPano.exe (Ulead Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic\Anleitung zu Tinypic.lnk -> C:\Program Files (x86)\Tinypic\AnleitungTinyPic.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic\TinyPic.exe.lnk -> C:\Program Files (x86)\Tinypic\TinyPic.exe (Borland Software Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic\Uninstall Tinypic.lnk -> C:\Program Files (x86)\Tinypic\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer\SMSout-Hilfe.lnk -> C:\Program Files (x86)\SuperMailer\smsout.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer\SuperMailer deinstallieren.lnk -> C:\Program Files (x86)\SuperMailer\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer\SuperMailer-Hilfe.lnk -> C:\Program Files (x86)\SuperMailer\sm.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer\SuperMailer-Lizenz erwerben (Registrieren).lnk -> C:\Program Files (x86)\SuperMailer\Registrierung.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperMailer\SuperMailer.lnk -> C:\Program Files (x86)\SuperMailer\sm.exe (Mirko Böer) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photo Frame.lnk -> C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe (North Star com.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com)) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartSound\Sonicfire Pro 5.lnk -> C:\Program Files (x86)\SmartSound Software\Sonicfire Pro 5\SonicfirePro5.exe (SmartSound Software Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SendBlaster 3\SendBlaster 3.lnk -> C:\Program Files (x86)\SendBlaster3\sendblaster3.exe (eDisplay srl) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaMonkey\SeaMonkey.lnk -> C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer License.lnk -> C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVLicense.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer Users Manual.lnk -> C:\Program Files\Tracker Software\PDF Viewer\Help\PDFVManualSm.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\PDF-Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Tracker Updater.lnk -> C:\Program Files\Tracker Software\Update\TrackerUpdate.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer\Uninstall.lnk -> C:\Program Files\Tracker Software\PDF Viewer\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell System\Packard Bell User's Guide.lnk -> C:\book\Guide.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell Photo Frame\Photo Frame.lnk -> C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe (North Star com.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Contact.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Packard Bell Recovery Management.lnk -> C:\Program Files\Packard Bell\Packard Bell Recovery Management\Recovery Management.exe (Acer) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Packard Bell Updater.lnk -> C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe (Acer) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Software Suite SE.lnk -> C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe (Acer Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2\Mobile Connection Manager\Deinstallieren.lnk -> C:\Program Files (x86)\o2\Mobile Connection Manager\Uninstall.exe (Telefónica) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2\Mobile Connection Manager\Mobile Connection Manager.lnk -> C:\Program Files (x86)\o2\Mobile Connection Manager\EMMSN.exe (Telefónica I+D) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero ControlCenter 4.lnk -> C:\Program Files (x86)\Nero\Nero ControlCenter 4\ncc.exe (Nero AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero StartSmart Essentials.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe (Nero AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Toolkit\Nero DiscSpeed.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero DiscSpeed\DiscSpeed.exe (Nero AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Toolkit\Nero DriveSpeed.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero DriveSpeed\DriveSpeed.exe (Nero AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Toolkit\Nero InfoTool.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero InfoTool\InfoTool.exe (Nero AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Manuals\Nero ControlCenter 4 [English Help].lnk -> C:\Program Files (x86)\Nero\Nero ControlCenter 4\NeroControlCenter_ENG.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Manuals\Nero DiscSpeed [English Help].lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero DiscSpeed\NeroDiscSpeed_Eng.Chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Manuals\Nero DriveSpeed [English Help].lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero DriveSpeed\NeroDriveSpeed_Eng.Chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Manuals\Nero Express Essentials SE [English Help].lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero Express\NeroExpress_ENG.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Manuals\Nero InfoTool [English Help].lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero InfoTool\NeroInfoTool_Eng.Chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Manuals\Nero StartSmart Essentials [English Help].lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart_ENG.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digitales Zertifikat für VBA-Projekte.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Spracheinstellungen.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office-Diagnose.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins001.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Mufin MusicFinder Base.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\Sonos.exe (MAGIX) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Service und Support\Lizenzbedingungen.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Service und Support\MAGIX Creation Logo - Leitfaden.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\MAGIX Creation Logo.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Service und Support\MAGIX Online Services.lnk -> C:\ProgramData\MAGIX\Common\Online Services Info\index_0407.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Service und Support\Mufin MusicFinder Base deinstallieren.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\unwise.exe (MAGIX AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Service und Support\Registrieren.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\register.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Service und Support\Support.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\support.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Dokumentation\Mufin MusicFinder Base Hilfe.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\Sonos.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Bestellen\Bestellen.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\order.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Screenshare\MAGIX Screenshare.lnk -> C:\Program Files (x86)\MAGIX\PCVisit\Screenshare.exe (pcvisit software ag) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Screenshare\Service und Support\MAGIX Online Services.lnk -> C:\ProgramData\MAGIX\Common\Online Services Info\index_0407.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Screenshare\Service und Support\MAGIX Screenshare deinstallieren.lnk -> C:\Program Files (x86)\MAGIX\PCVisit\unwise.exe (MAGIX AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Screenshare\Service und Support\Support.lnk -> C:\Program Files (x86)\MAGIX\PCVisit\support.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\MAGIX Music Editor 2.0.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\musiceditor\MusicEditor.exe (MAGIX AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\MAGIX Music Maker 15 Premium.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\MusicMaker.exe (MAGIX AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Service und Support\Lizenzbedingungen.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Service und Support\MAGIX Music Maker 15 Premium deinstallieren.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\unwise.exe (MAGIX AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Service und Support\MAGIX Online Services.lnk -> C:\ProgramData\MAGIX\Common\Online Services Info\index_0407.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Service und Support\Registrieren.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\register.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Service und Support\Support.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\support.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Dokumentation\Eigene Songs im Internet.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\Eigene_Songs_im_Internet.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Dokumentation\MAGIX Music Editor 2.0 Hilfe.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\musiceditor\musiceditor.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Dokumentation\MAGIX Music Maker 15 Premium Handbuch.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\Manual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Dokumentation\MAGIX Music Maker 15 Premium Hilfe.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\MusicMaker.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Bestellen\Bestellen.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\order.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\MAGIX Goya burnR.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\Goya.exe (MAGIX AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Service und Support\Lizenzbedingungen.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Service und Support\MAGIX Creation Logo - Leitfaden.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\MAGIX Creation Logo.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Service und Support\MAGIX Goya burnR deinstallieren.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\unwise.exe (MAGIX AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Service und Support\MAGIX Online Services.lnk -> C:\ProgramData\MAGIX\Common\Online Services Info\index_0407.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Service und Support\Registrieren.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\register.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Service und Support\Support.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\support.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Dokumentation\MAGIX Goya burnR Hilfe.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\Goya.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Bestellen\Bestellen.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\order.