Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Interpol Trojaner (https://www.trojaner-board.de/138975-interpol-trojaner.html)

Lars12345 29.07.2013 12:59
Interpol Trojaner
 
Hallo,

Vor ca. einer Stunde wurde mein Rechner duch einen Interpol Trojaner gesperrt.
Mithilfe von ReatogoPe habe ich OLTPE laufen lassen und den folgenden Log ausgegeben bekommen>
OTL Logfile:
Code:
OTL logfile created on: 7/29/2013 3:55:11 PM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
64bit-Windows 7 Enterprise Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 83.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): d:\pagefile.sys 4096 4096 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.97 Mb Total Space | 70.30 Mb Free Space | 69.62% Space Free | Partition Type: NTFS
Drive D: | 63.85 Gb Total Space | 2.01 Gb Free Space | 3.14% Space Free | Partition Type: NTFS
Drive E: | 39.06 Gb Total Space | 9.05 Gb Free Space | 23.17% Space Free | Partition Type: NTFS
Drive F: | 982.11 Mb Total Space | 899.42 Mb Free Space | 91.58% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/02/26 15:45:09 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand] -- D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012/01/31 03:10:36 | 000,339,776 | ---- | M] ( ) [Auto] -- D:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe -- (mitsijm2013)
SRV:64bit: - [2011/11/01 07:37:56 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto] -- D:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2011/11/01 07:22:28 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto] -- D:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2011/07/12 11:53:58 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto] -- D:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2011/07/12 11:53:40 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto] -- D:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2011/07/12 11:53:24 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto] -- D:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2011/07/12 11:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto] -- D:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2011/03/29 14:15:36 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand] -- D:\Windows\System32\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2010/02/01 18:45:34 | 006,159,656 | ---- | M] (Wacom Technology, Corp.) [Auto] -- D:\Windows\System32\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/07/15 08:09:48 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto] -- D:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2007/11/07 20:11:22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2006/11/27 12:45:16 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto] -- D:\Windows\System32\drivers\XAudio64.exe -- (XAudioService)
SRV - [2013/07/08 05:54:44 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/12 10:16:33 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/03 05:57:49 | 003,085,264 | ---- | M] () [Auto] -- D:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/25 17:32:53 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- D:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/04/16 07:24:40 | 000,206,448 | ---- | M] (Kaspersky Lab ZAO) [Auto] -- D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP)
SRV - [2013/04/04 08:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 08:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/01/02 08:56:20 | 000,102,400 | ---- | M] () [Auto] -- D:\Program Files (x86)\DiskBoss\bin\diskbsa.exe -- (DiskBoss Service)
SRV - [2012/10/26 09:41:20 | 002,048,408 | ---- | M] (TeamViewer GmbH) [Auto] -- D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2012/08/13 07:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- D:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/13 11:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto] -- D:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2012/03/16 11:36:10 | 000,034,104 | ---- | M] (Lenovo Group Limited) [Auto] -- D:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2012/03/15 00:07:00 | 001,662,528 | ---- | M] (Lenovo) [On_Demand] -- D:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2012/03/15 00:07:00 | 000,320,576 | ---- | M] (Lenovo.) [On_Demand] -- D:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2012/03/15 00:07:00 | 000,165,440 | ---- | M] (Lenovo Group Limited) [On_Demand] -- D:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2012/01/18 00:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto] -- D:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/11/13 18:27:20 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto] -- D:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011/11/13 18:27:18 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto] -- D:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011/11/13 17:55:18 | 011,839,488 | ---- | M] () [On_Demand] -- D:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2011/11/13 16:49:40 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto] -- D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/11/03 14:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled] -- D:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/11/03 05:11:25 | 003,246,040 | ---- | M] (Acronis) [Disabled] -- D:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011/10/20 07:09:18 | 000,269,376 | ---- | M] (Lenovo) [Auto] -- D:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2011/10/20 07:09:16 | 000,134,208 | ---- | M] (Lenovo) [Auto] -- D:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2011/09/22 17:21:28 | 001,114,280 | ---- | M] (Acronis) [Auto] -- D:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/08/29 17:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto] -- D:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 08:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto] -- D:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 07:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/08/30 04:58:30 | 000,045,664 | ---- | M] (Schnapper-Software  Robert Beer) [Auto] -- D:\Program Files (x86)\SchnapperPro\TimeSync.exe -- (SchnapperPro-TimeSync)
SRV - [2006/12/19 12:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- D:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/06/13 08:14:16 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System] -- D:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/04/16 07:30:42 | 000,637,272 | ---- | M] (Kaspersky Lab) [File_System | System] -- D:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/04/04 08:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/13 06:12:06 | 000,085,864 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2013/02/13 06:12:06 | 000,076,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2013/01/11 06:52:56 | 000,019,032 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013/01/11 06:52:56 | 000,012,384 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012/03/15 00:07:00 | 000,029,512 | ---- | M] (Lenovo.) [Kernel | Boot] -- D:\Windows\System32\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:64bit: - [2012/03/15 00:07:00 | 000,019,784 | ---- | M] (Lenovo Group Limited) [Kernel | System] -- D:\Windows\System32\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2012/02/15 05:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/18 00:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam Pro 9000(UVC)
DRV:64bit: - [2012/01/18 00:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/12/16 11:53:28 | 000,016,376 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TVMonitor.sys -- (MonitorFunction)
DRV:64bit: - [2011/11/13 18:28:16 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011/11/13 18:28:10 | 000,031,344 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\VMparport.sys -- (VMparport)
DRV:64bit: - [2011/11/13 18:26:30 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011/11/13 16:33:56 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011/11/13 16:33:56 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011/11/03 05:11:27 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand] -- D:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011/11/03 05:11:22 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot] -- D:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2011/11/03 05:11:20 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot] -- D:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/11/03 05:11:14 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot] -- D:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011/11/02 21:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/10/05 04:55:02 | 000,729,152 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2011/08/29 17:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011/08/29 17:01:10 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2011/08/10 08:55:35 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto] -- D:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2011/08/08 09:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot] -- D:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011/08/02 10:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/03/29 14:13:40 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot] -- D:\Windows\System32\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2011/03/29 14:11:48 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot] -- D:\Windows\System32\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2011/03/10 12:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System] -- D:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011/03/04 07:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System] -- D:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011/03/04 07:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot] -- D:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2011/01/15 18:36:06 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2011/01/15 18:35:52 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2011/01/15 18:34:39 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2011/01/15 18:34:39 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2011/01/15 18:34:39 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2011/01/15 18:34:39 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\terminpt.sys -- (terminpt)
DRV:64bit: - [2011/01/15 18:34:36 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2011/01/15 18:34:36 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/20 01:05:02 | 000,059,048 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\SNTUSB64.SYS -- (SNTUSB64)
DRV:64bit: - [2010/09/07 09:09:34 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System] -- D:\Windows\System32\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2010/01/24 18:32:24 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- D:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2009/11/02 14:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand] -- D:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/22 21:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009/09/22 21:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/09/22 21:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009/09/22 21:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009/09/21 18:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- D:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/09/17 01:05:02 | 000,145,448 | ---- | M] (SafeNet, Inc.) [Kernel | Auto] -- D:\Windows\System32\Drivers\Sentinel64.sys -- (Sentinel64)
DRV:64bit: - [2009/09/03 15:14:30 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto] -- D:\Windows\System32\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/09/03 14:59:28 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto] -- D:\Windows\System32\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/09/03 14:37:02 | 000,067,072 | ---- | M] (REDC) [Kernel | Auto] -- D:\Windows\System32\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 16:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/03 05:33:20 | 003,557,248 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2008/11/07 11:33:34 | 000,659,712 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2008/11/07 11:33:32 | 000,658,560 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2007/02/19 01:56:38 | 000,027,136 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2007/02/16 14:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- D:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2006/12/21 08:33:28 | 001,511,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2006/12/21 08:30:50 | 000,300,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2006/12/21 08:29:48 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2006/11/27 12:45:06 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\XAudio64.sys -- (XAudio)
DRV - [2012/09/12 07:52:59 | 000,017,408 | ---- | M] (MARX Datentechnik GmbH ) [Kernel | Auto] -- D:\Windows\SysWOW64\drivers\CBN.SYS -- (CBN)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Master_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://googel.de/
IE - HKU\Master_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Master_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\Master_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Master_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Master_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: D:\Windows\System32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@canon.com/EPPEX: D:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: D:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: D:\Windows\SysWOW64\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0: D:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.0: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000: 
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: D:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Acrobat: D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2013/04/16 07:30:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2013/04/16 07:30:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/06/25 10:37:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/21 05:07:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/11 21:01:24 | 000,000,000 | ---D | M]
 
[2013/05/21 05:07:49 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/12 06:59:21 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/06/15 10:51:01 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/08 05:54:45 | 000,000,000 | ---D | M] (Default) -- D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/13 14:45:42 | 000,034,048 | ---- | M] (Microsoft Corporation) -- D:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2013/04/27 13:01:42 | 000,006,470 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/11/13 11:51:09 | 000,002,519 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
 
