Microsoft Security Essentials meldet Fund: C:\Users\Eric\AppData\Local\lollipop\ und Browser zeigt: feed.helperbar.com
Liebes Trojaner-Board-Team,
ich habe seit einiger Zeit die feed.helperbar als Startseite bei Mozilla Firefox und möchte sie gerne dauerhaft entfernen.
hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=hp&fr=linkury-tb&installDate=17/01/2014&type=hp1000
Windows Essential Security hat folgenden Fund gemeldet:
Kategorie: Adware
Beschreibung: Dieses Programm zeigt potenziell unerwünschte Werbefenster und Popupwerbungen auf dem Computer an.
Elemente:
folder:C:\Users\Eric\AppData\Local\lollipop\
file:C:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0DN5M8JF\download[1].php
Vielen Dank für die Hilfe!
Anbei die ersten log-Dateien: defogger Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:16 on 06/02/2014 (Eric)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST.txt Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Eric (administrator) on ERIC-HP on 06-02-2014 09:18:11
Running from C:\Users\Eric\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CryptoMill Technologies Ltd.) C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Mentor Graphics Corporation) C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Smartbar) C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.exe
(Spotify Ltd) C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Spotify Ltd) C:\Users\Eric\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-30] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [CryptoMill Refresh] - C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-19] (Synaptics Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-08-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] - C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-25] (Hewlett-Packard Company)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-28] ( (Atheros Communications))
HKU\S-1-5-21-1269964185-741127880-1541483610-1001\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Eric\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1269964185-741127880-1541483610-1001\...\Run: [Browser Infrastructure Helper] - C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.exe [20760 2013-11-21] (Smartbar)
HKU\S-1-5-21-1269964185-741127880-1541483610-1001\...\Run: [Spotify] - C:\Users\Eric\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-21] (Spotify Ltd)
HKU\S-1-5-21-1269964185-741127880-1541483610-1001\...\Run: [Spotify Web Helper] - C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-21] (Spotify Ltd)
HKU\S-1-5-21-1269964185-741127880-1541483610-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1269964185-741127880-1541483610-1001\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_43_Plugin.exe [840072 2014-01-26] (Adobe Systems Incorporated)
AppInit_DLLs: C:\Program => File Not Found
AppInit_DLLs: Files => File Not Found
AppInit_DLLs: (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => File Not Found
AppInit_DLLs: C:\Program => File Not Found
AppInit_DLLs: Files => File Not Found
AppInit_DLLs: C:\Program => File Not Found
AppInit_DLLs: Files => File Not Found
AppInit_DLLs: C:\Program => File Not Found
AppInit_DLLs: Files => File Not Found
AppInit_DLLs: C:\Program => File Not Found
AppInit_DLLs: Files => File Not Found
AppInit_DLLs-x32: C:\Program => File Not Found
AppInit_DLLs-x32: Files => File Not Found
AppInit_DLLs-x32: (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => File Not Found
AppInit_DLLs-x32: C:\Program => File Not Found
AppInit_DLLs-x32: Files => File Not Found
AppInit_DLLs-x32: C:\Program => File Not Found
AppInit_DLLs-x32: Files => File Not Found
AppInit_DLLs-x32: C:\Program => File Not Found
AppInit_DLLs-x32: Files => File Not Found
AppInit_DLLs-x32: C:\Program => File Not Found
AppInit_DLLs-x32: Files => File Not Found
Lsa: [Notification Packages] DPPassFilter scecli
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=hp&fr=linkury-tb&installDate=17/01/2014&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM13/10
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/01/2014&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/01/2014&type=hp1000
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM13/10
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM13/10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM13/10
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM13/10
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/01/2014&type=hp1000
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/01/2014&type=hp1000
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMNTDFJS
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/01/2014&type=hp1000
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=17/01/2014&type=hp1000
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm®Atheros®)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\7iexoy5b.default
FF NewTab: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=nt&fr=linkury-tb&installDate=17/01/2014&type=hp1000&q=
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=hp&fr=linkury-tb&installDate=17/01/2014&type=hp1000
FF Keyword.URL: hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d603a28f-117e-5ea2-cced-a878e5691fb6&searchtype=ds&fr=linkury-tb&installDate=17/01/2014&type=hp1000&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\7iexoy5b.default\searchplugins\ask-web-search.xml
FF SearchPlugin: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\7iexoy5b.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\7iexoy5b.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-28] (Windows (R) Win 7 DDK provider)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2317600 2014-02-03] (Conduit)
R2 CreoService; C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [1366488 2013-08-23] (CryptoMill Technologies Ltd.)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2013-08-08] ()
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-08-06] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [558392 2013-08-07] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-08-01] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-26] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 RemoteSolverDispatcher; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [218248 2013-02-22] (Mentor Graphics Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-28] (Atheros)
S2 HPFSService; "C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe" [X]
==================== Drivers (Whitelisted) ====================
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-06-28] (Qualcomm Atheros)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-06-13] (Hewlett-Packard Company)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-30] (Intel Corporation)
R3 IceKore; C:\Windows\System32\DRIVERS\IceKore.sys [397784 2013-08-19] (CryptoMill Technologies Inc.)