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia\Macromedia Dreamweaver 8.lnk -> C:\Windows\Installer\{44025BD7-AD10-4769-99AE-6378FD0303D6}\DWARPPRODUCTICON.exe (InstallShield Software Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia\Macromedia Extension Manager.lnk -> C:\Windows\Installer\{0F022A2E-7022-497D-90A5-0F46746D8275}\EMARPPRODUCTICON.exe (InstallShield Software Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia\Liesmich-Dateien\Macromedia Dreamweaver 8 Liesmich.lnk -> C:\Windows\Installer\{44025BD7-AD10-4769-99AE-6378FD0303D6}\READMESHORTCUT.htm (InstallShield Software Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia\Liesmich-Dateien\Macromedia Extension Manager Liesmich.lnk -> C:\Windows\Installer\{0F022A2E-7022-497D-90A5-0F46746D8275}\READMEICON.htm (InstallShield Software Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveZilla\LiveZilla Client.lnk -> C:\Program Files (x86)\LiveZilla\LiveZilla.exe (LiveZilla GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveZilla\LiveZilla Server Admin.lnk -> C:\Program Files (x86)\LiveZilla\LiveZilla Server Admin.exe (LiveZilla GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveZilla\Uninstall LiveZilla.lnk -> C:\ProgramData\{03445ECF-D16C-49BA-B0DC-4E0649F027BF}\LiveZilla_5.3.0.7_Full.exe (LiveZilla GmbH ) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link-AssistantCom\LinkAssistant.lnk -> C:\Program Files (x86)\Link-AssistantCom\LinkAssistant\bin\linkassistant.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link-AssistantCom\Rank Tracker.lnk -> C:\Program Files (x86)\Link-AssistantCom\Rank Tracker\bin\ranktracker.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link-AssistantCom\SEO SpyGlass.lnk -> C:\Program Files (x86)\Link-AssistantCom\SEO SpyGlass\bin\seospyglass.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link-AssistantCom\WebSite Auditor.lnk -> C:\Program Files (x86)\Link-AssistantCom\WebSite Auditor\bin\websiteauditor.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link-AssistantCom\Links\Link-AssistantCom Kundensupport.lnk -> C:\Program Files (x86)\Link-AssistantCom\SEO PowerSuite Support.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link-AssistantCom\Links\Link-AssistantCom Webseite.lnk -> C:\Program Files (x86)\Link-AssistantCom\SEO PowerSuite.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Hilfe für Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\Doc\de-DE\kis\context.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Kaspersky Lab ZAO) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Lab im Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kl.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Lizenzvertrag.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\Doc\de\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager\Internet Manager.lnk -> C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager\Uninstall.lnk -> C:\Program Files (x86)\T-Mobile\InternetManager_H\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager\Intel® Matrix Storage Console.lnk -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Shell.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP*Update.lnk -> C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe (Hewlett-Packard) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Druckereinrichtung & -software.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetupLauncher.exe (Hewlett-Packard Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Hilfe.lnk -> C:\Program Files (x86)\HP\HP Officejet Pro 8600\bin\HelpViewer\hpqlpvwr.exe (Hewlett-Packard Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\HP Scan.lnk -> C:\Program Files (x86)\HP\HP Officejet Pro 8600\bin\HPScan.exe (Hewlett-Packard Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Shop für Zubehör.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\hpqDTSS.exe (Hewlett-Packard Co.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Website für Produktsupport.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\ProductSupportShortcut.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Wireless-Druck - Onlinehilfe.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\WirelessEasyShortcut.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Monitor for Google\Free Monitor for Google on the Web.lnk -> C:\Program Files (x86)\Free Monitor for Google\Free Monitor for Google.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Monitor for Google\Free Monitor for Google.lnk -> C:\Program Files (x86)\Free Monitor for Google\GoogleMon.exe (CleverStat) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Monitor for Google\Uninstall Free Monitor for Google.lnk -> C:\Program Files (x86)\Free Monitor for Google\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free CSS Toolbox\Free CSS Toolbox.lnk -> C:\Program Files (x86)\Free CSS Toolbox\csstool.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free CSS Toolbox\Uninstall Free CSS Toolbox.lnk -> C:\Program Files (x86)\Free CSS Toolbox\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer\Fotosizer Homepage.lnk -> C:\Program Files (x86)\Fotosizer\Fotosizer.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer\Fotosizer.lnk -> C:\Program Files (x86)\Fotosizer\Fotosizer.exe (Fotosizer.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer\Uninstall Fotosizer.lnk -> C:\Program Files (x86)\Fotosizer\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe (Tim Kosse) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaShow 5\MediaShow.lnk -> C:\Program Files (x86)\CyberLink\MediaShow5\MediaShow.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BuzzBundle\BuzzBundle.lnk -> C:\Program Files (x86)\Link-AssistantCom\BuzzBundle\bin\buzzbundle.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BuzzBundle\Links\.lnk -> C:\Program Files (x86)\Link-AssistantCom\SEO PowerSuite Support.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BuzzBundle\Links\BuzzBundle.lnk -> C:\Program Files (x86)\Link-AssistantCom\BuzzBundle\BuzzBundle.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup\Avira System Speedup.lnk -> C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe (Avira) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup\Uninstall.lnk -> C:\Program Files (x86)\Avira\AviraSpeedup\Uninstall.exe (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artisteer 4\Artisteer 4 Uninstaller.lnk -> C:\Program Files (x86)\Artisteer 4\bin\Uninstall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Artisteer 4\Artisteer 4.lnk -> C:\Program Files (x86)\Artisteer 4\bin\Artisteer.exe (ExtenSoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft\Any Video Converter\Any Video Converter entfernen.lnk -> C:\Program Files (x86)\Anvsoft\Any Video Converter\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft\Any Video Converter\Any Video Converter im Internet.lnk -> C:\Program Files (x86)\Anvsoft\Any Video Converter\AVCFree.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft\Any Video Converter\Any Video Converter.lnk -> C:\Program Files (x86)\Anvsoft\Any Video Converter\AVCFree.exe (Anvsoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Documents\MAGIX_MusicMaker15Premium\_Demos.LNK -> C:\ProgramData\MAGIX\MusicMaker15Premium\_Demos () Shortcut: C:\Users\Public\Desktop\Adobe Photoshop Elements 10.lnk -> C:\Program Files (x86)\Adobe\Elements 10 Organizer\Photoshop Elements 10.0.exe (Adobe Systems Incorporated) Shortcut: C:\Users\Public\Desktop\Fotosizer.lnk -> C:\Program Files (x86)\Fotosizer\Fotosizer.exe (Fotosizer.com) Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Public\Desktop\Internet Manager.lnk -> C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe () Shortcut: C:\Users\Public\Desktop\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Kaspersky Lab ZAO) Shortcut: C:\Users\Public\Desktop\LiveZilla Client.lnk -> C:\Program Files (x86)\LiveZilla\LiveZilla.exe (LiveZilla GmbH) Shortcut: C:\Users\Public\Desktop\LiveZilla Server Admin.lnk -> C:\Program Files (x86)\LiveZilla\LiveZilla Server Admin.exe (LiveZilla GmbH) Shortcut: C:\Users\Public\Desktop\Macromedia Dreamweaver 8.lnk -> C:\Program Files (x86)\Macromedia\Dreamweaver 8\Dreamweaver.exe (Macromedia, Inc.) Shortcut: C:\Users\Public\Desktop\MAGIX Music Maker 15 Premium.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\MusicMaker.exe (MAGIX AG) Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) Shortcut: C:\Users\Public\Desktop\Mobile Connection Manager.lnk -> C:\Program Files (x86)\o2\Mobile Connection Manager\EMMSN.exe (Telefónica I+D) Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\Mufin MusicFinder Base.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\Sonos.exe (MAGIX) Shortcut: C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe (Nero AG) Shortcut: C:\Users\Public\Desktop\Norton Online Backup.lnk -> C:\Windows\Installer\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}\Icon.ico (No File) Shortcut: C:\Users\Public\Desktop\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) Shortcut: C:\Users\Public\Desktop\Packard Bell Registration.lnk -> C:\Program Files (x86)\Packard Bell\Registration\GREG.exe (Acer Incorporated) Shortcut: C:\Users\Public\Desktop\PDF-Viewer.lnk -> C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe (Tracker Software Products (Canada) Ltd.) Shortcut: C:\Users\Public\Desktop\PhotoImpact 12.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact 12\Iedit.exe (Ulead Systems, Inc.) Shortcut: C:\Users\Public\Desktop\PhotoImpact Album 12.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact 12\album.exe (Ulead Systems, Inc.) Shortcut: C:\Users\Public\Desktop\SeaMonkey.lnk -> C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org) Shortcut: C:\Users\Public\Desktop\SendBlaster 3.lnk -> C:\Program Files (x86)\SendBlaster3\sendblaster3.exe (eDisplay srl) Shortcut: C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet Pro 8600.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\hpqDTSS.exe (Hewlett-Packard Co.) Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe () Shortcut: C:\Users\Public\Desktop\TemplateToaster 4.lnk -> C:\Program Files (x86)\TemplateToaster 4\TemplateToaster.exe (TemplateToaster) Shortcut: C:\Users\Public\Desktop\Ulead Photo Explorer 8.6.