O1 HOSTS File: ([2012/05/16 13:55:09 | 000,000,894 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - No CLSID value found.
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Ginyas Browser Companion) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - D:\Program Files (x86)\GinyasBrowserCompanion\jsloader.dll ( )
O2 - BHO: (no name) - {074C1DC5-9320-4A9A-947D-C042949C6216} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - D:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ginyas Browser Companion Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - D:\Program Files (x86)\GinyasBrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - D:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
O2 - BHO: (holasearch Helper Object) - {DFF9B2DA-EF99-4B26-83CB-7058299999D8} - D:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll (holasearch.com)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - D:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - D:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Holasearch Toolbar) - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - D:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll (holasearch.com)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Master_ON_D\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] D:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AcWin7Hlpr] D:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] D:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Autodesk Sync] D:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] D:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] D:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] D:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CanonSolutionMenuEx] D:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [EFI_Designer_Edition_Control] D:\Program Files (x86)\EFI\EFI Designer Edition\EFI_Designer_Edition_Control.exe (Electronics for Imaging)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] D:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LWS] D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PWMTRV] D:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SwitchBoard] D:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [vmware-tray] D:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Master_ON_D..\Run: [{A8867815-C72B-5CE4-B9B9-8DBCD84CB317}] D:\Users\Master\AppData\Roaming\Viap\ifugi.exe ()
O4 - HKU\Master_ON_D..\Run: [AdobeBridge]  File not found
O4 - HKU\Master_ON_D..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\Master_ON_D..\Run: [phonostar-PlayerTimer] D:\Program Files (x86)\phonostar-Player\phonostarTimer.exe ()
O4 - HKU\Master_ON_D..\Run: [servc]  File not found
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\Master_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: SchnapperPro - {D6243B39-211B-440E-B4C5-26D2A579CAC8} - Reg Error: Key error. File not found
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: SchnapperPro - {D6243B39-211B-440E-B4C5-26D2A579CAC8} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - D:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - AppInit_DLLs: (c:\progra~2\magnipic\sprote~1.dll) - D:\Program Files (x86)\MagniPic\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Master_ON_D Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Master_ON_D Winlogon: Shell - (C:\Users\Master\AppData\Roaming\cache.dat) - D:\Users\Master\AppData\Roaming\cache.dat ()
O20:64bit: - Winlogon\Notify\klogon: DllName - %SystemRoot%\System32\klogon.dll - D:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - File not found -  -- [ NTFS ]
O32 - AutoRun File - [2013/04/25 17:32:06 | 000,000,000 | ---D | M] - D:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (auto_reactivate C:\bootwiz\asrm.bin) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/07/29 13:29:12 | 000,000,000 | ---D | C] -- D:\_OTL
[2013/07/26 08:28:03 | 000,000,000 | ---D | C] -- D:\Users\Master\AppData\Roaming\Ylna
[2013/07/26 08:28:03 | 000,000,000 | ---D | C] -- D:\Users\Master\AppData\Roaming\Coyt
[2013/07/26 08:27:19 | 000,000,000 | ---D | C] -- D:\Users\Master\AppData\Roaming\Viap
[2013/07/26 08:27:19 | 000,000,000 | ---D | C] -- D:\Users\Master\AppData\Roaming\Obwao
[2013/07/26 02:12:57 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/07/24 09:01:56 | 000,000,000 | ---D | C] -- D:\Users\Master\AppData\Roaming\WTablet
[2013/07/24 09:01:50 | 000,000,000 | R--D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
[2013/07/24 09:01:50 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\TabletPlugins
[2013/07/24 09:01:33 | 008,997,160 | ---- | C] (Wacom Technology, Corp.) -- D:\Windows\System32\WacomTablet.cpl
[2013/07/24 09:01:31 | 000,012,848 | ---- | C] (Wacom Technology) -- D:\Windows\System32\drivers\wacommousefilter.sys
[2013/07/24 09:01:21 | 000,016,168 | ---- | C] (Wacom Technology) -- D:\Windows\System32\drivers\wacomvhid.sys
[2013/07/24 09:01:16 | 000,018,216 | ---- | C] (Wacom Technology) -- D:\Windows\System32\drivers\wacmoumonitor.sys
[2013/07/24 09:01:12 | 000,000,000 | ---D | C] -- D:\Windows\System32\WTablet
[2013/07/24 09:01:07 | 000,409,896 | ---- | C] (Wacom Technology, Corp.) -- D:\Windows\SysWow64\Wacom_Tablet.dll
[2013/07/24 09:01:07 | 000,293,888 | ---- | C] (Wacom Technology, Corp.) -- D:\Windows\SysWow64\Wintab32.dll
[2013/07/24 09:01:06 | 000,483,624 | ---- | C] (Wacom Technology, Corp.) -- D:\Windows\System32\Wacom_Tablet.dll
[2013/07/24 09:00:58 | 006,159,656 | ---- | C] (Wacom Technology, Corp.) -- D:\Windows\System32\Wacom_Tablet.exe
[2013/07/24 09:00:46 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Tablet
[2013/07/11 21:02:14 | 000,391,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2013/07/11 21:02:13 | 000,526,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/07/11 21:02:12 | 000,136,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/07/11 21:02:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2013/07/11 21:02:12 | 000,089,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/07/11 21:02:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/11 21:02:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/07/11 21:02:12 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2013/07/11 21:02:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/07/11 21:02:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/07/11 21:02:12 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2013/07/11 21:02:11 | 000,855,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/07/11 21:02:11 | 000,690,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2013/07/11 21:02:11 | 000,603,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/07/11 21:02:11 | 000,493,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2013/07/11 21:02:10 | 003,958,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/07/11 21:02:09 | 002,877,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2013/07/11 10:10:51 | 000,624,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qedit.dll
[2013/07/11 10:10:51 | 000,509,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\qedit.dll
[2013/07/11 10:10:50 | 001,887,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMVDECOD.DLL
[2013/07/11 10:10:50 | 001,620,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/11 10:10:41 | 001,643,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/07/11 10:10:41 | 001,247,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/07/11 09:16:37 | 000,000,000 | ---D | C] -- D:\Users\Master\AppData\Local\roomeon
[2013/07/11 09:16:20 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon 3D-Planer
[2013/07/11 09:16:18 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\roomeon GmbH
[2013/07/11 09:14:53 | 000,617,312 | ---- | C] (www.download-sponsor.de) -- D:\Users\Master\Desktop\roomeon - CHIP-Downloader.exe
[2013/07/08 06:39:04 | 000,000,000 | ---D | C] -- D:\Users\Master\AppData\Roaming\inkscape
[2013/07/08 06:34:51 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Inkscape
[1 D:\Windows\SysWow64\*.tmp files -> D:\Windows\SysWow64\*.tmp -> ]
[1 D:\Windows\System32\drivers\*.tmp files -> D:\Windows\System32\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/07/29 07:43:53 | 000,000,004 | ---- | M] () -- D:\Users\Master\AppData\Roaming\cache.ini
[2013/07/29 07:43:52 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2013/07/29 07:42:32 | 000,001,056 | ---- | M] () -- D:\Windows\tasks\GinyasBrowserCompanion Stats Report.job
[2013/07/29 07:42:32 | 000,000,940 | ---- | M] () -- D:\Windows\tasks\GinyasBrowserCompanion Update Checker.job
[2013/07/29 07:42:12 | 000,001,106 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/29 07:42:11 | 000,001,056 | ---- | M] () -- D:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job
[2013/07/29 07:42:11 | 000,001,008 | ---- | M] () -- D:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job
[2013/07/29 07:42:10 | 000,000,376 | -H-- | M] () -- D:\Windows\tasks\MagniPicUpdaterTask{94C0F52A-8C97-4DF9-9FFA-B3F293F1FEFE}.job
[2013/07/29 05:48:56 | 000,789,088 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2013/07/29 05:48:56 | 000,731,824 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2013/07/29 05:48:56 | 000,183,308 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2013/07/29 05:48:56 | 000,155,288 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2013/07/29 05:47:31 | 000,019,296 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/29 05:47:31 | 000,019,296 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/29 05:23:56 | 000,001,110 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/29 05:23:38 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/26 16:01:43 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
[2013/07/26 15:13:55 | 000,000,000 | ---- | M] () -- D:\Photoshop Temp1286644044
[2013/07/26 14:40:04 | 005,223,688 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2013/07/26 12:14:40 | 000,001,235 | ---- | M] () -- D:\Users\Master\Desktop\TestZykus9mm 6.75 Intervall.WPW
[2013/07/26 12:14:40 | 000,001,121 | ---- | M] () -- D:\Users\Master\Desktop\TestZykus9mm 6.75 Intervall.WPI
[2013/07/26 02:12:57 | 000,002,220 | ---- | M] () -- D:\Users\Public\Desktop\Google Earth.lnk
[2013/07/26 02:12:57 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/07/24 09:01:50 | 000,000,000 | R--D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
[2013/07/15 14:32:53 | 001,836,466 | ---- | M] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/11 09:16:20 | 000,002,623 | ---- | M] () -- D:\Users\Public\Desktop\roomeon Portal.lnk
[2013/07/11 09:16:20 | 000,002,623 | ---- | M] () -- D:\Users\Public\Desktop\roomeon 3D-Planer.lnk
[2013/07/11 09:16:20 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\roomeon 3D-Planer
[2013/07/11 09:14:49 | 000,617,312 | ---- | M] (www.download-sponsor.de) -- D:\Users\Master\Desktop\roomeon - CHIP-Downloader.exe
[2013/07/08 07:09:48 | 000,001,284 | ---- | M] () -- D:\Users\Master\AppData\Local\recently-used.xbel
[2013/07/08 06:38:48 | 000,001,059 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
[2013/07/08 06:38:21 | 000,001,039 | ---- | M] () -- D:\Users\Master\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk
[2013/07/08 06:38:21 | 000,001,015 | ---- | M] () -- D:\Users\Public\Desktop\Inkscape.lnk
[1 D:\Windows\SysWow64\*.tmp files -> D:\Windows\SysWow64\*.tmp -> ]
[1 D:\Windows\System32\drivers\*.tmp files -> D:\Windows\System32\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/07/29 05:59:08 | 000,000,004 | ---- | C] () -- D:\Users\Master\AppData\Roaming\cache.ini
[2013/07/26 15:13:55 | 000,000,000 | ---- | C] () -- D:\Photoshop Temp1286644044
[2013/07/26 14:39:50 | 005,223,688 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2013/07/26 02:12:57 | 000,002,220 | ---- | C] () -- D:\Users\Public\Desktop\Google Earth.lnk
[2013/07/24 09:01:45 | 001,744,515 | ---- | C] () -- D:\Windows\System32\WacomTablet.znc
[2013/07/11 09:16:20 | 000,002,623 | ---- | C] () -- D:\Users\Public\Desktop\roomeon Portal.lnk
[2013/07/11 09:16:20 | 000,002,623 | ---- | C] () -- D:\Users\Public\Desktop\roomeon 3D-Planer.lnk
[2013/07/08 07:09:48 | 000,001,284 | ---- | C] () -- D:\Users\Master\AppData\Local\recently-used.xbel
[2013/07/08 06:38:48 | 000,001,059 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
[2013/07/08 06:38:21 | 000,001,039 | ---- | C] () -- D:\Users\Master\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk
[2013/07/08 06:38:21 | 000,001,015 | ---- | C] () -- D:\Users\Public\Desktop\Inkscape.lnk
[2013/06/28 06:10:42 | 000,000,452 | ---- | C] () -- D:\Windows\pcis-win.ini
[2013/06/27 04:47:38 | 000,034,776 | ---- | C] () -- D:\Windows\SysWow64\ClientPropertyPageLIB.dll
[2013/06/14 06:54:57 | 000,000,085 | ---- | C] () -- D:\Windows\wininit.ini
[2013/04/27 15:22:19 | 000,114,176 | ---- | C] () -- D:\Users\Master\AppData\Roaming\BabMaint.exe
[2013/04/18 12:24:43 | 000,000,059 | ---- | C] () -- D:\Windows\LTRDF14N.INI
[2013/04/16 07:06:12 | 000,017,408 | ---- | C] () -- D:\Users\Master\AppData\Local\WebpageIcons.db
[2013/04/02 09:25:37 | 000,000,193 | ---- | C] () -- D:\Windows\WORDPAD.INI
[2012/12/15 13:34:26 | 000,001,456 | ---- | C] () -- D:\Users\Master\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012/12/13 11:59:41 | 000,007,605 | ---- | C] () -- D:\Users\Master\AppData\Local\Resmon.ResmonCfg
[2012/09/07 10:09:39 | 000,000,104 | ---- | C] () -- D:\Windows\InstallDE.ini
[2012/09/07 10:04:21 | 000,043,520 | ---- | C] () -- D:\Windows\SysWow64\CBNDLL.DLL
[2012/09/07 09:32:43 | 000,152,563 | ---- | C] () -- D:\Windows\SysWow64\EPSUI64W_000.dat
[2012/08/25 08:22:08 | 000,081,920 | ---- | C] () -- D:\Windows\SysWow64\GkSui20.EXE
[2012/06/28 04:11:20 | 001,367,040 | ---- | C] () -- D:\Windows\SysWow64\VitaminCtrl.dll
[2012/02/16 08:04:04 | 000,006,656 | ---- | C] () -- D:\Users\Master\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/18 00:44:00 | 010,920,984 | ---- | C] () -- D:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 00:44:00 | 000,336,408 | ---- | C] () -- D:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 00:44:00 | 000,104,472 | ---- | C] () -- D:\Windows\SysWow64\LogiDPPApp.exe
[2012/01/17 12:32:15 | 000,081,920 | ---- | C] () -- D:\Users\Master\AppData\Roaming\cache.dat
[2012/01/09 08:07:09 | 001,836,466 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2011/11/02 18:03:14 | 001,514,016 | ---- | C] () -- D:\Windows\SysWow64\nView.dll
[2011/11/02 18:03:14 | 001,108,512 | ---- | C] () -- D:\Windows\SysWow64\nvwimg.dll
[2011/10/14 19:54:52 | 000,321,856 | ---- | C] () -- D:\Windows\SysWow64\nvStreaming.exe
[2011/08/01 11:21:38 | 000,852,264 | ---- | C] () -- D:\Windows\SysWow64\wodCertificate.dll
[2011/01/15 18:36:18 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2007/04/10 20:06:00 | 000,000,110 | ---- | C] () -- D:\Windows\SysWow64\E_ADDNET.DAT
[2005/01/17 03:10:16 | 000,045,056 | ---- | C] () -- D:\Windows\SysWow64\BRTCPCON.DLL
[2004/08/09 03:00:42 | 000,000,114 | ---- | C] () -- D:\Windows\SysWow64\BRLMW03A.INI
 