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [39704 2013-06-28] (Atheros)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-07-16] (WinMagic Inc.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418520 2013-06-17] (Realsil Semiconductor Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2013-07-16] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2013-07-16] (WinMagic Inc.)
S1 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-19] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2013-08-19] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1512952 2013-08-08] (Sunplus)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 09:18 - 2014-02-06 09:18 - 00023926 _____ () C:\Users\Eric\Desktop\FRST.txt
2014-02-06 09:18 - 2014-02-06 09:18 - 00000000 ____D () C:\FRST
2014-02-06 09:17 - 2014-02-06 09:17 - 02082304 _____ (Farbar) C:\Users\Eric\Desktop\FRST64.exe
2014-02-06 09:16 - 2014-02-06 09:16 - 00000000 _____ () C:\Users\Eric\defogger_reenable
2014-02-06 09:15 - 2014-02-06 09:15 - 00050477 _____ () C:\Users\Eric\Downloads\Defogger.exe
2014-02-06 09:15 - 2014-02-06 09:15 - 00050477 _____ () C:\Users\Eric\Desktop\Defogger.exe
2014-02-06 09:14 - 2014-02-06 09:16 - 00000000 ____D () C:\Users\Eric\Desktop\Virenentfernung
2014-02-06 09:08 - 2014-02-06 09:09 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-02-05 20:05 - 2014-02-05 20:06 - 00000000 ____D () C:\Users\Eric\AppData\Local\Skype
2014-02-05 20:05 - 2014-02-05 20:05 - 00002729 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-05 20:05 - 2014-02-05 20:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-05 20:03 - 2014-02-05 20:03 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Eric\Downloads\SkypeSetup.exe
2014-01-30 19:48 - 2014-01-30 19:48 - 00397312 _____ () C:\Users\Eric\Downloads\Lagerdeckel_Langgemach(1).SLDDRW
2014-01-30 19:46 - 2014-01-30 19:46 - 00397312 _____ () C:\Users\Eric\Downloads\Lagerdeckel_Langgemach.SLDDRW
2014-01-27 20:52 - 2014-01-27 20:52 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\SolidWorks 2013
2014-01-26 14:25 - 2014-01-26 14:25 - 00001800 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-26 14:25 - 2014-01-26 14:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 14:25 - 2014-01-26 14:25 - 00000000 ____D () C:\Program Files\iTunes
2014-01-26 14:25 - 2014-01-26 14:25 - 00000000 ____D () C:\Program Files\iPod
2014-01-26 14:25 - 2014-01-26 14:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-24 19:44 - 2014-01-24 19:44 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-01-24 18:07 - 2014-01-24 19:44 - 00001948 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-01-24 18:07 - 2014-01-24 18:07 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-01-24 18:07 - 2014-01-24 18:07 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-22 22:20 - 2014-01-22 22:26 - 24380486 _____ () C:\Users\Eric\Desktop\Physik und Chemie.zip
2014-01-22 22:18 - 2014-01-22 22:18 - 00000000 ____D () C:\Users\Eric\Desktop\Neuer Ordner
2014-01-21 15:24 - 2014-01-24 18:13 - 00000000 ____D () C:\Users\Eric\AppData\Local\Spotify
2014-01-21 15:24 - 2014-01-21 15:24 - 00001807 _____ () C:\Users\Eric\Desktop\Spotify.lnk
2014-01-21 15:24 - 2014-01-21 15:24 - 00001793 _____ () C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-21 15:23 - 2014-02-06 09:08 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Spotify
2014-01-21 15:22 - 2014-01-21 15:22 - 00127080 _____ (Spotify Ltd) C:\Users\Eric\Downloads\SpotifySetup(1).exe