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.6\Pex.exe () Shortcut: C:\Users\Public\Desktop\User's Guide (Packard Bell InfoCentre).lnk -> C:\Program Files (x86)\Packard Bell\InfoCentre\InfoCtr.exe (Acer Incorporated) Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\Users\Public\Desktop\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\Public\Desktop\WinSCP.lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) Shortcut: C:\Users\Public\Desktop\ZooEasy v12.lnk -> C:\ZooEasy\ZooEasy v12\ZooEasy.exe (ZooEasy) Shortcut: C:\Users\Tce\software\Downloads\Desktop.lnk -> C:\Users\Tce\Desktop () Shortcut: C:\Users\Tce\software\Downloads\ZT_Webshop\ZT_Webshop\ZT_Layer Slider_Document\img\favicon.png.lnk -> D:\Documents\ZT_Beauty_Document\img\favicon.ico (No File) Shortcut: C:\Users\Tce\software\Downloads\TF-Simplekey\TF-Simplekey\documentation\css\css - Verknüpfung.lnk -> C:\Users\Tce\software\Downloads\TF-Simplekey\TF-Simplekey\documentation\css () Shortcut: C:\Users\Tce\Links\Desktop.lnk -> C:\Users\Tce\Desktop () Shortcut: C:\Users\Tce\Links\Downloads.lnk -> C:\Users\Tce\software\Downloads () Shortcut: C:\Users\Tce\Desktop\Ahnenblatt.lnk -> C:\Program Files (x86)\Ahnenblatt\Ahnblatt.exe (Dirk Böttcher) Shortcut: C:\Users\Tce\Desktop\Any Video Converter.lnk -> C:\Program Files (x86)\Anvsoft\Any Video Converter\AVCFree.exe (Anvsoft) Shortcut: C:\Users\Tce\Desktop\Artisteer 4.lnk -> C:\Program Files (x86)\Artisteer 4\bin\Artisteer.exe (ExtenSoft) Shortcut: C:\Users\Tce\Desktop\BuzzBundle.lnk -> C:\Program Files (x86)\Link-AssistantCom\BuzzBundle\bin\buzzbundle.exe () Shortcut: C:\Users\Tce\Desktop\Downloads.lnk -> C:\Users\Tce\software\Downloads () Shortcut: C:\Users\Tce\Desktop\FileZilla.lnk -> C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe (FileZilla Project) Shortcut: C:\Users\Tce\Desktop\Free CSS Toolbox.lnk -> C:\Program Files (x86)\Free CSS Toolbox\csstool.exe () Shortcut: C:\Users\Tce\Desktop\Free Monitor for Google.lnk -> C:\Program Files (x86)\Free Monitor for Google\GoogleMon.exe (CleverStat) Shortcut: C:\Users\Tce\Desktop\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Kaspersky Lab ZAO) Shortcut: C:\Users\Tce\Desktop\LinkAssistant.lnk -> C:\Program Files (x86)\Link-AssistantCom\LinkAssistant\bin\linkassistant.exe () Shortcut: C:\Users\Tce\Desktop\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\Users\Tce\Desktop\Muziic Player.lnk -> C:\Program Files (x86)\Muziic\Muziic.exe (Muziic, LLC) Shortcut: C:\Users\Tce\Desktop\Notepad++ (2).lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\Users\Tce\Desktop\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\Users\Tce\Desktop\pkColorPicker.exe - Verknüpfung.lnk -> C:\Users\Tce\software\Downloads\pkcolorpicker4(1)\pkColorPicker.exe (www.color-picker.de) Shortcut: C:\Users\Tce\Desktop\Rank Tracker.lnk -> C:\Program Files (x86)\Link-AssistantCom\Rank Tracker\bin\ranktracker.exe () Shortcut: C:\Users\Tce\Desktop\SEO SpyGlass.lnk -> C:\Program Files (x86)\Link-AssistantCom\SEO SpyGlass\bin\seospyglass.exe () Shortcut: C:\Users\Tce\Desktop\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com)) Shortcut: C:\Users\Tce\Desktop\SuperMailer.lnk -> C:\Program Files (x86)\SuperMailer\sm.exe (Mirko Böer) Shortcut: C:\Users\Tce\Desktop\TinyPic.lnk -> C:\Program Files (x86)\Tinypic\TinyPic.exe (Borland Software Corporation) Shortcut: C:\Users\Tce\Desktop\Ulead COOL 360 Viewer.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead COOL 360\UPViewer.exe (Ulead Systems, Inc.) Shortcut: C:\Users\Tce\Desktop\Ulead COOL 360.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead COOL 360\UPano.exe (Ulead Systems, Inc.) Shortcut: C:\Users\Tce\Desktop\WebSite Auditor.lnk -> C:\Program Files (x86)\Link-AssistantCom\WebSite Auditor\bin\websiteauditor.exe () Shortcut: C:\Users\Tce\Desktop\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utherverse VWW Client\Help And Support.lnk -> C:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\Branding\{FF92D786-2E61-4410-8E67-5BC370DB244D}\Help And Support.url () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utherverse VWW Client\Social Center.lnk -> C:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\Branding\{FF92D786-2E61-4410-8E67-5BC370DB244D}\Social Center.url () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utherverse VWW Client\Uninstall.lnk -> C:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\Branding\{FF92D786-2E61-4410-8E67-5BC370DB244D}\uninst.exe () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Muziic\35 FREE MP3 DOWNLOADS.lnk -> C:\Program Files (x86)\Muziic\eMusic.exe () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Muziic\Muziic Player.lnk -> C:\Program Files (x86)\Muziic\Muziic.exe (Muziic, LLC) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Muziic\Uninstall Muziic.lnk -> C:\Program Files (x86)\Muziic\Uninstall.exe () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt\Ahnenblatt entfernen.lnk -> C:\Users\Tce\AppData\Roaming\Ahnenblatt\unins000.exe () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt\Ahnenblatt.lnk -> C:\Program Files (x86)\Ahnenblatt\Ahnblatt.exe (Dirk Böttcher) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Artisteer 4.lnk -> C:\Program Files (x86)\Artisteer 4\bin\Artisteer.exe (ExtenSoft) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SeaMonkey.lnk -> C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ulead Photo Explorer 8.6.lnk -> C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.6\Pex.exe () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Safari.lnk -> C:\Program Files (x86)\Safari\Safari.exe (Apple Inc.) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SeaMonkey.lnk -> C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Artisteer 4.lnk -> C:\Program Files (x86)\Artisteer 4\bin\Artisteer.exe (ExtenSoft) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Macromedia Dreamweaver 8.lnk -> C:\Program Files (x86)\Macromedia\Dreamweaver 8\Dreamweaver.exe (Macromedia, Inc.) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Service und Support\Online registrieren.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\explore.exe () -> hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=Sonos_e-version_trial&VARCHARGE=1.5.3.255&VARREGISTER=onlineregister&VARLAND=D ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 15 Premium\Service und Support\Online registrieren.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker15Premium\explore.exe () -> hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=mm15dlx&VARCHARGE=15.0.0.19&VARREGISTER=onlineregister&VARLAND=D ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Goya burnR\Service und Support\Online registrieren.lnk -> C:\Program Files (x86)\MAGIX\Goya_burnR\explore.exe () -> hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=Goya_burnR&VARCHARGE=1.3.1.3&VARREGISTER=onlineregister&VARLAND=D ShortcutWithArgument: C:\Users\Public\Desktop\PB Zubehör Shop.lnk -> C:\Program Files\PB Accessory Store\StartURL.exe () -> hxxp://store.packardbell.com/Store/ASDE?utm_source=Icons&utm_medium=Link&utm_campaign=PB%2BInternal ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZooEasy v12\Löschen ZooEasy v12.lnk -> C:\Windows\ZooEasy\uninstall.exe () -> "/U:C:\ZooEasy\ZooEasy v12\irunin.xml" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead PhotoImpact 12\AutoUpdate.lnk -> C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe (InstallShield Software Corporation) -> -au{11AFE21E-B193-430D-B57A-DFF7815BB962} -AppMenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaMonkey\Profil-Manager.lnk -> C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org) -> -profileManager ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaMonkey\SeaMonkey (Abgesicherter Modus).lnk -> C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org) -> -safe-mode ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SeaMonkey\SeaMonkey Mail.lnk -> C:\Program Files (x86)\SeaMonkey\seamonkey.exe (mozilla.org) -> -mail ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Identity Card.lnk -> C:\Program Files (x86)\Packard Bell\Identity Card\IdentityCard.exe () -> Identity Card ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\User's Guide (Packard Bell InfoCentre).lnk -> C:\Program Files (x86)\Packard Bell\InfoCentre\InfoCtr.exe (Acer Incorporated) -> User's Guide (Packard Bell InfoCentre) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell\Hotkey Utility.lnk -> C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe () -> Hotkey Utility ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero Online Upgrade.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero Online Upgrade\NeroOnlineUpgrade.exe (Nero AG) -> ShowOffer ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 9\Nero Express Essentials SE.lnk -> C:\Program Files (x86)\Nero\Nero 9\Nero Express\NeroExpress.exe (Nero AG) -> /w ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\Mufin MusicFinder Base\Service und Support\Alle Einstellungen zurücksetzen.lnk -> C:\Program Files (x86)\MAGIX\Mufin MusicFinder\Sonos.exe (MAGIX) -> /reset /silent ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security entfernen.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{653C1B5A-3287-47B1-8613-0745D4E771C4} REMOVE=ALL ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab about ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe (Oracle Corporation) -> -tab about ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /qb /x {D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\HP Officejet Pro 8600.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HP Officejet Pro 8600.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\IP-Adresse aktualisieren.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe (Hewlett-Packard Co.) -> /changeip "" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Studie zur Verbesserung von HP Produkten.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe (Hewlett-Packard Co.) -> /changesettings /UA 9.5 /DDV 0x1000 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\- Packard Bell Game Console -.lnk -> C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsole-wt.exe (WildTangent, Inc.) -> /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\Packard Bell Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Blasterball 3.lnk -> C:\Program Files (x86)\Packard Bell Games\Blasterball 3\BlasterBall3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bob the Builder Can-Do-Zoo.lnk -> C:\Program Files (x86)\Packard Bell Games\Bob the Builder Can-Do-Zoo\BobTheBuilder Zoo-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Build-a-lot 2.lnk -> C:\Program Files (x86)\Packard Bell Games\Build-a-lot 2\buildalot2-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chicken Invaders 3 - Revenge of the Yolk.lnk -> C:\Program Files (x86)\Packard Bell Games\Chicken Invaders 3 - Revenge of the Yolk\CI3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Escape Rosecliff Island.lnk -> C:\Program Files (x86)\Packard Bell Games\Escape Rosecliff Island\EscapeRosecliffIsland-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Faerie Solitaire.lnk -> C:\Program Files (x86)\Packard Bell Games\Faerie Solitaire\Faerie Solitaire Oberon-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FATE - The Traitor Soul.lnk -> C:\Program Files (x86)\Packard Bell Games\FATE - The Traitor Soul\Fate-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Insaniquarium Deluxe.lnk -> C:\Program Files (x86)\Packard Bell Games\Insaniquarium Deluxe\Insaniquarium-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire 3.lnk -> C:\Program Files (x86)\Packard Bell Games\Jewel Quest Solitaire 3\JQSolitaire3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest.lnk -> C:\Program Files (x86)\Packard Bell Games\Jewel Quest\JewelQuest-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjongg Artifacts.lnk -> C:\Program Files (x86)\Packard Bell Games\Mahjongg Artifacts\mahjong_artifacts-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from Packard Bell Games.lnk -> C:\Program Files (x86)\Packard Bell Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Penguins!.lnk -> C:\Program Files (x86)\Packard Bell Games\Penguins!