========== LOP Check ==========
 
[2011/11/03 07:37:03 | 000,000,000 | ---D | M] -- D:\ProgramData\Acronis
[2011/11/02 17:29:37 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2013/06/13 08:19:18 | 000,000,000 | ---D | M] -- D:\ProgramData\Astroburn Lite
[2013/05/15 13:02:31 | 000,000,000 | ---D | M] -- D:\ProgramData\Autodesk
[2013/04/18 11:35:44 | 000,000,000 | ---D | M] -- D:\ProgramData\Babylon
[2012/02/19 13:20:44 | 000,000,000 | ---D | M] -- D:\ProgramData\Binarysense
[2011/11/13 16:22:11 | 000,000,000 | ---D | M] -- D:\ProgramData\boost_interprocess
[2013/06/06 08:58:45 | 000,000,000 | ---D | M] -- D:\ProgramData\BrowserProtect
[2013/02/03 11:58:45 | 000,000,000 | ---D | M] -- D:\ProgramData\Canon IJ Network Tool
[2013/02/03 11:18:26 | 000,000,000 | -H-D | M] -- D:\ProgramData\CanonBJ
[2013/02/03 12:01:17 | 000,000,000 | -H-D | M] -- D:\ProgramData\CanonEPP
[2013/02/03 12:01:17 | 000,000,000 | -H-D | M] -- D:\ProgramData\CanonIJEPPEX2
[2013/02/03 12:01:13 | 000,000,000 | -H-D | M] -- D:\ProgramData\CanonIJMyPrinter
[2013/03/09 12:51:43 | 000,000,000 | -H-D | M] -- D:\ProgramData\CanonIJScan
[2013/02/03 12:01:19 | 000,000,000 | -H-D | M] -- D:\ProgramData\CanonIJSolutionMenuEX
[2013/02/03 11:51:15 | 000,000,000 | ---D | M] -- D:\ProgramData\CanonIJWSpt
[2013/01/22 06:49:13 | 000,000,000 | ---D | M] -- D:\ProgramData\CheckPoint
[2013/03/13 04:28:41 | 000,000,000 | ---D | M] -- D:\ProgramData\CLSoft LTD
[2013/02/26 13:53:42 | 000,000,000 | ---D | M] -- D:\ProgramData\DAEMON Tools Lite
[2012/08/27 04:34:00 | 000,000,000 | ---D | M] -- D:\ProgramData\DassaultSystemes
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2011/11/02 17:29:37 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2012/09/07 10:25:19 | 000,000,000 | ---D | M] -- D:\ProgramData\EFI
[2012/09/07 09:29:44 | 000,000,000 | ---D | M] -- D:\ProgramData\EPSON
[2011/11/02 17:29:37 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2013/07/29 07:42:11 | 000,000,000 | ---D | M] -- D:\ProgramData\GinyasBrowserCompanion
[2013/06/26 06:43:53 | 000,000,000 | ---D | M] -- D:\ProgramData\Helicon
[2013/04/18 11:35:55 | 000,000,000 | ---D | M] -- D:\ProgramData\IBUpdaterService
[2013/06/26 05:47:42 | 000,000,000 | ---D | M] -- D:\ProgramData\InstallMate
[2012/01/09 08:57:48 | 000,000,000 | ---D | M] -- D:\ProgramData\Lenovo
[2013/06/26 05:47:42 | 000,000,000 | ---D | M] -- D:\ProgramData\MaganiPiec
[2013/04/18 12:23:01 | 000,000,000 | ---D | M] -- D:\ProgramData\PCStitch 10
[2013/06/28 06:29:53 | 000,000,000 | ---D | M] -- D:\ProgramData\regid.1986-12.com.adobe
[2013/04/13 11:41:02 | 000,000,000 | ---D | M] -- D:\ProgramData\regid.1991-06.com.microsoft
[2011/11/02 18:07:40 | 000,000,000 | ---D | M] -- D:\ProgramData\Roaming
[2013/01/07 08:57:03 | 000,000,000 | ---D | M] -- D:\ProgramData\Samsung
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2011/11/02 17:29:37 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2013/04/27 13:01:43 | 000,000,000 | ---D | M] -- D:\ProgramData\Tarma Installer
[2013/02/26 16:02:20 | 000,000,000 | ---D | M] -- D:\ProgramData\TEMP
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/11/02 17:29:37 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2012/03/28 08:19:42 | 000,000,000 | ---D | M] -- D:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2013/07/29 07:42:11 | 000,001,008 | ---- | M] () -- D:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
[2013/07/29 07:42:11 | 000,001,056 | ---- | M] () -- D:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
[2013/07/29 07:42:32 | 000,001,056 | ---- | M] () -- D:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
[2013/07/29 07:42:32 | 000,000,940 | ---- | M] () -- D:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
[2013/07/29 07:42:10 | 000,000,376 | -H-- | M] () -- D:\Windows\Tasks\MagniPicUpdaterTask{94C0F52A-8C97-4DF9-9FFA-B3F293F1FEFE}.job
[2013/04/17 03:05:04 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 400 bytes -> D:\Users\Master\AppData\Local\desktop.ini:3a96398c0f384e4adf5faa1736aeaf96
@Alternate Data Stream - 224 bytes -> D:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 116 bytes -> D:\ProgramData\TEMP:5974EE7C
@Alternate Data Stream - 114 bytes -> D:\ProgramData\TEMP:A1EDB939
< End of report >
--- --- ---






Ich hoffe mir kann jemand helfen, bin der Verzweiflung nahe:heulen:

Ich kann die Datei leider nicht als Anhang hochladen, da keine USB Sticks erkannt werden und ich auf keines der Laufwerke schreiben kann.
Hoffe es geht auch so

schrauber 29.07.2013 13:19
hi,

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:OTL
O20 - HKU\Master_ON_D Winlogon: Shell - (C:\Users\Master\AppData\Roaming\cache.dat) - D:\Users\Master\AppData\Roaming\cache.dat ()
:files
C:\Users\Master\AppData\Roaming\cache.dat
C:\Users\Master\AppData\Roaming\cache.ini
:Commands
[emptytemp]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


neu booten, freuen :)

Lars12345 29.07.2013 13:24
Besten Dank, werde jety rebooten...

hier der Log>
========== OTL ==========
Registry value HKEY_USERS\Master_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Master\AppData\Roaming\cache.dat deleted successfully.
D:\Users\Master\AppData\Roaming\cache.dat moved successfully.
========== FILES ==========
File\Folder C:\Users\Master\AppData\Roaming\cache.dat not found.
File\Folder C:\Users\Master\AppData\Roaming\cache.ini not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
-> No Temporary Internet Files cache folder defined!

User: Default
-> No Temporary Internet Files cache folder defined!

User: Default User
-> No Temporary Internet Files cache folder defined!

User: Master
-> No Temporary Internet Files cache folder defined!

User: Public
-> No Temporary Internet Files cache folder defined!

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 458840 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 45753019 bytes

Total Files Cleaned = 44.00 mb


OTLPE by OldTimer - Version 3.1.48.0 log created on 07292013_162134




War es das oder muss ich alle Passw;rter u.s.w aendern

LG

schrauber 29.07.2013 15:33
Kontrollscans im normalen Modus :)

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Lars12345 29.07.2013 17:05
Da bin ich ja mal gespannt.

Hier ist der AdwClaener Log:AdwCleaner Logfile:
Code:
# AdwCleaner v2.306 - Datei am 29/07/2013 um 19:34:43 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzer : Master - SEBASTIANBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Master\Desktop\adwcleaner06.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : BrowserProtect

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Master\AppData\Roaming\BabMaint.exe
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\holasearch.xml
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\Searchou.xml
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
Ordner Gelöscht : C:\Program Files (x86)\delta
Ordner Gelöscht : C:\Program Files (x86)\GinyasBrowserCompanion
Ordner Gelöscht : C:\Program Files (x86)\holasearch
Ordner Gelöscht : C:\Program Files (x86)\MagniPic
Ordner Gelöscht : C:\Program Files (x86)\Yontoo
Ordner Gelöscht : C:\Program Files\DomaIQ Uninstaller
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\clsoft ltd
Ordner Gelöscht : C:\ProgramData\GinyasBrowserCompanion
Ordner Gelöscht : C:\ProgramData\MaganiPiec
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf
Ordner Gelöscht : C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjechlfiglnliipghedifmcjgeifaege
Ordner Gelöscht : C:\Users\Master\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Master\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Master\AppData\LocalLow\delta
Ordner Gelöscht : C:\Users\Master\AppData\LocalLow\holasearch
Ordner Gelöscht : C:\Users\Master\AppData\LocalLow\Searchqutoolbar
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\delta
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\ExpressFiles
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\holasearch
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\ConduitCommon
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\extensions\bbrs_002@blabbers.com
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\extensions\ffxtlbr@delta.com
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\extensions\ffxtlbr@incredibar.com
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\extensions\plugin@yontoo.com
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\extensions\vcm2y@wob.com
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\Searchqutoolbar
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Master\AppData\Roaming\Yontoo
Ordner Gelöscht : C:\Windows\SysWOW64\WNLT

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\ExpressFiles
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\holasearch
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\PrivitizeVPNInstallDates
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKCU\Software\5b53d7dfe03bbf41
Schlüssel Gelöscht : HKCU\Software\73110973021023610152456193523890287041514098520
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2613550
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\ExpressFiles
Schlüssel Gelöscht : HKLM\Software\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\Software\holasearch
Schlüssel Gelöscht : HKLM\Software\IB Updater
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5b53d7dfe03bbf41
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\holasearch
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\prefs.js

C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\user.js ... Gelöscht !

Gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Gelöscht : user_pref("aol_toolbar.default.search.check", false);
Gelöscht : user_pref("browser.search.defaultenginename", "Delta Search");
Gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "0e96d7c00000000000000013e8defaf7");
Gelöscht : user_pref("extensions.delta.instlDay", "15822");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1619:01:58");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Gelöscht : user_pref("extensions.holasearch.admin", false);
Gelöscht : user_pref("extensions.holasearch.aflt", "babsst");
Gelöscht : user_pref("extensions.holasearch.appId", "{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}");
Gelöscht : user_pref("extensions.holasearch.autoRvrt", "false");
Gelöscht : user_pref("extensions.holasearch.dfltLng", "en");
Gelöscht : user_pref("extensions.holasearch.excTlbr", false);
Gelöscht : user_pref("extensions.holasearch.ffxUnstlRst", false);
Gelöscht : user_pref("extensions.holasearch.id", "0e96d7c00000000000000013e8defaf7");
Gelöscht : user_pref("extensions.holasearch.instlDay", "15813");
Gelöscht : user_pref("extensions.holasearch.instlRef", "sst");
Gelöscht : user_pref("extensions.holasearch.newTab", false);
Gelöscht : user_pref("extensions.holasearch.prdct", "holasearch");
Gelöscht : user_pref("extensions.holasearch.prtnrId", "holasearch");
Gelöscht : user_pref("extensions.holasearch.rvrt", "false");
Gelöscht : user_pref("extensions.holasearch.smplGrp", "none");
Gelöscht : user_pref("extensions.holasearch.tlbrId", "base");
Gelöscht : user_pref("extensions.holasearch.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.holasearch.vrsn", "1.8.16.16");
Gelöscht : user_pref("extensions.holasearch.vrsnTs", "1.8.16.1617:36:04");
Gelöscht : user_pref("extensions.holasearch.vrsni", "1.8.16.16");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Master\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [26027 octets] - [29/07/2013 19:33:47]
AdwCleaner[S1].txt - [25618 octets] - [29/07/2013 19:34:43]

########## EOF - C:\AdwCleaner[S1].txt - [25679 octets] ##########
--- --- ---


JRT:



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 7 Enterprise x64
Ran by Master on 29.07.2013 at 19:43:05,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D2BE8891-90D4-43E0-970F-4EF66422387F}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Master\AppData\Roaming\ietoolbar"



~~~ FireFox

Successfully deleted: [File] C:\Users\Master\AppData\Roaming\mozilla\firefox\profiles\icasnlbs.default\invalidprefs.js
Successfully deleted the following from C:\Users\Master\AppData\Roaming\mozilla\firefox\profiles\icasnlbs.default\prefs.js

user_pref("browser.search.defaultengine", "Privitize VPN");
Emptied folder: C:\Users\Master\AppData\Roaming\mozilla\firefox\profiles\icasnlbs.default\minidumps [144 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.07.2013 at 19:55:05,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST.txt:
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Master (administrator) on 29-07-2013 20:02:46
Running from C:\Users\Master\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Windows\system32\AEADISRV.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Lenovo Group Limited) C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
( ) C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Schnapper-Software  Robert Beer) C:\Program Files (x86)\SchnapperPro\TimeSync.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Wacom Technology, Corp.) C:\Windows\system32\WTablet\Wacom_TabletUser.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
() D:\wintemp\servc\servc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Electronics for Imaging) C:\Program Files (x86)\EFI\EFI Designer Edition\EFI_Designer_Edition_Control.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Lenovo Group Limited) C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2011-12-23] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [33344 2011-10-20] (Lenovo)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395344 2011-09-22] (Acronis)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-06] (Autodesk, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKCU\...\Run: [phonostar-PlayerTimer] - C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2012-10-13] ()
HKCU\...\Run: [AdobeBridge] -  [x]
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [servc] - d:\wintemp\servc\servc.exe [9631232 2013-07-22] ()
HKCU\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION
MountPoints2: {14ace4a8-fc1b-11e1-9813-005056c00008} - F:\iLinker.exe
MountPoints2: {1837fce2-ae4b-11e1-9d43-b04c2c6343f1} - G:\SecureDrive.exe
MountPoints2: {58300715-36d2-11e1-9964-0013e8defaf7} - G:\Windows/AutoRun.exe
MountPoints2: {ffa45780-4121-11e1-a1f6-005056c00008} - G:\Windows/AutoRun.exe
HKLM-x32\...\Run: [SoundMAXPnP] - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor [x]
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5587832 2011-09-22] (Acronis)
HKLM-x32\...\Run: [vmware-tray] - C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2011-11-14] (VMware, Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [EFI_Designer_Edition_Control] - C:\Program Files (x86)\EFI\EFI Designer Edition\EFI_Designer_Edition_Control.exe [613888 2005-04-05] (Electronics for Imaging)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1611160 2011-03-28] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [206448 2013-04-16] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
Lsa: [Notification Packages] scecli ACGina
BootExecute: autocheck autochk * auto_reactivate C:\bootwiz\asrm.bin

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {074C1DC5-9320-4A9A-947D-C042949C6216} -  No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MimalaAmazonToolbar.ShowToolbarBHO - {86a3cdaa-9b25-480e-b73f-c2d359b87966} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -  No File
Toolbar: HKLM-x32 - Mimala Amazon Toolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog9 11 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9-x64 11 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
FF SearchPlugin: C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\searchplugins\webde-suche.xml
FF Extension: No Name - C:\Users\Master\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF Extension: Toolbar für amazon.de - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\Extensions\0001.amztoolbar@minimalarts.de
FF Extension: Виявлення пристроїв Logitech - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\Extensions\DeviceDetection@logitech.com
FF Extension: HolaSearch - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\Extensions\ffxtlbr@holasearch.com
FF Extension: SchnapperPro - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\Extensions\{dc0882f8-2dd9-4a97-84a9-da006d8a0eab}
FF Extension: toolbar - C:\Users\Master\AppData\Roaming\Mozilla\Firefox\Profiles\icasnlbs.default\Extensions\toolbar@web.de.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

==================== Services (Whitelisted) =================

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [206448 2013-04-16] (Kaspersky Lab ZAO)
R2 DiskBoss Service; C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe [102400 2013-01-02] ()
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-03-15] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 mitsijm2013; C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [339776 2012-01-31] ( )
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 SchnapperPro-TimeSync; C:\Program Files (x86)\SchnapperPro\TimeSync.exe [45664 2007-08-30] (Schnapper-Software  Robert Beer)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [6159656 2010-02-02] (Wacom Technology, Corp.)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2011-11-13] ()

==================== Drivers (Whitelisted) ====================

S2 CBN; C:\Windows\SysWow64\Drivers\CBN.SYS [17408 2012-09-12] (MARX Datentechnik GmbH )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-13] (DT Soft Ltd)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2013-04-16] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3557248 2009-06-03] ()
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [59048 2010-10-20] (SafeNet, Inc.)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31344 2011-11-14] (VMware, Inc.)
S2 CBN; \??\C:\Windows\System32\Drivers\CBN.SYS [x]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [x]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [x]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 vmwvusb; System32\Drivers\vmwvusb.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-29 20:02 - 2013-07-29 20:02 - 00023848 _____ d:\wintemp\frstlog
2013-07-29 20:02 - 2013-07-29 20:02 - 00020362 _____ d:\wintemp\log3
2013-07-29 20:02 - 2013-07-29 20:02 - 00016683 _____ d:\wintemp\log1
2013-07-29 20:02 - 2013-07-29 20:02 - 00000094 _____ d:\wintemp\users00
2013-07-29 20:02 - 2013-07-29 20:02 - 00000003 _____ d:\wintemp\others
2013-07-29 20:00 - 2013-07-29 20:00 - 00000000 ____D C:\FRST
2013-07-29 19:59 - 2013-07-29 19:59 - 01780547 _____ (Farbar) d:\wintemp\DB5zw7fe.exe.part
2013-07-29 19:55 - 2013-07-29 19:58 - 00000000 ____D d:\wintemp\plugtmp-3
2013-07-29 19:55 - 2013-07-29 19:55 - 00002150 _____ d:\wintemp\JRT.txt
2013-07-29 19:55 - 2013-07-29 19:55 - 00002150 _____ C:\Users\Master\Desktop\JRT.txt
2013-07-29 19:47 - 2013-07-29 19:52 - 00000000 ____D d:\wintemp\plugtmp-2
2013-07-29 19:47 - 2013-07-29 19:47 - 00000000 ____D d:\wintemp\WPDNSE
2013-07-29 19:45 - 2013-07-29 19:45 - 01780547 _____ (Farbar) C:\Users\Master\Desktop\FRST64.exe
2013-07-29 19:41 - 2013-07-29 19:42 - 00000000 ____D d:\wintemp\jrt
2013-07-29 19:41 - 2013-07-29 19:41 - 00560934 _____ (Oleg N. Scherbakov) d:\wintemp\GzKRKar9.exe.part
2013-07-29 19:41 - 2013-07-29 19:41 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Master\Desktop\JRT_5.2.2.exe
2013-07-29 19:41 - 2013-07-29 19:41 - 00000000 ____D d:\wintemp\plugtmp-1
2013-07-29 19:41 - 2013-07-29 19:41 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 19:40 - 2013-07-29 19:40 - 00717160 _____ d:\wintemp\3WPfMQcD.exe.part
2013-07-29 19:37 - 2013-07-29 19:37 - 00000000 ____D d:\wintemp\Acrobat Distiller 10
2013-07-29 19:36 - 2013-07-29 19:36 - 00016384 _____ d:\wintemp\~DF44B9E92613C3ADCF.TMP
2013-07-29 19:35 - 2013-07-29 19:35 - 00000012 _____ d:\wintemp\Preferences
2013-07-29 19:34 - 2013-07-29 19:35 - 00025661 _____ C:\AdwCleaner[S1].txt
2013-07-29 19:33 - 2013-07-29 19:34 - 00026027 _____ C:\AdwCleaner[R1].txt
2013-07-29 19:33 - 2013-07-29 19:33 - 00666633 _____ C:\Users\Master\Desktop\adwcleaner06.exe
2013-07-29 19:32 - 2013-07-29 19:57 - 00000000 ____D d:\wintemp\acro_rd_dir
2013-07-29 19:32 - 2013-07-29 19:32 - 00000000 ____D d:\wintemp\plugtmp
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\_OTL
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 _____ d:\wintemp\dfB954.tmp
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 _____ d:\wintemp\df3DA2.tmp
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 _____ d:\wintemp\ddB934.tmp
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 _____ d:\wintemp\dd3D91.tmp
2013-07-29 19:24 - 2013-07-29 19:24 - 00000628 _____ d:\wintemp\received.xml
2013-07-29 19:19 - 2013-07-29 21:56 - 00123104 _____ C:\OTL.Txt
2013-07-29 19:19 - 2013-07-29 19:24 - 00000000 ____D d:\wintemp\acrord32_sbx
2013-07-29 19:14 - 2013-07-29 19:14 - 00000002 ____H d:\wintemp\_TMP540244831
2013-07-29 19:02 - 2013-07-29 19:03 - 00000002 ____H d:\wintemp\_TMP540215253
2013-07-29 18:14 - 2013-07-29 19:36 - 00027678 _____ C:\Windows\PFRO.log
2013-07-29 18:14 - 2013-07-29 18:14 - 00016384 _____ d:\wintemp\~DF5512E1AEA0FF3A76.TMP
2013-07-29 18:13 - 2013-07-29 18:14 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-07-29 17:33 - 2013-07-29 17:33 - 00026018 _____ d:\wintemp\ICA2191D.log.xml
2013-07-29 17:15 - 2013-07-29 17:33 - 00056036 _____ d:\wintemp\ICA2191D.log
2013-07-29 17:13 - 2013-07-29 17:13 - 00000000 ____D C:\Users\Master\Documents\My Palettes
2013-07-29 17:10 - 2013-07-29 17:10 - 00104699 _____ d:\wintemp\ICAF9CFA.log.xml
2013-07-29 17:06 - 2013-07-29 17:10 - 31188866 _____ d:\wintemp\ICAF9CFA.log
2013-07-29 17:06 - 2013-07-29 17:06 - 00109364 _____ d:\wintemp\ICA89580.log.xml
2013-07-29 17:04 - 2013-07-29 17:06 - 17981868 _____ d:\wintemp\ICA89580.log
2013-07-29 17:01 - 2013-07-29 17:01 - 00000000 ____D d:\wintemp\284EAD66-34B3-4D88-BD2F-3757FB45FBB4
2013-07-29 17:00 - 2013-07-29 17:00 - 00107159 _____ d:\wintemp\ICADC14D.log.xml
2013-07-29 16:32 - 2013-07-29 17:00 - 44790520 _____ d:\wintemp\ICADC14D.log
2013-07-29 16:31 - 2013-07-29 16:31 - 00000000 _____ d:\wintemp\ddAFFF.tmp
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 _____ d:\wintemp\ddB3F6.tmp
2013-07-29 16:26 - 2013-07-29 16:26 - 00000165 _____ d:\wintemp\5E45.tmp
2013-07-29 16:26 - 2013-07-29 16:26 - 00000000 _____ d:\wintemp\ddE5BE.tmp
2013-07-29 16:25 - 2013-07-29 16:25 - 00016384 _____ d:\wintemp\~DFF5E5C937B5CF3C95.TMP
2013-07-29 13:43 - 2013-07-29 13:43 - 00000165 _____ d:\wintemp\5466.tmp
2013-07-29 13:42 - 2013-07-29 13:42 - 00016384 _____ d:\wintemp\~DF507D099F7A09A8A4.TMP
2013-07-29 12:03 - 2013-07-29 12:03 - 00000000 _____ d:\wintemp\dd2234.tmp
2013-07-29 11:59 - 2013-07-29 13:43 - 00000004 _____ C:\Users\Master\AppData\Roaming\cache.ini
2013-07-29 11:53 - 2013-07-29 11:53 - 00078884 ____N d:\wintemp\jar_cache6011825277274531232.tmp