2014-01-21 15:21 - 2014-01-21 15:21 - 00127080 _____ (Spotify Ltd) C:\Users\Eric\Downloads\SpotifySetup.exe
2014-01-17 18:25 - 2014-01-17 18:25 - 06796432 _____ (Mindspark Interactive Network) C:\Users\Eric\Downloads\VideoDownloadConverterSetup.exe
2014-01-17 18:10 - 2014-01-17 18:10 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\TuneUp Software
2014-01-17 18:09 - 2014-01-17 18:23 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-01-17 18:09 - 2014-01-17 18:09 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-17 18:08 - 2014-01-17 18:21 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\Eric\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230(1).exe
2014-01-17 18:08 - 2014-01-17 18:08 - 00002461 _____ () C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-01-17 18:07 - 2014-01-17 18:08 - 00000000 ____D () C:\Users\Eric\AppData\Local\Smartbar
2014-01-17 18:06 - 2014-01-17 18:25 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\DVDVideoSoft
2014-01-17 18:06 - 2014-01-17 18:06 - 00001589 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-01-17 18:06 - 2014-01-17 18:06 - 00001272 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-17 18:06 - 2014-01-17 18:06 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\OpenCandy
2014-01-17 18:06 - 2014-01-17 18:06 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-01-17 16:11 - 2014-01-17 16:11 - 01396285 _____ () C:\Users\Eric\Downloads\USB-Installer-Win-Ubuntu.exe
2014-01-17 16:10 - 2014-01-17 16:38 - 1118289683 _____ () C:\Users\Eric\Downloads\Ubuntu-11.10.7z
2014-01-17 16:09 - 2014-01-17 16:10 - 09725202 _____ () C:\Users\Eric\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.1.8-75467.vbox-extpack
2014-01-17 16:07 - 2014-01-17 16:09 - 92193072 _____ (Oracle Corporation) C:\Users\Eric\Downloads\VirtualBox-4.1.8-75467-Win.exe
2014-01-17 16:05 - 2014-01-17 16:05 - 01095461 _____ (pendrivelinux.com) C:\Users\Eric\Downloads\Universal-USB-Installer-1.9.5.2.exe
2014-01-15 21:13 - 2014-01-15 21:13 - 00000608 ____H () C:\ProgramData\T2
2014-01-15 21:13 - 2014-01-15 21:13 - 00000604 ____H () C:\Windows\T4
2014-01-15 21:13 - 2014-01-15 21:13 - 00000604 ____H () C:\Windows\SysWOW64\T3
2014-01-15 21:13 - 2014-01-15 21:13 - 00000604 ____H () C:\Program Files (x86)\STLL Notifier
2014-01-15 21:13 - 2014-01-15 21:13 - 00000000 ____D () C:\ProgramData\Sibelius Software
2014-01-15 21:12 - 2014-01-15 21:14 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Sibelius Software
2014-01-15 21:11 - 2014-01-15 21:11 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-01-15 21:09 - 2014-01-17 18:43 - 00000000 ____D () C:\Program Files (x86)\Sibelius Software
2014-01-15 20:55 - 2014-01-15 20:55 - 00000000 ____D () C:\Users\Eric\Documents\Sibelius Software
2014-01-15 20:55 - 2014-01-15 20:55 - 00000000 ____D () C:\Users\Eric\Documents\Sibelius 5.1 [h33t][poolpro]
2014-01-15 20:00 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:00 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:00 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:00 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:00 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:00 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:00 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:00 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:00 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 19:58 - 2014-01-15 19:58 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-01-13 16:46 - 2014-01-13 16:46 - 00000507 _____ () C:\Users\Eric\Downloads\signature.asc