\penguins-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler.lnk -> C:\Program Files (x86)\Packard Bell Games\Polar Bowler\Polar-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Golfer.lnk -> C:\Program Files (x86)\Packard Bell Games\Polar Golfer\golf-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Pool.lnk -> C:\Program Files (x86)\Packard Bell Games\Polar Pool\PolarPool-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Families.lnk -> C:\Program Files (x86)\Packard Bell Games\Virtual Families\Virtual Families-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Villagers - A New Home.lnk -> C:\Program Files (x86)\Packard Bell Games\Virtual Villagers - A New Home\VirtualVillagers-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Yahtzee.lnk -> C:\Program Files (x86)\Packard Bell Games\Yahtzee\Yahtzee-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma Deluxe.lnk -> C:\Program Files (x86)\Packard Bell Games\Zuma Deluxe\Zuma-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenuoem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{f7378464-7323-4493-8fed-c866bde529df}\PlayTasks\0\Polar Golfer.lnk -> C:\Program Files (x86)\Packard Bell Games\Polar Golfer\golf-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{f1e85cd4-2de2-4ed6-a86c-a3b6874cd999}\PlayTasks\0\Escape Rosecliff Island.lnk -> C:\Program Files (x86)\Packard Bell Games\Escape Rosecliff Island\EscapeRosecliffIsland-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{e66a9c38-31e5-4a37-94ad-24896d21be8a}\PlayTasks\0\FATE - The Traitor Soul.lnk -> C:\Program Files (x86)\Packard Bell Games\FATE - The Traitor Soul\Fate-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{d8e11281-b99b-44d9-afb8-e7c994494da0}\PlayTasks\0\Bob the Builder Can-Do-Zoo.lnk -> C:\Program Files (x86)\Packard Bell Games\Bob the Builder Can-Do-Zoo\BobTheBuilder Zoo-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{c42d640f-5025-4b85-a4f0-59f06282a57e}\PlayTasks\0\Polar Bowler.lnk -> C:\Program Files (x86)\Packard Bell Games\Polar Bowler\Polar-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{a2b900db-3bd1-4688-b339-bafc50848183}\PlayTasks\0\Faerie Solitaire.lnk -> C:\Program Files (x86)\Packard Bell Games\Faerie Solitaire\Faerie Solitaire Oberon-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{a1b390fd-a06a-4cb2-8968-42b24e0054a3}\PlayTasks\0\Yahtzee.lnk -> C:\Program Files (x86)\Packard Bell Games\Yahtzee\Yahtzee-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{9e2f85a0-1d12-4a52-a471-b7898b0955ed}\PlayTasks\0\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\Packard Bell Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\Packard Bell Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{8d3ed99e-f203-4928-a041-22598dfbcfa5}\PlayTasks\0\Polar Pool.lnk -> C:\Program Files (x86)\Packard Bell Games\Polar Pool\PolarPool-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{86f7b49b-ad8a-49cd-89b8-18cc9009217c}\PlayTasks\0\Jewel Quest.lnk -> C:\Program Files (x86)\Packard Bell Games\Jewel Quest\JewelQuest-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{85500d62-0999-431b-92ed-b0b1fb2ff21a}\PlayTasks\0\Virtual Villagers - A New Home.lnk -> C:\Program Files (x86)\Packard Bell Games\Virtual Villagers - A New Home\VirtualVillagers-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{6f08920b-58be-4c4f-a27d-a747c8390e7b}\PlayTasks\0\Penguins!.lnk -> C:\Program Files (x86)\Packard Bell Games\Penguins!\penguins-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{61cdf7ae-7b36-42bb-ba12-2f952419c753}\PlayTasks\0\Chicken Invaders 3 - Revenge of the Yolk.lnk -> C:\Program Files (x86)\Packard Bell Games\Chicken Invaders 3 - Revenge of the Yolk\CI3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{6061286d-56f1-4d98-b2c6-3a549cd4383c}\PlayTasks\0\Mahjongg Artifacts.lnk -> C:\Program Files (x86)\Packard Bell Games\Mahjongg Artifacts\mahjong_artifacts-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{5d1ba0be-950d-4171-9ac8-aa7f949a5fd9}\PlayTasks\0\Blasterball 3.lnk -> C:\Program Files (x86)\Packard Bell Games\Blasterball 3\BlasterBall3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{50c11069-e18c-42f0-84d3-05d0d465999b}\PlayTasks\0\Build-a-lot 2.lnk -> C:\Program Files (x86)\Packard Bell Games\Build-a-lot 2\buildalot2-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{4931e734-fd63-4b91-8622-c1322451b990}\PlayTasks\0\Virtual Families.lnk -> C:\Program Files (x86)\Packard Bell Games\Virtual Families\Virtual Families-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3792479a-37d6-4902-91d7-f0cfcfb2a99c}\PlayTasks\0\Zuma Deluxe.lnk -> C:\Program Files (x86)\Packard Bell Games\Zuma Deluxe\Zuma-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{27d86528-9837-44f2-bd1d-a4b411a9f092}\PlayTasks\0\Insaniquarium Deluxe.lnk -> C:\Program Files (x86)\Packard Bell Games\Insaniquarium Deluxe\Insaniquarium-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{11feeb8b-9049-498b-8c57-35becf1cdbdc}\PlayTasks\0\Jewel Quest Solitaire 3.lnk -> C:\Program Files (x86)\Packard Bell Games\Jewel Quest Solitaire 3\JQSolitaire3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexploreroem ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HP Officejet Pro 8600.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage ShortcutWithArgument: C:\Users\Public\Desktop\Packard Bell Games.lnk -> C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsole-wt.exe (WildTangent, Inc.) -> /src desktopoem ShortcutWithArgument: C:\Users\Tce\Desktop\Sicherer Zahlungsverkehr.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Kaspersky Lab ZAO) -> -safebanking ShortcutWithArgument: C:\Users\Tce\Desktop\SiSoft Sandra Lite 2015 - CHIP Downloader.lnk -> C:\Users\Tce\AppData\Local\Temp\DMR\dmr_72.exe (Chip Digital GmbH) -> -install -54378362 -chipde -1cd0595c402b4844b2c5521bc68341f0 - -BLUB2 -usuqykjsxdjwzrns -8528 ShortcutWithArgument: C:\Users\Tce\Desktop\Utherverse VWW Client.lnk -> C:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\UtherversePatcher.exe (Utherverse Digital Inc.) -> /brand {FF92D786-2E61-4410-8E67-5BC370DB244D} ShortcutWithArgument: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utherverse VWW Client\Utherverse VWW Client.lnk -> C:\Program Files (x86)\Utherverse Digital Inc\Utherverse VWW Client\UtherversePatcher.exe (Utherverse Digital Inc.) -> /brand {FF92D786-2E61-4410-8E67-5BC370DB244D} ShortcutWithArgument: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN26QBS1FS05KC;CONNECTION=NW;MONITOR=1; ShortcutWithArgument: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto: ShortcutWithArgument: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\SendTo\WinSCP (zum hochladen).lnk -> C:\Program Files (x86)\WinSCP\WinSCP.exe (Martin Prikryl) -> /upload ShortcutWithArgument: C:\Users\Tce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free CSS Toolbox\Blumentals Software Web Site.url -> hxxp://www.blumentals.net/ InternetURL: C:\Users\Tce\software\Downloads\pkcolorpicker4(1)\Homepage.url -> hxxp://www.color-picker.de/ InternetURL: C:\Users\Tce\software\Downloads\pkcolorpicker4\Homepage.url -> hxxp://www.color-picker.de/ InternetURL: C:\Users\Tce\software\Downloads\AdDWCS6120Por(1)\Adobe Dreamweaver CS6 v12.0 Portable\Share-Online.biz Premium.URL -> hxxp://www.share-online.biz/affiliate/3531323135343B3230373530373032373432 InternetURL: C:\Users\Tce\software\Downloads\AdDWCS6120Por(1)\Adobe Dreamweaver CS6 v12.0 Portable\Uploaded.to Premium.URL -> hxxp://ul.to/ref/2467368 InternetURL: C:\Users\Tce\software\Downloads\AdDWCS6120Por\Adobe Dreamweaver CS6 v12.0 Portable\Share-Online.biz Premium.URL -> hxxp://www.share-online.biz/affiliate/3531323135343B3230373530373032373432 InternetURL: C:\Users\Tce\software\Downloads\AdDWCS6120Por\Adobe Dreamweaver CS6 v12.0 Portable\Uploaded.to Premium.URL -> hxxp://ul.to/ref/2467368 InternetURL: C:\Users\Tce\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742 InternetURL: C:\Users\Tce\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700 InternetURL: C:\Users\Tce\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681 InternetURL: C:\Users\Tce\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682 InternetURL: C:\Users\Tce\Favorites\Packard Bell\eBay.url -> hxxp://rover.ebay.com/rover/1/707-37276-18099-1/4 InternetURL: C:\Users\Tce\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680 InternetURL: C:\Users\Tce\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659 InternetURL: C:\Users\Tce\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640 InternetURL: C:\Users\Tce\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636 InternetURL: C:\Users\Tce\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635 InternetURL: C:\Users\Tce\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630 InternetURL: C:\Users\Tce\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186 InternetURL: C:\Users\Tce\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520 InternetURL: C:\Users\Tce\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813 InternetURL: C:\Users\Tce\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629 InternetURL: C:\Users\Tce\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406 InternetURL: C:\Users\Tce\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893 InternetURL: C:\Users\Tce\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893 InternetURL: C:\Users\Tce\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\Tce\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\Tce\Desktop\HP Druckerdiagnosetools.url -> hxxp://h20180.www2.hp.com/apps/Nav?h_pagetype=s-926&h_lang=de&h_client=s-h-e016-1&h_keyword=dg-THD&jumpid=ex_r4155/hho/ipg/ccdoc/trailhead_doc ==================== End of log ============================= |
18.03.2015, 00:17 | #2 |