2013-07-29 11:53 - 2013-07-29 11:53 - 00000000 ____D d:\wintemp\hsperfdata_Master
2013-07-29 11:52 - 2013-07-29 11:52 - 00000000 _____ d:\wintemp\ddEFFC.tmp
2013-07-29 11:51 - 2013-07-29 11:51 - 00098320 ___HT d:\wintemp\etilqs_WqJRnkP6eywqMzX
2013-07-29 11:51 - 2013-07-29 11:51 - 00000000 _____ d:\wintemp\ddF670.tmp
2013-07-29 11:44 - 2013-07-29 11:44 - 00016384 _____ d:\wintemp\~DF805AC26435574048.TMP
2013-07-29 11:37 - 2013-07-29 11:37 - 00000000 _____ d:\wintemp\ddEF01.tmp
2013-07-29 11:35 - 2013-07-29 11:39 - 04586108 _____ d:\wintemp\ICACF717.log
2013-07-29 11:30 - 2013-07-29 11:35 - 00229376 _____ d:\wintemp\caec.rra
2013-07-29 11:30 - 2013-07-29 11:30 - 00000000 ____D d:\wintemp\{880F0A75-7E86-434F-86D9-ECB115FB5A3F}
2013-07-29 11:30 - 2013-07-29 11:30 - 00000000 ____D d:\wintemp\{33FAC9CC-BC5F-4271-A60A-4F3E0A158275}
2013-07-27 03:14 - 2013-07-27 03:14 - 00060228 _____ d:\wintemp\KB2742595_20130727_031407379.html
2013-07-27 03:14 - 2013-07-27 03:14 - 00005702 _____ d:\wintemp\KB2742595_20130727_031407379-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:13 - 2013-07-27 03:13 - 00057036 _____ d:\wintemp\KB2468871v2_20130727_031315921.html
2013-07-27 03:13 - 2013-07-27 03:13 - 00040816 _____ d:\wintemp\KB2840628_20130727_031345399.html
2013-07-27 03:13 - 2013-07-27 03:13 - 00005698 _____ d:\wintemp\KB2468871v2_20130727_031315921-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:13 - 2013-07-27 03:13 - 00001574 _____ d:\wintemp\TFR8B91.tmp
2013-07-27 03:12 - 2013-07-29 11:23 - 00000274 _____ d:\wintemp\ScheduledHeartbeat.log
2013-07-27 03:12 - 2013-07-27 03:12 - 00034512 _____ d:\wintemp\KB2737019_20130727_031214511.html
2013-07-27 03:11 - 2013-07-27 03:11 - 00040848 _____ d:\wintemp\KB2789642_20130727_031125775.html
2013-07-27 03:10 - 2013-07-27 03:10 - 00034528 _____ d:\wintemp\KB2604121_20130727_031013243.html
2013-07-27 03:10 - 2013-07-27 03:10 - 00034480 _____ d:\wintemp\KB2729449_20130727_031054630.html
2013-07-27 03:09 - 2013-07-27 03:09 - 00040702 _____ d:\wintemp\KB2804576_20130727_030931443.html
2013-07-27 03:08 - 2013-07-27 03:08 - 00066148 _____ d:\wintemp\KB2836939_20130727_030805841.html
2013-07-27 03:08 - 2013-07-27 03:08 - 00060102 _____ d:\wintemp\KB2656351_20130727_030849641.html
2013-07-27 03:08 - 2013-07-27 03:08 - 00005698 _____ d:\wintemp\KB2836939_20130727_030805841-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:08 - 2013-07-27 03:08 - 00005682 _____ d:\wintemp\KB2656351_20130727_030849641-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:07 - 2013-07-27 03:07 - 00060310 _____ d:\wintemp\KB2736428_20130727_030731656.html
2013-07-27 03:07 - 2013-07-27 03:07 - 00005706 _____ d:\wintemp\KB2736428_20130727_030731656-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:06 - 2013-07-27 03:06 - 00040718 _____ d:\wintemp\KB2835393_20130727_030653470.html
2013-07-27 03:06 - 2013-07-27 03:06 - 00010782 _____ d:\wintemp\SilverlightMSI.log
2013-07-27 03:06 - 2013-07-27 03:06 - 00002062 _____ d:\wintemp\Silverlight0.log
2013-07-27 03:05 - 2013-07-27 03:13 - 00057036 _____ d:\wintemp\dd_clwireg.txt
2013-07-27 03:05 - 2013-07-27 03:05 - 00060256 _____ d:\wintemp\KB2600217_20130727_030555689.html
2013-07-27 03:05 - 2013-07-27 03:05 - 00005690 _____ d:\wintemp\KB2600217_20130727_030555689-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:02 - 2013-07-27 03:02 - 00016384 _____ d:\wintemp\~DFE9FF2715AF999505.TMP
2013-07-26 22:38 - 2013-07-26 22:38 - 00079484 _____ d:\wintemp\ICAB11E7.log
2013-07-26 22:36 - 2013-07-26 22:38 - 00229376 _____ d:\wintemp\d376.rra
2013-07-26 22:36 - 2013-07-26 22:36 - 00000000 ____D d:\wintemp\{E8998031-01AE-4BAE-B595-D55EBBC77285}
2013-07-26 22:36 - 2013-07-26 22:36 - 00000000 ____D d:\wintemp\{942F9C53-F409-4239-BF73-9FC14C8232BF}
2013-07-26 22:02 - 2013-07-26 22:02 - 00116782 _____ d:\wintemp\ICA4972B.log.xml
2013-07-26 21:59 - 2013-07-26 22:02 - 00478122 _____ d:\wintemp\ICA4972B.log
2013-07-26 21:59 - 2013-07-26 22:02 - 00000000 ____D d:\wintemp\E9CCEC87-780A-4C4E-8AC4-94D15F4E3B19
2013-07-26 21:13 - 2013-07-26 21:13 - 00000200 _____ d:\wintemp\csxs3-PHXS.log
2013-07-26 21:13 - 2013-07-26 21:13 - 00000000 _____ C:\Photoshop Temp1286644044
2013-07-26 21:10 - 2013-07-29 13:43 - 02366644 _____ d:\wintemp\oobelib.log
2013-07-26 21:10 - 2013-07-29 13:43 - 00123008 _____ d:\wintemp\PDApp.log
2013-07-26 21:10 - 2013-07-26 21:16 - 00069958 _____ d:\wintemp\amt3.log
2013-07-26 21:10 - 2013-07-26 21:10 - 00002858 _____ d:\wintemp\swtag.log
2013-07-26 21:06 - 2013-07-29 19:16 - 00000000 ____D d:\wintemp\Corel PaintShop Pro X5 Temporäre Dateien
2013-07-26 20:40 - 2013-07-26 20:40 - 00016384 _____ d:\wintemp\~DF02783E77F496E422.TMP
2013-07-26 20:39 - 2013-07-29 19:36 - 00000494 _____ C:\Windows\setupact.log
2013-07-26 20:39 - 2013-07-26 20:40 - 05223688 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-26 20:39 - 2013-07-26 20:39 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 15:07 - 2013-07-26 15:07 - 00112987 _____ d:\wintemp\ICA6654B.log.xml
2013-07-26 15:02 - 2013-07-26 15:07 - 00938952 _____ d:\wintemp\ICA6654B.log
2013-07-26 14:57 - 2013-07-29 19:39 - 01333023 _____ C:\Windows\WindowsUpdate.log
2013-07-26 14:57 - 2013-07-26 14:57 - 00000000 _____ d:\wintemp\LuUpdater.log
2013-07-26 14:55 - 2013-07-29 19:37 - 00076923 _____ d:\wintemp\AdobeARM.log
2013-07-26 14:55 - 2013-07-29 19:37 - 00023072 _____ d:\wintemp\vminst.log
2013-07-26 14:55 - 2013-07-29 19:37 - 00000902 _____ d:\wintemp\TWAIN.LOG
2013-07-26 14:55 - 2013-07-29 19:37 - 00000156 _____ d:\wintemp\Twunk001.MTX
2013-07-26 14:55 - 2013-07-29 19:37 - 00000004 _____ d:\wintemp\Twain001.Mtx
2013-07-26 14:55 - 2013-07-26 14:55 - 00016384 _____ d:\wintemp\~DFB9A1AF6C8B28229C.TMP
2013-07-26 14:55 - 2013-07-26 14:55 - 00000000 _____ d:\wintemp\Twunk002.MTX
2013-07-26 14:51 - 2013-07-26 14:51 - 00000000 _____ d:\wintemp\ddF92D.tmp
2013-07-26 14:50 - 2013-07-26 14:50 - 00170384 _____ d:\wintemp\ICAF902B.log.xml
2013-07-26 14:45 - 2013-07-26 14:50 - 00478110 _____ d:\wintemp\ICAF902B.log
2013-07-26 14:45 - 2013-07-26 14:50 - 00000000 ____D d:\wintemp\8A474795-0539-4E57-ABE8-4C98E5A69A22
2013-07-26 14:28 - 2013-07-26 14:28 - 00000000 ____D C:\Users\Master\AppData\Roaming\Ylna
2013-07-26 14:28 - 2013-07-26 14:28 - 00000000 ____D C:\Users\Master\AppData\Roaming\Coyt
2013-07-26 14:27 - 2013-07-26 14:29 - 00000000 ____D C:\Users\Master\AppData\Roaming\Obwao
2013-07-26 14:27 - 2013-07-26 14:27 - 00000000 ____D C:\Users\Master\AppData\Roaming\Viap
2013-07-26 14:23 - 2013-07-26 14:23 - 00000000 _RSHD d:\wintemp\servc
2013-07-26 08:12 - 2013-07-26 08:12 - 00002220 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-26 08:12 - 2013-07-26 08:12 - 00000000 ____D d:\wintemp\._msige61
2013-07-26 08:12 - 2013-07-26 08:12 - 00000000 _____ d:\wintemp\is2ABF.tmp
2013-07-26 08:12 - 2013-07-26 08:12 - 00000000 _____ d:\wintemp\is25CF.tmp
2013-07-26 03:02 - 2013-07-26 03:02 - 00060312 _____ d:\wintemp\KB2742595_20130726_030222415.html
2013-07-26 03:02 - 2013-07-26 03:02 - 00056342 _____ d:\wintemp\KB2468871v2_20130726_030207052.html
2013-07-26 03:02 - 2013-07-26 03:02 - 00040766 _____ d:\wintemp\KB2840628_20130726_030218807.html
2013-07-26 03:02 - 2013-07-26 03:02 - 00005706 _____ d:\wintemp\KB2742595_20130726_030222415-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-26 03:02 - 2013-07-26 03:02 - 00005682 _____ d:\wintemp\KB2468871v2_20130726_030207052-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-26 03:01 - 2013-07-26 03:01 - 00040556 _____ d:\wintemp\KB2789642_20130726_030103336.html
2013-07-26 03:01 - 2013-07-26 03:01 - 00034320 _____ d:\wintemp\KB2729449_20130726_030100279.html
2013-07-26 03:01 - 2013-07-26 03:01 - 00034304 _____ d:\wintemp\KB2737019_20130726_030107365.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00060676 _____ d:\wintemp\KB2600217_20130726_030025583.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00060438 _____ d:\wintemp\KB2656351_20130726_030045831.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00060310 _____ d:\wintemp\KB2736428_20130726_030041249.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00040782 _____ d:\wintemp\KB2835393_20130726_030038503.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00040750 _____ d:\wintemp\KB2804576_20130726_030049722.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00034400 _____ d:\wintemp\KB2604121_20130726_030055597.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00005710 _____ d:\wintemp\KB2600217_20130726_030025583-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-26 03:00 - 2013-07-26 03:00 - 00005706 _____ d:\wintemp\KB2736428_20130726_030041249-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-26 03:00 - 2013-07-26 03:00 - 00005698 _____ d:\wintemp\KB2656351_20130726_030045831-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-25 20:32 - 2013-07-25 20:32 - 00000165 _____ d:\wintemp\524E.tmp
2013-07-24 15:01 - 2013-07-29 19:36 - 00000000 ____D C:\Users\Master\AppData\Roaming\WTablet
2013-07-24 15:01 - 2013-07-24 15:01 - 00000000 ____D C:\Windows\system32\WTablet
2013-07-24 15:01 - 2013-07-24 15:01 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-07-24 15:01 - 2010-02-02 00:45 - 08997160 ____N (Wacom Technology, Corp.) C:\Windows\system32\WacomTablet.cpl
2013-07-24 15:01 - 2010-02-02 00:45 - 00483624 ____N (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2013-07-24 15:01 - 2010-02-02 00:45 - 00409896 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2013-07-24 15:01 - 2010-02-02 00:41 - 00293888 ____N (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2013-07-24 15:01 - 2010-01-27 02:23 - 01744515 ____N C:\Windows\system32\WacomTablet.znc
2013-07-24 15:01 - 2010-01-25 00:32 - 00018216 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacmoumonitor.sys
2013-07-24 15:01 - 2009-09-22 00:29 - 00016168 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomvhid.sys
2013-07-24 15:01 - 2007-02-16 20:12 - 00012848 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacommousefilter.sys
2013-07-24 15:00 - 2013-07-24 15:01 - 00000000 ____D C:\Program Files (x86)\Tablet
2013-07-24 15:00 - 2010-02-02 00:45 - 06159656 ____N (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.exe
2013-07-12 03:02 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 03:02 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 03:02 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 03:02 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 03:02 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 03:02 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 03:02 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 03:02 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 03:02 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 03:02 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 03:02 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 03:02 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 03:02 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 03:02 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 03:02 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 03:02 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 03:02 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 03:02 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 03:02 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 03:02 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 03:02 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 03:02 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 16:10 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 16:10 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 16:10 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 16:10 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 16:10 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 16:10 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 16:10 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 15:16 - 2013-07-11 15:16 - 00002623 _____ C:\Users\Public\Desktop\roomeon Portal.lnk