2014-01-10 20:57 - 2014-01-16 08:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-10 20:57 - 2014-01-16 08:25 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-10 20:14 - 2013-12-27 12:58 - 25571334 _____ () C:\Users\Eric\Documents\2.bmp
2014-01-10 20:10 - 2014-01-10 20:10 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\WinRAR
2014-01-10 20:09 - 2014-01-10 20:09 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-10 20:09 - 2014-01-10 20:09 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-10 20:08 - 2014-01-10 20:09 - 02083288 _____ () C:\Users\Eric\Downloads\winrar-x64-501d.exe
2014-01-09 13:56 - 2014-01-09 13:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-01-07 18:26 - 2014-01-31 21:22 - 00000000 ____D () C:\Users\Eric\Documents\Zeichnungen
2014-01-07 18:23 - 2014-01-31 21:22 - 00000000 ____D () C:\Users\Eric\AppData\Local\TempSWSicherungsverzeichnis
2014-01-07 18:18 - 2014-01-30 14:28 - 00000000 ____D () C:\Users\Eric\AppData\Local\SolidWorks
2014-01-07 18:09 - 2014-01-07 18:09 - 00000000 ____D () C:\ProgramData\Simpoe
2014-01-07 18:08 - 2014-01-07 18:08 - 00000000 ____D () C:\ProgramData\COSMOS Applications
2014-01-07 18:07 - 2014-01-07 18:07 - 00002190 _____ () C:\Users\Eric\Desktop\SolidWorks eDrawings 2013 x64 Edition.lnk
2014-01-07 18:07 - 2014-01-07 18:07 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\help_images_otherUI
2014-01-07 18:07 - 2014-01-07 18:07 - 00000000 ____D () C:\ProgramData\SolidWorks Flow Simulation
2014-01-07 18:07 - 2014-01-07 18:07 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-01-07 18:05 - 2014-01-21 16:11 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\DassaultSystemes
2014-01-07 18:05 - 2014-01-07 18:05 - 00000000 ____D () C:\Users\Eric\Documents\SolidWorks Visual Studio Tools for Applications
2014-01-07 18:05 - 2014-01-07 18:05 - 00000000 ____D () C:\Users\Eric\AppData\Local\DassaultSystemes
2014-01-07 18:05 - 2014-01-07 18:05 - 00000000 ____D () C:\ProgramData\DassaultSystemes
2014-01-07 18:01 - 2014-01-07 18:01 - 00002819 _____ () C:\Users\Public\Desktop\SolidWorks 2013 x64 Edition.lnk
2014-01-07 17:57 - 2014-01-07 18:09 - 00000000 ____D () C:\Program Files\SolidWorks Corp
2014-01-07 17:57 - 2014-01-07 17:57 - 00000000 ____D () C:\ProgramData\SolidWorks
2014-01-07 17:57 - 2014-01-07 17:57 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-07 17:56 - 2014-01-07 17:56 - 00000000 ____D () C:\Users\Eric\Documents\Visual Studio 2005
2014-01-07 17:39 - 2014-01-07 18:03 - 00000000 ____D () C:\SolidWorks Data (2)
2014-01-07 17:37 - 2014-01-07 17:54 - 00000000 ____D () C:\Windows\SolidWorks
2014-01-07 17:37 - 2014-01-07 17:37 - 00356904 _____ () C:\Users\Eric\Downloads\setup(1).exe
2014-01-07 17:21 - 2014-01-07 17:21 - 01470495 _____ () C:\Users\Eric\Documents\IM_Logs.zip
2014-01-07 17:13 - 2014-01-07 17:13 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-01-07 17:13 - 2014-01-07 17:13 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-01-07 17:11 - 2014-01-07 17:11 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-01-07 17:10 - 2014-01-19 10:30 - 00000000 ____D () C:\Users\Eric\AppData\Local\CrashDumps
==================== One Month Modified Files and Folders =======
2014-02-06 09:18 - 2014-02-06 09:18 - 00023926 _____ () C:\Users\Eric\Desktop\FRST.txt
2014-02-06 09:18 - 2014-02-06 09:18 - 00000000 ____D () C:\FRST
2014-02-06 09:17 - 2014-02-06 09:17 - 02082304 _____ (Farbar) C:\Users\Eric\Desktop\FRST64.exe