| Bei jede bewegung auf meinem PC geht ein Popup aufCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015 Ran by Tce at 2015-03-17 23:53:42 Running from C:\Users\Tce\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Ahnenblatt 2.85 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.85.0.1 - Dirk Böttcher) Any Video Converter 5.7.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Artisteer 4 (HKLM-x32\...\Artisteer 4) (Version: 4.0 - Extensoft) Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation) Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.82 - WildTangent) Hidden Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden Chicken Invaders 3 - Revenge of the Yolk (x32 Version: 2.2.0.82 - WildTangent) Hidden Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.0.1 - Cliqz.com) CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1308 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM) Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden FATE - The Traitor Soul (x32 Version: 2.2.0.82 - WildTangent) Hidden FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG) Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com) Free CSS Toolbox 1.2 (HKLM-x32\...\Free CSS Toolbox_is1) (Version: Free CSS Toolbox 1.0 - Blumentals Software) Free Monitor for Google 2.5 (HKLM-x32\...\Free Monitor for Google_is1) (Version: - CleverStat) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Packard Bell) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HUAWEI DataCard Driver 4.20.12.00 (HKLM-x32\...\HUAWEI DataCard Driver) (Version: 4.20.12.00 - Huawei technologies Co., Ltd.) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Packard Bell) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.04.55 - Huawei Technologies Co.,Ltd) Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Jewel Quest (x32 Version: 2.2.0.82 - WildTangent) Hidden Jewel Quest Solitaire 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden JPEGmini (HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\...\5d2010e174743543) (Version: 1.8.26.1 - ICVT Ltd) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden LiveZilla (HKLM-x32\...\LiveZilla) (Version: 5.3.0.7 - LiveZilla GmbH) LiveZilla (x32 Version: 5.3.0.7 - LiveZilla GmbH) Hidden Macromedia Dreamweaver 8 (HKLM-x32\...\{44025BD7-AD10-4769-99AE-6378FD0303D6}) (Version: 8.0.0.2751 - Macromedia) Macromedia Extension Manager (HKLM-x32\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname) MAGIX Goya burnR 1.3.1.3 (D) (HKLM-x32\...\MAGIX Goya burnR D) (Version: 1.3.1.3 - MAGIX AG) MAGIX Music Maker 15 Premium 15.0.0.19 (D) (HKLM-x32\...\MAGIX Music Maker 15 Premium D) (Version: 15.0.0.19 - MAGIX AG) MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG) Mahjongg Artifacts (x32 Version: 2.2.0.82 - WildTangent) Hidden Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd) Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: - Mobile Connection Manager) Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla) Mozilla Thunderbird 31.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 de)) (Version: 31.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mufin MusicFinder Base 1.5.3.255 (D) (HKLM-x32\...\Mufin MusicFinder Base D) (Version: 1.5.3.255 - MAGIX AG) Muziic Player & Encoder (HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\...\Muziic Player & Encoder) (Version: - ) Nero 9 Essentials (HKLM-x32\...\{8af0a855-8811-42b5-8f56-a9f856b2bf75}) (Version: - Nero AG) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team) NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5933 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation) NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation) Opera Stable 28.0.1750.40 (HKLM-x32\...\Opera 28.0.1750.40) (Version: 28.0.1750.40 - Opera Software ASA) Packard Bell Game Console (x32 Version: - WildTangent) Hidden Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.0.80 - WildTangent) Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell) Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Packard Bell) Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.02.3006 - Packard Bell) Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0812 - Packard Bell Incorporated) Packard Bell Software Suite SE (HKLM-x32\...\Packard Bell Software Suite SE) (Version: 2.01.3003 - Packard Bell) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd) Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden Photo Frame (HKLM-x32\...\{733C5FC0-F0C4-405B-A983-61C24CC60E39}_is1) (Version: 5.0.0.2 - Northstar Systems Corp.) Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden Polar Pool (x32 Version: 2.2.0.82 - WildTangent) Hidden PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.) Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) SeaMonkey 2.25 (x86 de) (HKLM-x32\...\SeaMonkey 2.25 (x86 de)) (Version: 2.25 - Mozilla) SendBlaster 3 (HKLM-x32\...\{486575DF-CC13-4F89-8636-C2CC5BDA7246}) (Version: 003.001.00006 - eDisplay srl) SEO SpyGlass (HKLM-x32\...\seopowersuite) (Version: - ) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.) SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.) SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (HKLM\...\{B9824225-2055-4700-BCD4-64B25EC88264}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) SuperMailer 8.01 (HKLM-x32\...\Newsletter Software SuperMailer_is1) (Version: 8.01 - Mirko Boeer Softwareentwicklungen) TemplateToaster 4 (HKLM-x32\...\TemplateToaster 4_is1) (Version: 4.1.0.5621 - TemplateToaster.com) Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler) Ulead COOL 360 1.0 (HKLM-x32\...\{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}) (Version: - ) Ulead Photo Explorer 8.6 (HKLM-x32\...\{025C3792-E9C6-432A-92C1-661F99D021CA}) (Version: 8.6 - Ulead Systems, Inc.) Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Utherverse VWW Client (HKLM-x32\...\Utherverse VWW Client) (Version: 1.9.4662 - Utherverse Digital Inc) Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden Virtual Villagers - A New Home (x32 Version: 2.2.0.82 - WildTangent) Hidden VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.00.3013 - Packard Bell) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinSCP 5.5.2 (HKLM-x32\...\winscp3_is1) (Version: 5.5.2 - Martin Prikryl) Yahtzee (x32 Version: 2.2.0.82 - WildTangent) Hidden ZooEasy v12 (HKLM-x32\...\ZooEasyPro_v12) (Version: 12.01 - ZooEasy) Zuma Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 10-03-2015 08:41:55 Windows Update 12-03-2015 03:01:03 Windows Update 15-03-2015 19:00:59 Windows-Sicherung 17-03-2015 08:52:37 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2014-04-05 22:55 - 2015-01-15 13:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {06DBD326-73F7-42D0-9278-C94171921CC6} - System32\Tasks\AdobeAAMUpdater-1.0-Tce-PC-Tce => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {147541EF-2CFD-475A-B363-0711A8BCDD7B} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {214487FC-A3EC-4582-B8CA-2BDBB3E340A7} - System32\Tasks\{B32AB847-E061-47D3-A747-EB4CFA57833C} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.370&LastError=404 Task: {23FD5258-A583-4F91-BC09-131D0DC7DCDD} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Task: {4A5131E3-530F-4EAB-B822-0AA2B233BCE9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated) Task: {519B85D5-E841-47CB-85DC-C787D6693586} - System32\Tasks\Opera scheduled Autoupdate 1421347830 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-10] (Opera Software) Task: {702FFB2F-51FE-4D15-B7AF-DC101E1BEAC8} - System32\Tasks\{89AEC5B7-84DA-4ED6-97A7-E50AD5117CFA} => pcalua.exe -a E:\AutoRun.exe -d E:\ Task: {A6BB0ED3-3D2F-47B0-BF70-386BCC19656D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {ADEAA82E-C1A7-46E6-9A41-937E418C6579} - System32\Tasks\{840FBC3D-2B72-41FF-B6B3-914AEB69C074} => pcalua.exe -a C:\Users\Tce\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=smt <==== ATTENTION Task: {BC019421-E17D-437C-865D-A0EFBCBF90FC} - System32\Tasks\{5A0D2B35-CB36-4618-8042-20ED940B2C80} => pcalua.exe -a C:\Users\Tce\Downloads\setup.exe -d C:\Users\Tce\Downloads Task: {D81ED378-1959-41E6-ADFA-19A7EC65729B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-15 10:56 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-03-02 15:43 - 2015-03-02 15:43 - 00099288 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2014-01-15 04:42 - 2014-01-15 04:42 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2014-11-22 11:42 - 2014-04-26 07:15 - 00682064 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe 2014-09-16 21:12 - 2014-02-15 07:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2010-08-04 13:40 - 2010-08-04 13:40 - 00611872 _____ () C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe 2009-12-14 03:19 - 2009-12-09 10:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe 2015-03-11 08:36 - 2015-03-11 08:36 - 01862776 _____ () C:\Program Files (x86)\Opera\28.0.1750.40\opera_autoupdate.exe 2014-03-06 14:00 - 2014-03-06 14:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll 2014-11-22 11:42 - 2013-08-16 07:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll 2014-11-22 11:42 - 2013-08-16 07:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll 2014-11-22 11:42 - 2014-02-15 08:31 - 02416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll 2014-11-22 11:42 - 2014-02-15 08:33 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll 2010-08-04 10:47 - 2010-08-04 10:47 - 00144896 _____ () C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyHook.dll 2014-04-09 16:23 - 2004-07-26 16:11 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Tce\Documents\test12345.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-1934781817-2233350501-3576918985-500 - Administrator - Disabled) Gast (S-1-5-21-1934781817-2233350501-3576918985-501 - Limited - Disabled) Tce (S-1-5-21-1934781817-2233350501-3576918985-1000 - Administrator - Enabled) => C:\Users\Tce ==================== Faulty Device Manager Devices ============= Name: Microsoft PS/2-Maus Description: Microsoft PS/2-Maus Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (03/15/2015 11:15:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 794 Startzeit: 01d05f6d52edd453 Endzeit: 10 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: c9a0aa2c-cb60-11e4-8643-4487fcfa3217 Error: (03/01/2015 09:36:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm WINWORD.EXE, Version 12.0.6715.