2013-07-11 15:16 - 2013-07-11 15:16 - 00002623 _____ C:\Users\Public\Desktop\roomeon 3D-Planer.lnk
2013-07-11 15:16 - 2013-07-11 15:16 - 00000000 ____D C:\Program Files (x86)\roomeon GmbH
2013-07-11 15:14 - 2013-07-11 15:14 - 00617312 _____ (Download-Sponsor.de - Verdienen Sie mehr Geld mit Ihrer Software!) C:\Users\Master\Desktop\roomeon - CHIP-Downloader.exe
2013-07-08 12:39 - 2013-07-08 12:39 - 00000000 ____D C:\Users\Master\AppData\Roaming\inkscape
2013-07-08 12:38 - 2013-07-08 12:38 - 00001015 _____ C:\Users\Public\Desktop\Inkscape.lnk
2013-07-08 12:34 - 2013-07-08 12:38 - 00000000 ____D C:\Program Files (x86)\Inkscape

==================== One Month Modified Files and Folders =======

2013-07-29 21:56 - 2013-07-29 19:19 - 00123104 _____ C:\OTL.Txt
2013-07-29 20:03 - 2013-07-29 20:02 - 00020362 _____ d:\wintemp\log3
2013-07-29 20:03 - 2013-07-29 20:02 - 00016753 _____ d:\wintemp\log1
2013-07-29 20:03 - 2013-06-24 20:35 - 15977539 _____ d:\wintemp\LWSDebugOut.txt
2013-07-29 20:02 - 2013-07-29 20:02 - 00023848 _____ d:\wintemp\frstlog
2013-07-29 20:02 - 2013-07-29 20:02 - 00000094 _____ d:\wintemp\users00
2013-07-29 20:02 - 2013-07-29 20:02 - 00000003 _____ d:\wintemp\others
2013-07-29 20:00 - 2013-07-29 20:00 - 00000000 ____D C:\FRST
2013-07-29 19:59 - 2013-07-29 19:59 - 01780547 _____ (Farbar) d:\wintemp\DB5zw7fe.exe.part
2013-07-29 19:59 - 2013-07-29 19:32 - 00000000 ____D d:\wintemp\acro_rd_dir
2013-07-29 19:58 - 2013-07-29 19:55 - 00000000 ____D d:\wintemp\plugtmp-3
2013-07-29 19:55 - 2013-07-29 19:55 - 00002150 _____ d:\wintemp\JRT.txt
2013-07-29 19:55 - 2013-07-29 19:55 - 00002150 _____ C:\Users\Master\Desktop\JRT.txt
2013-07-29 19:52 - 2013-07-29 19:47 - 00000000 ____D d:\wintemp\plugtmp-2
2013-07-29 19:47 - 2013-07-29 19:47 - 00000000 ____D d:\wintemp\WPDNSE
2013-07-29 19:45 - 2013-07-29 19:45 - 01780547 _____ (Farbar) C:\Users\Master\Desktop\FRST64.exe
2013-07-29 19:43 - 2009-07-14 12:49 - 00789088 _____ C:\Windows\system32\perfh007.dat
2013-07-29 19:43 - 2009-07-14 12:49 - 00183308 _____ C:\Windows\system32\perfc007.dat
2013-07-29 19:43 - 2009-07-14 07:13 - 01854876 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-29 19:42 - 2013-07-29 19:41 - 00000000 ____D d:\wintemp\jrt
2013-07-29 19:41 - 2013-07-29 19:41 - 00560934 _____ (Oleg N. Scherbakov) d:\wintemp\GzKRKar9.exe.part
2013-07-29 19:41 - 2013-07-29 19:41 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Master\Desktop\JRT_5.2.2.exe
2013-07-29 19:41 - 2013-07-29 19:41 - 00000000 ____D d:\wintemp\plugtmp-1
2013-07-29 19:41 - 2013-07-29 19:41 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 19:40 - 2013-07-29 19:40 - 00717160 _____ d:\wintemp\3WPfMQcD.exe.part
2013-07-29 19:40 - 2013-07-26 14:57 - 01333023 _____ C:\Windows\WindowsUpdate.log
2013-07-29 19:37 - 2013-07-29 19:37 - 00000000 ____D d:\wintemp\Acrobat Distiller 10
2013-07-29 19:37 - 2013-07-26 14:55 - 00076923 _____ d:\wintemp\AdobeARM.log
2013-07-29 19:37 - 2013-07-26 14:55 - 00023072 _____ d:\wintemp\vminst.log
2013-07-29 19:37 - 2013-07-26 14:55 - 00000902 _____ d:\wintemp\TWAIN.LOG
2013-07-29 19:37 - 2013-07-26 14:55 - 00000156 _____ d:\wintemp\Twunk001.MTX
2013-07-29 19:37 - 2013-07-26 14:55 - 00000004 _____ d:\wintemp\Twain001.Mtx
2013-07-29 19:37 - 2013-04-16 13:05 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-29 19:36 - 2013-07-29 19:36 - 00016384 _____ d:\wintemp\~DF44B9E92613C3ADCF.TMP
2013-07-29 19:36 - 2013-07-29 18:14 - 00027678 _____ C:\Windows\PFRO.log
2013-07-29 19:36 - 2013-07-26 20:39 - 00000494 _____ C:\Windows\setupact.log
2013-07-29 19:36 - 2013-07-24 15:01 - 00000000 ____D C:\Users\Master\AppData\Roaming\WTablet
2013-07-29 19:36 - 2013-03-13 10:28 - 00000376 ____H C:\Windows\Tasks\MagniPicUpdaterTask{94C0F52A-8C97-4DF9-9FFA-B3F293F1FEFE}.job
2013-07-29 19:36 - 2012-01-10 11:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-29 19:36 - 2012-01-09 14:06 - 00000000 ____D C:\ProgramData\VMware
2013-07-29 19:36 - 2011-12-05 00:31 - 00000000 ____D d:\wintemp\vmware-SYSTEM
2013-07-29 19:36 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-29 19:35 - 2013-07-29 19:35 - 00000012 _____ d:\wintemp\Preferences
2013-07-29 19:35 - 2013-07-29 19:34 - 00025661 _____ C:\AdwCleaner[S1].txt
2013-07-29 19:34 - 2013-07-29 19:33 - 00026027 _____ C:\AdwCleaner[R1].txt
2013-07-29 19:33 - 2013-07-29 19:33 - 00666633 _____ C:\Users\Master\Desktop\adwcleaner06.exe
2013-07-29 19:32 - 2013-07-29 19:32 - 00000000 ____D d:\wintemp\plugtmp
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 ____D C:\_OTL
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 _____ d:\wintemp\dfB954.tmp
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 _____ d:\wintemp\df3DA2.tmp
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 _____ d:\wintemp\ddB934.tmp
2013-07-29 19:29 - 2013-07-29 19:29 - 00000000 _____ d:\wintemp\dd3D91.tmp
2013-07-29 19:24 - 2013-07-29 19:24 - 00000628 _____ d:\wintemp\received.xml
2013-07-29 19:24 - 2013-07-29 19:19 - 00000000 ____D d:\wintemp\acrord32_sbx
2013-07-29 19:24 - 2013-01-07 15:00 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-07-29 19:17 - 2011-11-02 23:30 - 00000000 ____D C:\Users\Master
2013-07-29 19:16 - 2013-07-26 21:06 - 00000000 ____D d:\wintemp\Corel PaintShop Pro X5 Temporäre Dateien
2013-07-29 19:16 - 2012-04-16 14:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-29 19:14 - 2013-07-29 19:14 - 00000002 ____H d:\wintemp\_TMP540244831
2013-07-29 19:12 - 2012-01-10 11:46 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-29 19:03 - 2013-07-29 19:02 - 00000002 ____H d:\wintemp\_TMP540215253
2013-07-29 18:14 - 2013-07-29 18:14 - 00016384 _____ d:\wintemp\~DF5512E1AEA0FF3A76.TMP
2013-07-29 18:14 - 2013-07-29 18:13 - 00003432 _____ C:\Windows\System32\Tasks\BrowserProtect
2013-07-29 18:13 - 2013-04-15 23:07 - 00000000 ____D C:\Users\Master\AppData\Roaming\tor
2013-07-29 17:58 - 2009-07-14 06:45 - 00019296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-29 17:58 - 2009-07-14 06:45 - 00019296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-29 17:34 - 2013-07-26 14:27 - 00000000 ____D C:\Users\Master\AppData\Roaming\Viap
2013-07-29 17:33 - 2013-07-29 17:33 - 00026018 _____ d:\wintemp\ICA2191D.log.xml
2013-07-29 17:33 - 2013-07-29 17:15 - 00056036 _____ d:\wintemp\ICA2191D.log
2013-07-29 17:33 - 2012-08-25 15:33 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X5
2013-07-29 17:13 - 2013-07-29 17:13 - 00000000 ____D C:\Users\Master\Documents\My Palettes
2013-07-29 17:10 - 2013-07-29 17:10 - 00104699 _____ d:\wintemp\ICAF9CFA.log.xml
2013-07-29 17:10 - 2013-07-29 17:06 - 31188866 _____ d:\wintemp\ICAF9CFA.log
2013-07-29 17:10 - 2011-11-12 17:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-29 17:06 - 2013-07-29 17:06 - 00109364 _____ d:\wintemp\ICA89580.log.xml
2013-07-29 17:06 - 2013-07-29 17:04 - 17981868 _____ d:\wintemp\ICA89580.log
2013-07-29 17:01 - 2013-07-29 17:01 - 00000000 ____D d:\wintemp\284EAD66-34B3-4D88-BD2F-3757FB45FBB4
2013-07-29 17:00 - 2013-07-29 17:00 - 00107159 _____ d:\wintemp\ICADC14D.log.xml
2013-07-29 17:00 - 2013-07-29 16:32 - 44790520 _____ d:\wintemp\ICADC14D.log
2013-07-29 16:32 - 2012-12-18 13:37 - 00000000 ____D C:\Users\Master\AppData\Roaming\Usenet.nl
2013-07-29 16:31 - 2013-07-29 16:31 - 00000000 _____ d:\wintemp\ddAFFF.tmp
2013-07-29 16:27 - 2013-07-29 16:27 - 00000000 _____ d:\wintemp\ddB3F6.tmp
2013-07-29 16:26 - 2013-07-29 16:26 - 00000165 _____ d:\wintemp\5E45.tmp
2013-07-29 16:26 - 2013-07-29 16:26 - 00000000 _____ d:\wintemp\ddE5BE.tmp
2013-07-29 16:25 - 2013-07-29 16:25 - 00016384 _____ d:\wintemp\~DFF5E5C937B5CF3C95.TMP
2013-07-29 13:43 - 2013-07-29 13:43 - 00000165 _____ d:\wintemp\5466.tmp
2013-07-29 13:43 - 2013-07-29 11:59 - 00000004 _____ C:\Users\Master\AppData\Roaming\cache.ini
2013-07-29 13:43 - 2013-07-26 21:10 - 02366644 _____ d:\wintemp\oobelib.log
2013-07-29 13:43 - 2013-07-26 21:10 - 00123008 _____ d:\wintemp\PDApp.log
2013-07-29 13:42 - 2013-07-29 13:42 - 00016384 _____ d:\wintemp\~DF507D099F7A09A8A4.TMP
2013-07-29 12:03 - 2013-07-29 12:03 - 00000000 _____ d:\wintemp\dd2234.tmp
2013-07-29 11:53 - 2013-07-29 11:53 - 00078884 ____N d:\wintemp\jar_cache6011825277274531232.tmp
2013-07-29 11:53 - 2013-07-29 11:53 - 00000000 ____D d:\wintemp\hsperfdata_Master
2013-07-29 11:52 - 2013-07-29 11:52 - 00000000 _____ d:\wintemp\ddEFFC.tmp
2013-07-29 11:51 - 2013-07-29 11:51 - 00098320 ___HT d:\wintemp\etilqs_WqJRnkP6eywqMzX
2013-07-29 11:51 - 2013-07-29 11:51 - 00000000 _____ d:\wintemp\ddF670.tmp
2013-07-29 11:44 - 2013-07-29 11:44 - 00016384 _____ d:\wintemp\~DF805AC26435574048.TMP
2013-07-29 11:39 - 2013-07-29 11:35 - 04586108 _____ d:\wintemp\ICACF717.log
2013-07-29 11:37 - 2013-07-29 11:37 - 00000000 _____ d:\wintemp\ddEF01.tmp
2013-07-29 11:35 - 2013-07-29 11:30 - 00229376 _____ d:\wintemp\caec.rra
2013-07-29 11:30 - 2013-07-29 11:30 - 00000000 ____D d:\wintemp\{880F0A75-7E86-434F-86D9-ECB115FB5A3F}
2013-07-29 11:30 - 2013-07-29 11:30 - 00000000 ____D d:\wintemp\{33FAC9CC-BC5F-4271-A60A-4F3E0A158275}
2013-07-29 11:23 - 2013-07-27 03:12 - 00000274 _____ d:\wintemp\ScheduledHeartbeat.log
2013-07-27 03:14 - 2013-07-27 03:14 - 00060228 _____ d:\wintemp\KB2742595_20130727_031407379.html
2013-07-27 03:14 - 2013-07-27 03:14 - 00005702 _____ d:\wintemp\KB2742595_20130727_031407379-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:13 - 2013-07-27 03:13 - 00057036 _____ d:\wintemp\KB2468871v2_20130727_031315921.html
2013-07-27 03:13 - 2013-07-27 03:13 - 00040816 _____ d:\wintemp\KB2840628_20130727_031345399.html
2013-07-27 03:13 - 2013-07-27 03:13 - 00005698 _____ d:\wintemp\KB2468871v2_20130727_031315921-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:13 - 2013-07-27 03:13 - 00001574 _____ d:\wintemp\TFR8B91.tmp
2013-07-27 03:13 - 2013-07-27 03:05 - 00057036 _____ d:\wintemp\dd_clwireg.txt
2013-07-27 03:12 - 2013-07-27 03:12 - 00034512 _____ d:\wintemp\KB2737019_20130727_031214511.html
2013-07-27 03:11 - 2013-07-27 03:11 - 00040848 _____ d:\wintemp\KB2789642_20130727_031125775.html
2013-07-27 03:10 - 2013-07-27 03:10 - 00034528 _____ d:\wintemp\KB2604121_20130727_031013243.html
2013-07-27 03:10 - 2013-07-27 03:10 - 00034480 _____ d:\wintemp\KB2729449_20130727_031054630.html
2013-07-27 03:09 - 2013-07-27 03:09 - 00040702 _____ d:\wintemp\KB2804576_20130727_030931443.html
2013-07-27 03:08 - 2013-07-27 03:08 - 00066148 _____ d:\wintemp\KB2836939_20130727_030805841.html
2013-07-27 03:08 - 2013-07-27 03:08 - 00060102 _____ d:\wintemp\KB2656351_20130727_030849641.html
2013-07-27 03:08 - 2013-07-27 03:08 - 00005698 _____ d:\wintemp\KB2836939_20130727_030805841-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:08 - 2013-07-27 03:08 - 00005682 _____ d:\wintemp\KB2656351_20130727_030849641-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:07 - 2013-07-27 03:07 - 00060310 _____ d:\wintemp\KB2736428_20130727_030731656.html
2013-07-27 03:07 - 2013-07-27 03:07 - 00005706 _____ d:\wintemp\KB2736428_20130727_030731656-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:06 - 2013-07-27 03:06 - 00040718 _____ d:\wintemp\KB2835393_20130727_030653470.html
2013-07-27 03:06 - 2013-07-27 03:06 - 00010782 _____ d:\wintemp\SilverlightMSI.log
2013-07-27 03:06 - 2013-07-27 03:06 - 00002062 _____ d:\wintemp\Silverlight0.log
2013-07-27 03:05 - 2013-07-27 03:05 - 00060256 _____ d:\wintemp\KB2600217_20130727_030555689.html
2013-07-27 03:05 - 2013-07-27 03:05 - 00005690 _____ d:\wintemp\KB2600217_20130727_030555689-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-27 03:02 - 2013-07-27 03:02 - 00016384 _____ d:\wintemp\~DFE9FF2715AF999505.TMP
2013-07-26 22:38 - 2013-07-26 22:38 - 00079484 _____ d:\wintemp\ICAB11E7.log
2013-07-26 22:38 - 2013-07-26 22:36 - 00229376 _____ d:\wintemp\d376.rra
2013-07-26 22:36 - 2013-07-26 22:36 - 00000000 ____D d:\wintemp\{E8998031-01AE-4BAE-B595-D55EBBC77285}
2013-07-26 22:36 - 2013-07-26 22:36 - 00000000 ____D d:\wintemp\{942F9C53-F409-4239-BF73-9FC14C8232BF}
2013-07-26 22:02 - 2013-07-26 22:02 - 00116782 _____ d:\wintemp\ICA4972B.log.xml
2013-07-26 22:02 - 2013-07-26 21:59 - 00478122 _____ d:\wintemp\ICA4972B.log
2013-07-26 22:02 - 2013-07-26 21:59 - 00000000 ____D d:\wintemp\E9CCEC87-780A-4C4E-8AC4-94D15F4E3B19
2013-07-26 21:30 - 2013-04-27 19:26 - 00000000 ____D C:\Users\Master\AppData\Roaming\PTGui
2013-07-26 21:16 - 2013-07-26 21:10 - 00069958 _____ d:\wintemp\amt3.log
2013-07-26 21:13 - 2013-07-26 21:13 - 00000200 _____ d:\wintemp\csxs3-PHXS.log
2013-07-26 21:13 - 2013-07-26 21:13 - 00000000 _____ C:\Photoshop Temp1286644044
2013-07-26 21:13 - 2011-11-03 11:01 - 00000000 ____D C:\Users\Master\AppData\Roaming\Adobe
2013-07-26 21:10 - 2013-07-26 21:10 - 00002858 _____ d:\wintemp\swtag.log
2013-07-26 20:40 - 2013-07-26 20:40 - 00016384 _____ d:\wintemp\~DF02783E77F496E422.TMP
2013-07-26 20:40 - 2013-07-26 20:39 - 05223688 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-26 20:39 - 2013-07-26 20:39 - 00000000 _____ C:\Windows\setuperr.log
2013-07-26 18:14 - 2013-06-24 12:09 - 00001235 _____ C:\Users\Master\Desktop\TestZykus9mm 6.75 Intervall.WPW
2013-07-26 18:14 - 2013-06-24 12:09 - 00001121 _____ C:\Users\Master\Desktop\TestZykus9mm 6.75 Intervall.WPI
2013-07-26 18:14 - 2013-01-14 16:46 - 00000000 ____D C:\WinPC-NC_USB
2013-07-26 18:12 - 2013-06-24 12:07 - 00005639 _____ C:\Users\Master\Desktop\TestZykus9mm 6.75 Intervall.txt
2013-07-26 15:07 - 2013-07-26 15:07 - 00112987 _____ d:\wintemp\ICA6654B.log.xml
2013-07-26 15:07 - 2013-07-26 15:02 - 00938952 _____ d:\wintemp\ICA6654B.log
2013-07-26 14:57 - 2013-07-26 14:57 - 00000000 _____ d:\wintemp\LuUpdater.log
2013-07-26 14:55 - 2013-07-26 14:55 - 00016384 _____ d:\wintemp\~DFB9A1AF6C8B28229C.TMP
2013-07-26 14:55 - 2013-07-26 14:55 - 00000000 _____ d:\wintemp\Twunk002.MTX
2013-07-26 14:51 - 2013-07-26 14:51 - 00000000 _____ d:\wintemp\ddF92D.tmp
2013-07-26 14:50 - 2013-07-26 14:50 - 00170384 _____ d:\wintemp\ICAF902B.log.xml
2013-07-26 14:50 - 2013-07-26 14:45 - 00478110 _____ d:\wintemp\ICAF902B.log
2013-07-26 14:50 - 2013-07-26 14:45 - 00000000 ____D d:\wintemp\8A474795-0539-4E57-ABE8-4C98E5A69A22
2013-07-26 14:29 - 2013-07-26 14:27 - 00000000 ____D C:\Users\Master\AppData\Roaming\Obwao
2013-07-26 14:28 - 2013-07-26 14:28 - 00000000 ____D C:\Users\Master\AppData\Roaming\Ylna
2013-07-26 14:28 - 2013-07-26 14:28 - 00000000 ____D C:\Users\Master\AppData\Roaming\Coyt
2013-07-26 14:26 - 2011-11-12 17:53 - 00000000 ____D C:\Users\Master\AppData\Roaming\vlc
2013-07-26 14:23 - 2013-07-26 14:23 - 00000000 _RSHD d:\wintemp\servc
2013-07-26 08:12 - 2013-07-26 08:12 - 00002220 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-26 08:12 - 2013-07-26 08:12 - 00000000 ____D d:\wintemp\._msige61
2013-07-26 08:12 - 2013-07-26 08:12 - 00000000 _____ d:\wintemp\is2ABF.tmp
2013-07-26 08:12 - 2013-07-26 08:12 - 00000000 _____ d:\wintemp\is25CF.tmp
2013-07-26 03:02 - 2013-07-26 03:02 - 00060312 _____ d:\wintemp\KB2742595_20130726_030222415.html
2013-07-26 03:02 - 2013-07-26 03:02 - 00056342 _____ d:\wintemp\KB2468871v2_20130726_030207052.html
2013-07-26 03:02 - 2013-07-26 03:02 - 00040766 _____ d:\wintemp\KB2840628_20130726_030218807.html
2013-07-26 03:02 - 2013-07-26 03:02 - 00005706 _____ d:\wintemp\KB2742595_20130726_030222415-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-26 03:02 - 2013-07-26 03:02 - 00005682 _____ d:\wintemp\KB2468871v2_20130726_030207052-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-26 03:01 - 2013-07-26 03:01 - 00040556 _____ d:\wintemp\KB2789642_20130726_030103336.html
2013-07-26 03:01 - 2013-07-26 03:01 - 00034320 _____ d:\wintemp\KB2729449_20130726_030100279.html
2013-07-26 03:01 - 2013-07-26 03:01 - 00034304 _____ d:\wintemp\KB2737019_20130726_030107365.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00060676 _____ d:\wintemp\KB2600217_20130726_030025583.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00060438 _____ d:\wintemp\KB2656351_20130726_030045831.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00060310 _____ d:\wintemp\KB2736428_20130726_030041249.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00040782 _____ d:\wintemp\KB2835393_20130726_030038503.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00040750 _____ d:\wintemp\KB2804576_20130726_030049722.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00034400 _____ d:\wintemp\KB2604121_20130726_030055597.html
2013-07-26 03:00 - 2013-07-26 03:00 - 00005710 _____ d:\wintemp\KB2600217_20130726_030025583-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-26 03:00 - 2013-07-26 03:00 - 00005706 _____ d:\wintemp\KB2736428_20130726_030041249-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-26 03:00 - 2013-07-26 03:00 - 00005698 _____ d:\wintemp\KB2656351_20130726_030045831-Microsoft .NET Framework 4 Client Profile-MSP0.txt
2013-07-25 20:32 - 2013-07-25 20:32 - 00000165 _____ d:\wintemp\524E.tmp
2013-07-24 18:41 - 2013-04-12 12:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-24 18:19 - 2011-11-02 23:01 - 00000000 ____D C:\Windows\Panther
2013-07-24 15:01 - 2013-07-24 15:01 - 00000000 ____D C:\Windows\system32\WTablet
2013-07-24 15:01 - 2013-07-24 15:01 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2013-07-24 15:01 - 2013-07-24 15:00 - 00000000 ____D C:\Program Files (x86)\Tablet
2013-07-21 21:06 - 2013-02-21 17:36 - 00000000 ____D C:\Users\Master\AppData\Roaming\SchnapperPro
2013-07-17 13:29 - 2011-11-03 10:52 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-17 13:21 - 2011-11-03 12:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-15 20:32 - 2012-01-09 14:07 - 01836466 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-13 00:07 - 2012-01-10 11:46 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 00:07 - 2012-01-10 11:46 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 03:24 - 2009-07-14 13:07 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 03:24 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 03:24 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 03:04 - 2010-06-24 12:41 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-07-12 03:00 - 2009-07-14 04:34 - 00000805 _____ C:\Windows\win.ini
2013-07-11 15:16 - 2013-07-11 15:16 - 00002623 _____ C:\Users\Public\Desktop\roomeon Portal.lnk
2013-07-11 15:16 - 2013-07-11 15:16 - 00002623 _____ C:\Users\Public\Desktop\roomeon 3D-Planer.lnk
2013-07-11 15:16 - 2013-07-11 15:16 - 00000000 ____D C:\Program Files (x86)\roomeon GmbH
2013-07-11 15:14 - 2013-07-11 15:14 - 00617312 _____ (Download-Sponsor.de - Verdienen Sie mehr Geld mit Ihrer Software!) C:\Users\Master\Desktop\roomeon - CHIP-Downloader.exe
2013-07-08 13:25 - 2013-06-15 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-08 12:39 - 2013-07-08 12:39 - 00000000 ____D C:\Users\Master\AppData\Roaming\inkscape
2013-07-08 12:38 - 2013-07-08 12:38 - 00001015 _____ C:\Users\Public\Desktop\Inkscape.lnk
2013-07-08 12:38 - 2013-07-08 12:34 - 00000000 ____D C:\Program Files (x86)\Inkscape

Files to move or delete:
====================
C:\Users\Master\AppData\Roaming\cache.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 00:04

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Addition.txt:FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-07-2013
Ran by Master at 2013-07-29 20:03:14
Running from C:\Users\Master\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
3D-Tool V10.02 (x32 Version: V10.02)
Acronis*True*Image*Home 2011 (x32 Version: 14.0.6942)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.1)
Adobe AIR (x32 Version: 3.1.0.4880)
Adobe Content Viewer (x32 Version: 1.4.0)
Adobe Creative Suite 6 Master Collection (x32 Version: 6)
Adobe CS6 Design and Web Premium (x32 Version: 6)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Widget Browser (x32 Version: 2.0 Build 230)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.230)
Adobe Widget Browser (x32 Version: 2.0.348)
Apple Application Support (x32 Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (x32 Version: 2.1.3.127)
Astroburn Lite (x32 Version: 1.7.0.0175)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82)
Autodesk Inventor Content Center Libraries 2013 (Desktop Content) (Version: 17.0.13800.0000)
Autodesk Inventor Fusion for Inventor 2013 Add-in (Version: 1.0.0.111)
Autodesk Inventor Professional 2013 (Version: 17.0.13800.0000)
Autodesk Inventor Professional 2013 Deutsch (German) (Version: 17.0.13800.0000)
Autodesk Inventor Professional 2013 Language Pack - Deutsch (German) (Version: 17.0.13800.0000)
Autodesk Material Library 2013 (x32 Version: 3.0.13)
Autodesk Material Library Base Resolution Image Library 2013 (x32 Version: 3.0.13)
Autodesk Material Library Low Resolution Image Library 2013 (x32 Version: 3.0.13)
Autodesk Stitcher Unlimited 2009 (x32)
Autodesk Sync (Version: 3.5.24.0)
Autodesk Vault Basic 2013 (Client) (Version: 17.0.61.0)
Autodesk Vault Basic 2013 (Client) (x32 Version: 17.0.61.0)
Autodesk Vault Basic 2013 (Client) German Language Pack (Version: 17.0.61.0)
AutoHotkey 1.1.09.04 (Version: 1.1.09.04)
AutoIt v3.3.8.1 (x32)
Autopano Pro (x32 Version: V1.4.0)
bl (x32 Version: 1.0.0)
Blender (Version: 2.66)
Bonjour (Version: 3.0.0.10)
CameraHelperMsi (x32 Version: 13.50.854.0)
Canon Easy-PhotoPrint EX (x32)
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data (x32)
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data (x32)
Canon Easy-WebPrint EX (x32)
Canon IJ Network Scanner Selector EX (x32)
Canon IJ Network Tool (x32)
Canon iX7000 series Benutzerregistrierung (x32)
Canon iX7000 series Printer Driver
Canon MG3100 series Benutzerregistrierung (x32)
Canon MG3100 series MP Drivers
Canon MG3100 series On-screen Manual (x32)
Canon MP Navigator EX 5.0 (x32)
Canon My Printer (x32)
Canon Solution Menu EX (x32)
Canon Utilities Easy-PhotoPrint Pro (x32)
Canon Utilities Solution Menu (x32)
CCleaner (Version: 3.16)
CDBurnerXP (x32 Version: 4.4.0.2905)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.0.686)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686)