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1be0 Startzeit: 01d0534b287be705 Endzeit: 2859 Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE Berichts-ID: 97904c35-c052-11e4-99f5-4487fcfa3217 Error: (02/25/2015 10:15:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3 Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224 Ausnahmecode: 0x80000003 Fehleroffset: 0x00001425 ID des fehlerhaften Prozesses: 0x19f8 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (02/25/2015 10:15:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3 Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224 Ausnahmecode: 0x80000003 Fehleroffset: 0x00001425 ID des fehlerhaften Prozesses: 0x2894 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (02/25/2015 10:15:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3 Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224 Ausnahmecode: 0x80000003 Fehleroffset: 0x00001425 ID des fehlerhaften Prozesses: 0x3b20 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (02/25/2015 10:14:56 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm firefox.exe, Version 35.0.1.5500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2fd8 Startzeit: 01d0503755301379 Endzeit: 390 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Berichts-ID: c0c76fa2-bcce-11e4-bb95-4487fcfa3217 Error: (02/25/2015 10:14:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3 Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224 Ausnahmecode: 0x80000003 Fehleroffset: 0x00001425 ID des fehlerhaften Prozesses: 0x3bf0 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (02/24/2015 02:39:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3 Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224 Ausnahmecode: 0x80000003 Fehleroffset: 0x00001425 ID des fehlerhaften Prozesses: 0x1480 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (02/24/2015 02:39:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3 Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224 Ausnahmecode: 0x80000003 Fehleroffset: 0x00001425 ID des fehlerhaften Prozesses: 0x14a8 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 Error: (02/24/2015 02:39:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3 Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224 Ausnahmecode: 0x80000003 Fehleroffset: 0x00001425 ID des fehlerhaften Prozesses: 0x1024 Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0 Pfad der fehlerhaften Anwendung: plugin-container.exe1 Pfad des fehlerhaften Moduls: plugin-container.exe2 Berichtskennung: plugin-container.exe3 System errors: ============= Error: (03/17/2015 11:47:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (03/17/2015 11:47:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht. Error: (03/17/2015 11:41:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (03/17/2015 11:41:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht. Error: (03/17/2015 11:10:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (03/17/2015 11:10:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht. Error: (03/17/2015 11:04:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (03/17/2015 11:04:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht. Error: (03/17/2015 11:03:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: %%109 Error: (03/17/2015 11:03:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2015-02-14 03:28:08.227 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-02-14 03:28:08.167 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-01-15 13:35:24.107 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-15 13:35:24.007 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-15 13:35:23.907 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-01-15 13:35:23.797 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-12-13 09:58:36.873 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-13 09:58:36.863 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-13 09:54:17.361 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-12-13 09:54:17.288 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7 CPU 870 @ 2.93GHz Percentage of memory in use: 45% Total physical RAM: 6135.11 MB Available physical RAM: 3366.63 MB Total Pagefile: 12268.41 MB Available Pagefile: 9783.13 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (Packard Bell) (Fixed) (Total:455.95 GB) (Free:334.42 GB) NTFS Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:60.35 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 307D971B) Partition 1: (Not Active) - (Size=19 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================ FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Tce (administrator) on TCE-PC on 17-03-2015 23:52:34 Running from C:\Users\Tce\Desktop Loaded Profiles: Tce (Available profiles: Tce) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe () C:\ProgramData\DataCardService\HWDeviceService64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DataCardService\DCSHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (North Star com.) C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe () C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (LiveZilla GmbH) C:\Program Files (x86)\LiveZilla\LiveZilla.exe (Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe () C:\OEM\USBDECTION\USBS3S4Detection.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Opera Software) C:\Program Files (x86)\Opera\launcher.exe () C:\Program Files (x86)\Opera\28.0.1750.40\opera_autoupdate.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] () HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [LiveZilla] => C:\Program Files (x86)\LiveZilla\LiveZilla.exe [9093672 2014-09-18] (LiveZilla GmbH) HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-05-11] (Google Inc.) HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [425984 2009-08-05] () HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [5085416 2014-04-03] (Avira) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photo Frame.lnk ShortcutTarget: Photo Frame.lnk -> C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe (North Star com.) Startup: C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1934781817-2233350501-3576918985-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE579 BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation) BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-09] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.) Toolbar: HKU\S-1-5-21-1934781817-2233350501-3576918985-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.) Toolbar: HKU\S-1-5-21-1934781817-2233350501-3576918985-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{032DAF0A-FE41-458B-B44A-AAEF980054B8}: [NameServer] 10.74.210.210 10.74.210.211 Tcpip\..\Interfaces\{A8C27199-40F7-44D8-B6FB-5A0ADE4B1455}: [NameServer] 10.74.210.210 10.74.210.211 FireFox: ======== FF ProfilePath: C:\Users\Tce\AppData\Roaming\Mozilla\Firefox\Profiles\qeubepd2.default FF Homepage: google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-09] () FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-09] () FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-09] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin HKU\S-1-5-21-1934781817-2233350501-3576918985-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Users\Tce\AppData\Roaming\Mozilla\Firefox\Profiles\qeubepd2.default\searchplugins\google-images.xml [2014-08-21] FF SearchPlugin: C:\Users\Tce\AppData\Roaming\Mozilla\Firefox\Profiles\qeubepd2.default\searchplugins\google-maps.xml [2014-08-21] FF Extension: WOT - C:\Users\Tce\AppData\Roaming\Mozilla\Firefox\Profiles\qeubepd2.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-12-20] FF Extension: Cliqz Beta - C:\Users\Tce\AppData\Roaming\Mozilla\Firefox\Profiles\qeubepd2.default\Extensions\cliqz@cliqz.com.xpi [2014-12-20] FF Extension: Google Translator for Firefox - C:\Users\Tce\AppData\Roaming\Mozilla\Firefox\Profiles\qeubepd2.default\Extensions\translator@zoli.bod.xpi [2014-04-30] FF Extension: Roll Around - C:\Users\Tce\AppData\Roaming\Mozilla\Firefox\Profiles\qeubepd2.default\Extensions\{f03d5e04-efef-4fbf-9c50-0079529383b9}.xpi [2015-03-17] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-06] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-09-05] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-05] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-09-05] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-09-05] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-09-05] FF HKU\S-1-5-21-1934781817-2233350501-3576918985-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Tce\AppData\Roaming\Mozilla\Firefox\Profiles\qeubepd2.default\extensions\cliqz@cliqz.com Chrome: ======= CHR HomePage: Default -> hxxp://google.de/ CHR StartupUrls: Default -> "hxxp://google.de/" CHR Profile: C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-14] CHR Extension: (Google Drive) - C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-14] CHR Extension: (YouTube) - C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-14] CHR Extension: (Google Search) - C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-14] CHR Extension: (Kaspersky Protection) - C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-09-05] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13] CHR Extension: (Google Wallet) - C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-14] CHR Extension: (Gmail) - C:\Users\Tce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-14] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found] CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated) R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed] S3 GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [238328 2009-10-10] (WildTangent, Inc.) R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] () S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682064 2014-04-26] () R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] () R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D) R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group) S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed] R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 AdobeActiveFileMonitor8.0; c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [124800 2014-05-16] (Huawei Technologies Co., Ltd.) S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [379392 2014-05-04] (Huawei Technologies Co., Ltd.