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686)
Corel PaintShop Pro X5 (x32 Version: 15.1.0.10)
Corel PaintShop Pro X5 (x32 Version: 15.2.0.12)
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - EN (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.0)
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.0)
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3)
CorelDRAW Graphics Suite X5 (x32 Version: 15.3)
CorelDRAW(R) Graphics Suite X5 (x32 Version: 15.2.0.686)
CtrlView 3.30 (x32 Version: )
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Dassault Systemes Software VC9 Prerequisites x86-x64 (Version: 9.1.2)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Dienstprogramm "ThinkPad UltraNav" (x32 Version: 2.13.0)
DiskBoss 3.2.16 (x32 Version: 3.2.16)
DORGONIA 3D Scanning System 1.41 (x32)
Driver Install 64bit (x32 Version: 1.00.0000)
Drv (x32 Version: 1.00.0000)
DWG TrueView 2013 (Version: 19.0.55.0)
Easy2Convert BMP to JPG 1.3 (x32 Version: 1.3)
Eco Materials Adviser for Autodesk Inventor 2013 (Version: 3.9.12.0)
EFI Designer Edition (x32 Version: 4.2.3)
Energie-Manager (x32 Version: 6.07)
EPSON Printer Software
erLT (x32 Version: 1.20.138.34)
Estlcam (x32)
FormatFactory 3.0.1 (x32 Version: 3.0.1)
Foxit Reader (x32 Version: 5.3.0.423)
Free Mouse and Keyboard Recorder 3.1.3.2 (x32)
Google Earth (x32 Version: 6.1.0.5001)
Google Earth (x32 Version: 7.1.1.1888)
Google SketchUp Pro 8 (x32 Version: 3.0.14346)
Google Update Helper (x32 Version: 1.3.21.153)
Helicon Focus 5.3.11 (x32)
honestech VHS to DVD 3.0 SE (x32 Version: 3.0)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (x32 Version: 1)
Hugin 2012.0.0 (x32 Version: 2012.0.0 hg_a6e4184ad538)
ICA (x32 Version: 15.1.0.10)
Inkscape 0.48.4 (x32 Version: 0.48.4)
Intel PROSet Wireless
Intel PROSet Wireless (x32)
Intel(R) PROSet/Wireless WiFi-Software (Version: 14.03.0000)
IPM_PSP_COM (x32 Version: 15.1.0.10)
IrfanView (remove only) (x32 Version: 4.35)
Java Auto Updater (x32 Version: 2.0.7.1)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
JDownloader 2 (x32 Version: 2)
Kaspersky Anti-Virus 2012 (x32 Version: 12.0.0.374)
Kolor Autopano Giga 3.0 (Version: V3.0.5)
Kolor Autopano Pro 3.0 (Version: V3.0.5)
Lenovo Patch Utility (x32 Version: 1.00.0000)
Lenovo Patch Utility (x32 Version: 1.3.0.007)
Lenovo Patch Utility 64 bit (Version: 1.20.0001)
Lenovo Patch Utility 64 bit (Version: 1.3.0.007)
Lenovo System Interface Driver (Version: 1.05)
Logitech High Quality Video (x32 Version: 12.10.1113)
Logitech Webcam-Software (x32 Version: 2.31)
LWS Facebook (x32 Version: 13.50.854.0)
LWS Gallery (x32 Version: 13.50.854.0)
LWS Help_main (x32 Version: 13.50.862.0)
LWS Launcher (x32 Version: 13.50.859.0)
LWS Motion Detection (x32 Version: 13.30.1395.0)
LWS Pictures And Video (x32 Version: 13.50.861.0)
LWS Twitter (x32 Version: 13.30.1346.0)
LWS Video Mask Maker (x32 Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (x32 Version: 13.31.1038.0)
LWS WLM Plugin (x32 Version: 1.30.1201.0)
LWS YouTube Plugin (x32 Version: 13.31.1038.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MeshLab 1.3.2 (x32 Version: 1.3.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (x32 Version: 4.1.10111.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Express Edition - DEU (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Express Edition - DEU (x32)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.21022)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (x32 Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (x32 Version: 9.0.30729)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
minimal arts - Toolbar für amazon.de (x32 Version: 1.0.0)
MiniTool Partition Wizard Home Edition 7.7 (x32)
Mouse and Keyboard Recorder 3.2.1.6 (x32)
MozBackup 1.5.1 (x32)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero Burning ROM (x32 Version: 12.0.28001)
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000)
Nero BurningROM 12 (x32 Version: 12.0.00800)
Nero ControlCenter (x32 Version: 11.0.15500)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000)
Nero Core Components (x32 Version: 11.0.18900)
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)
Nero Update (x32 Version: 11.0.11800.31.0)
netfabb Studio (x32)
netfabb Studio 4 Trial
NVIDIA Drivers (Version: 1.10)
NVIDIA Grafiktreiber 285.62 (Version: 285.62)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA nView 136.02 (Version: 136.02)
NVIDIA PhysX (x32 Version: 9.11.0621)
NVIDIA PhysX-Systemsoftware 9.11.0621 (Version: 9.11.0621)
NVIDIA Systemsteuerung 285.62 (Version: 285.62)
odesk Inventor Fusion 2013 (Version: 2.0.0.206)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
pcdreh für Windows (x32 Version: R17)
PCStitch 10 (x32 Version: 10.00.23)
PDF Settings CS6 (x32 Version: 11.0)
ph (x32 Version: 1.0.0)
phonostar-Player Version 3.02.7 (x32)
Prerequisite installer (x32 Version: 12.0.0003)
PSPPContent (x32 Version: 15.2.0.12)
PSPPHelp (x32 Version: 15.1.0.10)
PSPPro64 (Version: 15.1.0.10)
PTGui Pro 9.1.7 (x32)
PxMergeModule (x32 Version: 1.00.0000)
QuickTime (x32 Version: 7.71.80.42)
Relais Timer Software - Version 1.7 (remove only) (x32)
RICOH R5U8xx Media Driver ver.3.64.02 (x32 Version: 3.64.02)
roomeon 3D-Planer (x32 Version: 1.4.2)
Samsung Printer Live Update (x32 Version: 1.01.00.04)
SchnapperPro 2.0.92 (x32 Version: 2.0.92)
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 (Version: 17.0.13800.0000)
Sentinel System Driver Installer 7.5.2 (x32 Version: 7.5.2)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (Version: 10.1.2531.0)
Setup (x32 Version: 15.1.0.10)
SketchUp DWG Importer (x32 Version: 1.0.0.0)
Skype Click to Call (x32 Version: 6.2.10687)
SoundMAX (x32 Version: 6.10.2.7255)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
StitcherUnlimited2009 AdLM (x32 Version: 1.0.0)
Synology Cloud Station (remove only) (HKCU)
System Update (x32 Version: 4.03.0007)
TeamViewer 5 (x32 Version: 5.1.15822 )
ThinkPad FullScreen Magnifier (Version: 2.40)
ThinkPad Modem (Version: 7.62.00)
ThinkPad Power Management Driver (Version: 1.65.05.20)
ThinkPad UltraNav Driver (Version: 15.3.39.1)
ThinkVantage Access Connections (x32 Version: 5.85)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.75)
tools-freebsd (x32 Version: 8.8.1.528992)
tools-linux (x32 Version: 8.8.1.528992)
tools-netware (x32 Version: 8.8.1.528992)
tools-solaris (x32 Version: 8.8.1.528992)
tools-windows (x32 Version: 8.8.1.528992)
tools-winPre2k (x32 Version: 8.8.1.528992)
TotalPDFConverter (x32 Version: 2.8)
TreeSize Professional V5.5 (x32 Version: 5.5)
Universal Extractor 1.6 (x32 Version: 1.6)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.1.2731.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2817468) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817469) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition
Update for Microsoft Word 2013 (KB2810086) 64-Bit Edition
Usenet.nl (x32)
VBA (2627.01) (x32 Version: 6.03.00.9402)
VBA (2701.01) (x32 Version: 6.03.00.9402)
VC Runtimes MSI (x32 Version: 9.0.21022)
VC80_CRT_x86 (x32 Version: 1.0.0)
Visual Basic for Applications (R) Core - English (x32 Version: 6.4.99.69)
Visual Basic for Applications (R) Core (x32 Version: 6.4.99.69)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0)
VLC media player 2.0.2 (x32 Version: 2.0.2)
VmciSockets (Version: 9.1.54.1)
VMware Workstation (x32 Version: 8.0.1.27038)
Wacom Tablett (x32)
WebTablet IE Plugin (x32 Version: 1.1.0.4)
WebTablet Netscape Plugin (x32 Version: 1.1.0.3)
WinPC-NC USB (x32 Version: 2.00)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
WPanorama (HKCU)
XnView 1.99 (x32 Version: 1.99)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-05-16 19:55 - 00000894 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com
127.0.0.1 activate.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {0B3DB873-E841-4070-AA79-3384DCE8B375} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {1E17D020-7301-46AD-BC7E-39C30CA07582} - System32\Tasks\BrowserProtect => C:\Windows\system32\sc.exe [2009-07-14] (Microsoft Corporation)
Task: {21F6A03F-A8E7-4C6F-BD28-6506C3072AEC} - System32\Tasks\TVT\TVSUUpdateTask_Softtestbook_Master => C:\Program Files (x86)\Lenovo\System Update\tvsu.exe [2012-03-16] ()
Task: {2E05F1FA-2BE5-4304-8FE4-486A0113DE44} - System32\Tasks\{4F05E12F-F3B4-464B-9DF3-F45886A9DB01} => C:\Program Files (x86)\EFI\EFI Designer Edition\EFIDesignerEdition.exe [2006-01-20] ()
Task: {4BB10696-700F-4A54-A840-C3809BFD7491} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {64CAB27F-C5DD-4FB5-AF83-8C657B5C2B85} - System32\Tasks\EPUpdater => C:\Users\Master\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {6DB90A84-7E48-4F0A-B154-E509086D13F6} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File
Task: {8AC687A8-8174-4712-9B3F-C811351C80A3} - System32\Tasks\{217E5D0E-9531-4760-BA6D-66E326282631} => C:\Program Files (x86)\VisionGS PE\visiongs.exe No File
Task: {8E838A99-2A49-4C1A-AC52-71EA74ECEF87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-10] (Google Inc.)
Task: {9C397F85-65F0-41A9-B4BA-719E3FB913D2} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File
Task: {9D168ED8-050D-40BF-8FC4-847EBA51FFD2} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe No File
Task: {C70E15D3-9D06-44E1-B3D8-CA577D89B191} - \MagniPicUpdaterTask{94C0F52A-8C97-4DF9-9FFA-B3F293F1FEFE} No Task File
Task: {CE66AD53-61F2-461E-A645-FFBF9BE1AE8C} - System32\Tasks\AdobeAAMUpdater-1.0-SEBASTIANBOOK-Master => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {D0A4C254-1778-4B87-BA3D-29526D4677E3} - System32\Tasks\TVT\TVSUUpdateTask_SEBASTIANBOOK_Master => C:\Program Files (x86)\Lenovo\System Update\tvsu.exe [2012-03-16] ()
Task: {EF16AD9D-9B5B-4B7C-9CEE-3ED60B4007B4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F00C6F5E-CDBD-4A77-9746-8FA1EC3492F0} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {F689565E-1CA4-4BF9-9349-354926A449A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {FAD93D6B-85BC-41F6-A5C4-622A27751D6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MagniPicUpdaterTask{94C0F52A-8C97-4DF9-9FFA-B3F293F1FEFE}.job => C:\ProgramData\Premium\MagniPic\MagniPic.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 8126.3 MB
Available physical RAM: 6247.85 MB
Total Pagefile: 12220.48 MB
Available Pagefile: 10287.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Win7Boot) (Fixed) (Total:63.85 GB) (Free:1.1 GB) NTFS (Disk=0 Partition=2)
Drive d: (Daten_lokal) (Fixed) (Total:39.06 GB) (Free:20.57 GB) NTFS (Disk=0 Partition=3)
Drive e: (25 Jul 2013) (CDROM) (Total:2.11 GB) (Free:0 GB) UDF
Drive g: (INTENSO) (Fixed) (Total:1293.49 GB) (Free:1057.23 GB) NTFS (Disk=1 Partition=1)
Drive i: (Volume) (Fixed) (Total:754.5 GB) (Free:741.56 GB) NTFS (Disk=1 Partition=2)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 112 GB) (Disk ID: 90F8A639)
Partition 1: (Active) - (Size=101 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=64 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=39 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================
--- --- ---

schrauber 29.07.2013 19:46
Supi :)


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:06 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131