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-10-09] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-10-09] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO) S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EraserUtilDrv11312; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-17 23:52 - 2015-03-17 23:52 - 02095616 _____ (Farbar) C:\Users\Tce\Desktop\FRST64.exe 2015-03-17 23:12 - 2015-03-17 23:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Tce\Desktop\mbam-setup-2.0.4.1028.exe 2015-03-17 23:00 - 2015-03-17 23:00 - 02171392 _____ () C:\Users\Tce\Desktop\adwcleaner_4.112.exe 2015-03-17 20:31 - 2015-03-17 20:31 - 00001175 _____ () C:\Users\Tce\Desktop\Any Video Converter.lnk 2015-03-17 20:31 - 2015-03-17 20:31 - 00000000 ____D () C:\Users\Tce\Documents\Any Video Converter 2015-03-17 20:31 - 2015-03-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft 2015-03-17 20:30 - 2015-03-17 20:31 - 00000000 ____D () C:\Users\Tce\AppData\Roaming\Anvsoft 2015-03-17 20:30 - 2015-03-17 20:30 - 00000000 ____D () C:\Program Files (x86)\Anvsoft 2015-03-17 09:49 - 2015-03-17 09:49 - 00000000 ____D () C:\Users\Tce\AppData\Local\{5CF5F86F-40E1-49F4-8090-EC7A53E79B12} 2015-03-15 09:36 - 2015-03-15 09:36 - 00000000 ____D () C:\Users\Tce\AppData\Local\{DD7540E0-6E3F-4A2A-8405-2F35BDE6AC91} 2015-03-14 10:56 - 2015-03-14 10:56 - 00000000 ____D () C:\Users\Tce\AppData\Local\{74B395B3-73C1-4FD6-9261-9D8EAFEA27A4} 2015-03-13 22:54 - 2015-03-13 22:54 - 00000000 ____D () C:\Users\Tce\AppData\Local\{4ACF3A2B-189F-4859-A49D-47D928745486} 2015-03-13 09:03 - 2015-03-13 09:03 - 00000000 ____D () C:\Users\Tce\AppData\Local\{80C43242-5A2E-4632-9819-57F257132D75} 2015-03-12 16:48 - 2015-03-12 16:48 - 00000000 ____D () C:\Users\Tce\AppData\Local\{E4D4C16C-9BC7-41A2-B889-A9CD7DEB316C} 2015-03-11 22:17 - 2015-03-11 22:17 - 00000000 ____D () C:\Users\Tce\AppData\Local\{26FB8BE6-DB47-4917-81CF-860541814A6A} 2015-03-11 09:45 - 2015-03-11 09:45 - 00000000 ____D () C:\Users\Tce\AppData\Local\{E6F1DEAE-44BF-40FA-A172-ED2D54E44685} 2015-03-11 08:57 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-11 08:57 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-11 08:57 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-11 08:57 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-11 08:57 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-11 08:57 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-11 08:57 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-11 08:57 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-11 08:57 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-11 08:57 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-11 08:56 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-11 08:56 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-11 08:56 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-11 08:56 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-11 08:56 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-11 08:56 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-11 08:56 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-11 08:56 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-11 08:56 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-11 08:56 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-11 08:56 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-11 08:56 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-11 08:56 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-11 08:56 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-11 08:56 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-11 08:56 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-11 08:56 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-11 08:56 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-11 08:56 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-11 08:56 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-11 08:56 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-11 08:56 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-11 08:56 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-11 08:56 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-11 08:56 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-11 08:56 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-11 08:56 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-11 08:56 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-11 08:56 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-11 08:56 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-11 08:56 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-11 08:56 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-11 08:56 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-11 08:56 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-11 08:56 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-11 08:56 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-11 08:56 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-11 08:56 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-11 08:56 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-11 08:56 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-11 08:56 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-11 08:56 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-11 08:56 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-11 08:56 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-11 08:56 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-11 08:56 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-11 08:56 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-11 08:56 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-11 08:56 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-11 08:56 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-11 08:56 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-11 08:56 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-11 08:56 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-11 08:56 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-11 08:56 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-11 08:56 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-11 08:56 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-11 08:56 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-11 08:56 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-11 08:56 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-11 08:56 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-11 08:56 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-11 08:56 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-11 08:56 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-11 08:56 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-11 08:56 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-11 08:56 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-11 08:56 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-11 08:56 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-11 08:56 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-11 08:56 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-11 08:56 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-11 08:56 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-11 08:56 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-11 08:56 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-11 08:56 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-11 08:56 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-11 08:56 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-11 08:56 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-11 08:56 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-11 08:56 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-11 08:56 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-11 08:56 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-11 08:56 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-11 08:56 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-11 08:56 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-11 08:56 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-11 08:56 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-11 08:56 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-11 08:56 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-11 08:56 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-11 08:56 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-11 08:56 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-11 08:56 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-11 08:56 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-11 08:56 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-11 08:56 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-11 08:56 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-11 08:56 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-11 08:56 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-11 08:56 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-11 08:56 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-11 08:56 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-11 08:56 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-11 08:56 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-11 08:56 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-11 08:56 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-11 08:56 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-11 08:56 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-11 08:56 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-11 08:56 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-11 08:56 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-11 08:56 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-11 08:56 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 08:56 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-11 08:56 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-11 08:56 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-11 08:56 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-11 08:56 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-11 08:56 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-11 08:56 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-03-11 08:56 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-03-11 08:54 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-11 08:54 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-10 21:44 - 2015-03-10 21:44 - 00000000 ____D () C:\Users\Tce\AppData\Local\{68317E4F-AAEF-4E76-AC9C-9FF8D688FA94} 2015-03-10 08:20 - 2015-03-10 08:20 - 00000000 ____D () C:\Users\Tce\AppData\Local\{A37DBF11-0B49-4F52-8972-18EF3BF7678D} 2015-03-09 12:56 - 2015-03-09 12:56 - 00000000 ____D () C:\Users\Tce\AppData\Local\{94CE4491-5508-4BB8-AA9C-6E455A159460} 2015-03-08 14:00 - 2015-03-08 14:00 - 00000000 ____D () C:\Users\Tce\AppData\Local\{D54C23FF-4D40-4594-ADC4-64033D64E85B} 2015-03-06 08:55 - 2015-03-06 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-06 08:01 - 2015-03-06 08:01 - 00000000 ____D () C:\Users\Tce\AppData\Local\{FBCEFD0B-03C9-4460-AE05-ED69C54A9A27} 2015-03-05 08:45 - 2015-03-05 08:45 - 00000000 ____D () C:\Users\Tce\AppData\Local\{68AD6837-4772-4572-B160-EFB7C81F2193} 2015-03-04 09:28 - 2015-03-04 09:28 - 00000000 ____D () C:\Users\Tce\AppData\Local\{67228805-9E20-4557-8343-D241DADF3C45} 2015-03-03 09:44 - 2015-03-03 09:45 - 00000000 ____D () C:\Users\Tce\AppData\Local\{B7D4F186-D55B-49AF-912D-CC0E7826DC00} 2015-03-02 16:46 - 2015-03-02 16:46 - 00000000 ____D () C:\Users\Tce\AppData\Local\{90970CEC-9032-41FF-9D0C-D662014FA9B5} 2015-03-01 11:15 - 2015-03-01 11:15 - 00000000 ____D () C:\Users\Tce\AppData\Local\{46C646FD-A804-4B63-BF18-B6D6E3E96B6F} 2015-02-28 14:18 - 2015-02-28 14:18 - 00000000 ____D () C:\Users\Tce\AppData\Local\{C863199C-FDC2-49D1-85BE-78FB3FC454CB} 2015-02-27 16:58 - 2015-02-27 20:23 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-02-27 16:57 - 2015-02-27 20:23 - 00000000 ____D () C:\Users\Tce\Desktop\mbar 2015-02-27 16:56 - 2015-02-27 16:56 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Tce\Desktop\mbar-1.09.1.1004.exe 2015-02-27 15:33 - 2015-02-27 15:33 - 00091473 _____ () C:\Users\Tce\Desktop\Shortcut.txt 2015-02-27 08:46 - 2015-02-27 08:46 - 00000000 ____D () C:\Users\Tce\AppData\Local\{8E2F81E7-5FFC-44B1-AD85-522A406289CA} 2015-02-26 15:00 - 2015-02-26 15:01 - 00000000 ____D () C:\Users\Tce\AppData\Local\{5986266E-CD2A-44E5-9210-07529546A163} 2015-02-26 03:01 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-26 03:01 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-26 03:00 - 2015-02-26 03:00 - 00000000 ____D () C:\Users\Tce\AppData\Local\{F6EF4118-E9E8-49F1-9585-B96E51D37184} 2015-02-25 11:21 - 2015-02-25 11:21 - 00001030 _____ () C:\Users\Public\Desktop\PDF-Viewer.lnk 2015-02-25 11:21 - 2015-02-25 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer 2015-02-25 11:21 - 2015-02-25 11:21 - 00000000 ____D () C:\Program Files\Tracker Software 2015-02-25 10:18 - 2015-02-25 10:18 - 00000000 ____D () C:\Program Files (x86)\BVRP Software 2015-02-25 10:17 - 2015-02-25 10:17 - 00000000 ____D () C:\ProgramData\BVRP Software 2015-02-25 08:30 - 2015-02-25 08:30 - 00000000 ____D () C:\Users\Tce\AppData\Local\{C0565AF6-0449-45D0-833D-7078BF7AF0C1} 2015-02-24 11:41 - 2015-02-24 11:41 - 00000000 ____D () C:\Users\Tce\AppData\Local\{CC5AB82C-67E0-437B-A21B-45B2EC9CBDE2} 2015-02-19 04:32 - 2015-02-19 04:32 - 00336352 _____ () C:\Windows\Minidump\021915-31168-01.dmp 2015-02-18 14:41 - 2015-02-18 14:42 - 00000000 ____D () C:\Users\Tce\AppData\Local\{0822C6C8-BF8F-4FCF-8A39-32B5AC54A2F0} 2015-02-18 00:48 - 2015-02-18 00:48 - 00000000 ____D () C:\Users\Tce\AppData\Local\{1150B6A5-F2DB-489A-8ECC-9026C8F8E3AF} 2015-02-17 16:04 - 2015-02-17 16:04 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL 2015-02-17 11:20 - 2015-02-17 11:20 - 00000000 ____D () C:\Users\Tce\AppData\Local\{CB4DB15D-A7E8-4212-97AE-EFEB01C97A75} 2015-02-15 22:24 - 2015-02-15 22:24 - 00000000 ____D () C:\Users\Tce\AppData\Local\{7B52935D-B731-4EB5-89E1-DC9F6657E08E} 2015-02-15 18:48 - 2015-02-15 18:48 - 00001728 _____ () C:\Users\Tce\Desktop\pkColorPicker.exe - Verknüpfung.lnk 2015-02-15 18:28 - 2015-02-15 18:28 - 00000000 ____D () C:\Users\Tce\AppData\Roaming\dlg 2015-02-15 18:27 - 2015-02-15 18:39 - 00000000 ____D () C:\Program Files (x86)\ColorPicker 2015-02-15 18:27 - 2015-02-15 18:27 - 00000000 ____D () C:\Users\Tce\AppData\Local\colorpicker 2015-02-15 18:26 - 2015-02-15 18:27 - 00000000 ____D () C:\ProgramData\TuneUp Software 2015-02-15 18:26 - 2015-02-15 18:26 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2015-02-15 18:26 - 2015-02-15 18:26 - 00000000 ____D () C:\Users\Tce\AppData\Roaming\TuneUp Software 2015-02-15 18:26 - 2015-02-15 18:26 - 00000000 ____D () C:\Users\Tce\AppData\Local\TuneUp Software 2015-02-15 11:18 - 2015-02-15 11:26 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2015-02-15 11:18 - 2015-02-15 11:18 - 00000983 _____ () C:\Users\Tce\Desktop\SpeedFan.lnk 2015-02-15 11:18 - 2015-02-15 11:18 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2015-02-15 11:18 - 2015-02-15 11:18 - 00000000 ____D () C:\Users\Tce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2015-02-15 11:18 - 2015-02-15 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2015-02-15 11:07 - 2015-02-15 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-02-15 10:58 - 2015-03-17 23:47 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-02-15 10:58 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-02-15 10:56 - 2014-03-04 14:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-02-15 10:56 - 2014-03-04 14:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-02-15 10:56 - 2014-03-04 14:05 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin 2015-02-15 10:56 - 2014-03-04 14:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-02-15 10:56 - 2014-03-04 14:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-02-15 10:56 - 2014-03-04 14:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-02-15 10:56 - 2014-03-04 14:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-02-15 10:37 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-15 10:37 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-15 10:37 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-15 10:37 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-15 10:16 - 2015-02-15 10:16 - 00000000 ____D () C:\Users\Tce\AppData\Local\{6E2ED0E1-B36F-4812-BA61-A84643A985B0} ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-17 23:53 - 2014-04-19 09:53 - 00026607 _____ () C:\Users\Tce\Desktop\FRST.txt 2015-03-17 23:52 - 2014-04-20 19:37 - 00000000 ____D () C:\Users\Tce\Desktop\FRST-OlderVersion 2015-03-17 23:52 - 2014-04-19 09:53 - 00000000 ____D () C:\FRST 2015-03-17 23:52 - 2014-03-13 19:02 - 01197980 _____ () C:\Windows\WindowsUpdate.log 2015-03-17 23:50 - 2014-09-05 17:48 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-03-17 23:48 - 2014-08-30 06:51 - 00000000 ____D () C:\Users\Tce\AppData\Local\Adobe 2015-03-17 23:48 - 2014-03-13 19:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-17 23:47 - 2010-05-11 01:58 - 00527524 _____ () C:\Windows\PFRO.log 2015-03-17 23:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-17 23:47 - 2009-07-14 05:51 - 00079266 _____ () C:\Windows\setupact.log 2015-03-17 23:46 - 2014-04-06 02:28 - 00000000 ____D () C:\AdwCleaner 2015-03-17 23:46 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-17 23:46 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-17 23:44 - 2014-03-13 19:47 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-17 23:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2015-03-17 23:14 - 2015-01-15 16:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-17 23:14 - 2015-01-15 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-17 23:14 - 2014-04-22 14:20 - 00001078 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-17 23:14 - 2014-04-22 14:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-17 22:51 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2015-03-17 22:49 - 2014-03-16 15:53 - 00000000 ____D () C:\Users\Tce\AppData\Roaming\FileZilla 2015-03-17 22:41 - 2014-03-14 08:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-17 22:18 - 2014-03-21 13:23 - 00000000 ____D () C:\Users\Tce\Documents\Unbenannte Site 1 2015-03-17 20:34 - 2015-01-16 18:15 - 00000000 ____D () C:\Users\Tce\Documents\zuechter OK 2015-03-17 15:48 - 2014-03-14 03:54 - 00699090 _____ () C:\Windows\system32\perfh007.dat 2015-03-17 15:48 - 2014-03-14 03:54 - 00149230 _____ () C:\Windows\system32\perfc007.dat 2015-03-17 15:48 - 2009-07-14 06:13 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-16 22:57 - 2014-11-04 15:27 - 00000000 ____D () C:\Users\Tce\AppData\Roaming\Skype 2015-03-15 23:20 - 2014-03-16 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-03-15 23:20 - 2014-03-16 15:53 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2015-03-15 22:06 - 2014-04-02 19:10 - 00000000 ____D () C:\Users\Tce\Documents\backup 2015-03-13 20:46 - 2015-02-03 22:53 - 00002147 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-03-12 03:35 - 2009-07-14 05:45 - 00396752 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 03:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-12 03:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-12 03:16 - 2014-03-14 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-12 03:12 - 2014-04-05 08:01 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-12 03:04 - 2014-04-05 08:01 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-11 08:36 - 2015-01-15 19:50 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1421347830 2015-03-11 08:36 - 2014-03-14 08:54 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-03-08 13:51 - 2014-04-06 12:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-02-27 15:33 - 2014-04-19 09:54 - 00037956 _____ () C:\Users\Tce\Desktop\Addition.txt 2015-02-25 10:18 - 2010-05-11 01:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-25 10:15 - 2014-03-14 12:41 - 00000000 ____D () C:\Users\Tce\AppData\Local\CrashDumps 2015-02-25 10:08 - 2015-01-08 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZooEasy v12 2015-02-25 10:07 - 2010-05-11 01:55 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-02-24 03:17 - 2014-03-14 21:40 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-02-23 13:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-19 04:32 - 2014-03-17 10:02 - 356778268 _____ () C:\Windows\MEMORY.DMP 2015-02-19 04:32 - 2014-03-17 10:02 - 00000000 ____D () C:\Windows\Minidump 2015-02-15 10:58 - 2014-03-13 19:06 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-02-15 10:56 - 2014-03-13 19:05 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-02-15 10:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help 2015-02-15 10:54 - 2014-03-13 19:06 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2015-02-15 10:41 - 2014-03-20 03:30 - 01591936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI ==================== Files in the root of some directories ======= 2014-04-05 09:51 - 2015-02-06 14:57 - 0000600 _____ () C:\Users\Tce\AppData\Roaming\winscp.rnd 2014-04-05 09:50 - 2014-04-05 09:52 - 0000600 _____ () C:\Users\Tce\AppData\Local\PUTTY.RND 2014-04-04 13:28 - 2014-04-04 13:28 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\Tce\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Tce\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Tce\AppData\Local\Temp\expertpdf_v6_avanquest_retail_deu.exe C:\Users\Tce\AppData\Local\Temp\jre-8u31-windows-au.exe C:\Users\Tce\AppData\Local\Temp\Nv3DVisionIePlugin.dll C:\Users\Tce\AppData\Local\Temp\Nv3DVisionIePlugin64.dll C:\Users\Tce\AppData\Local\Temp\Nv3DVStreaming.dll C:\Users\Tce\AppData\Local\Temp\Nv3DVStreaming64.dll C:\Users\Tce\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll C:\Users\Tce\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll C:\Users\Tce\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Tce\AppData\Local\Temp\nvStInst.exe C:\Users\Tce\AppData\Local\Temp\Quarantine.exe C:\Users\Tce\AppData\Local\Temp\readSTILog.dll C:\Users\Tce\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Tce\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Tce\AppData\Local\Temp\sfamcc00001.dll C:\Users\Tce\AppData\Local\Temp\sfamcc00002.dll C:\Users\Tce\AppData\Local\Temp\sfextra.dll C:\Users\Tce\AppData\Local\Temp\somoto_Evrsoft First Page 2006_1.0.exe C:\Users\Tce\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 13:00 ==================== End Of Log ============================ --- --- --- --- --- --- Geändert von schrauber (18.03.2015 um 05:04 Uhr) |
18.03.2015, 05:04 | #3 |
/// the machine /// TB-Ausbilder | Bei jede bewegung auf meinem PC geht ein Popup auf hi,
__________________So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Scan mit Combofix
__________________ |
Themen zu Bei jede bewegung auf meinem PC geht ein Popup auf |
adobe, askbar, branding, browser, böttcher, computer, converter, excel, explorer, ftp, google, iexplore.exe, install.exe, internet, internet explorer, kaspersky, kis, mozilla, mp3, msiexec.exe, netzwerk, officejet, performance, photoshop, popup, rundll, scan, security, server, software, tablet, tracker, windows |