2014-02-06 09:16 - 2014-02-06 09:16 - 00000000 _____ () C:\Users\Eric\defogger_reenable
2014-02-06 09:16 - 2014-02-06 09:14 - 00000000 ____D () C:\Users\Eric\Desktop\Virenentfernung
2014-02-06 09:16 - 2013-12-27 13:04 - 00000000 ____D () C:\Users\Eric
2014-02-06 09:15 - 2014-02-06 09:15 - 00050477 _____ () C:\Users\Eric\Downloads\Defogger.exe
2014-02-06 09:15 - 2014-02-06 09:15 - 00050477 _____ () C:\Users\Eric\Desktop\Defogger.exe
2014-02-06 09:09 - 2014-02-06 09:08 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-02-06 09:08 - 2014-01-21 15:23 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Spotify
2014-02-06 09:08 - 2013-12-28 07:51 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Skype
2014-02-06 09:08 - 2013-12-27 20:58 - 01283126 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 09:08 - 2013-12-27 13:15 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\newnext.me
2014-02-05 20:06 - 2014-02-05 20:05 - 00000000 ____D () C:\Users\Eric\AppData\Local\Skype
2014-02-05 20:05 - 2014-02-05 20:05 - 00002729 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-05 20:05 - 2014-02-05 20:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-05 20:05 - 2013-11-26 17:08 - 00000000 ____D () C:\ProgramData\Skype
2014-02-05 20:03 - 2014-02-05 20:03 - 01659552 _____ (Skype Technologies S.A.) C:\Users\Eric\Downloads\SkypeSetup.exe
2014-02-04 21:16 - 2014-01-06 17:50 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-02-04 15:22 - 2009-07-14 05:45 - 00026608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 15:22 - 2009-07-14 05:45 - 00026608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 15:20 - 2013-12-27 13:06 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F50AC969-C119-49F7-91BA-E60C0D81F6E7}
2014-02-04 15:20 - 2013-11-26 17:30 - 00699964 _____ () C:\Windows\system32\perfh007.dat
2014-02-04 15:20 - 2013-11-26 17:30 - 00149570 _____ () C:\Windows\system32\perfc007.dat
2014-02-04 15:20 - 2009-07-14 06:13 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-04 15:15 - 2013-11-26 17:24 - 00000225 _____ () C:\Windows\CryptoMill_CreoService.log
2014-02-04 15:15 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 15:14 - 2010-11-21 04:47 - 00182454 _____ () C:\Windows\PFRO.log
2014-02-04 15:14 - 2009-07-14 05:51 - 00053831 _____ () C:\Windows\setupact.log
2014-02-04 15:10 - 2014-01-03 17:27 - 00000000 ____D () C:\Users\Eric\AppData\Local\Clipboarder
2014-02-04 15:03 - 2011-02-11 14:51 - 01596206 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-31 21:22 - 2014-01-07 18:26 - 00000000 ____D () C:\Users\Eric\Documents\Zeichnungen
2014-01-31 21:22 - 2014-01-07 18:23 - 00000000 ____D () C:\Users\Eric\AppData\Local\TempSWSicherungsverzeichnis
2014-01-30 19:48 - 2014-01-30 19:48 - 00397312 _____ () C:\Users\Eric\Downloads\Lagerdeckel_Langgemach(1).SLDDRW
2014-01-30 19:46 - 2014-01-30 19:46 - 00397312 _____ () C:\Users\Eric\Downloads\Lagerdeckel_Langgemach.SLDDRW
2014-01-30 14:28 - 2014-01-07 18:18 - 00000000 ____D () C:\Users\Eric\AppData\Local\SolidWorks
2014-01-30 14:28 - 2013-12-27 14:24 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\SolidWorks
2014-01-27 20:52 - 2014-01-27 20:52 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\SolidWorks 2013
2014-01-26 14:25 - 2014-01-26 14:25 - 00001800 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-26 14:25 - 2014-01-26 14:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 14:25 - 2014-01-26 14:25 - 00000000 ____D () C:\Program Files\iTunes
2014-01-26 14:25 - 2014-01-26 14:25 - 00000000 ____D () C:\Program Files\iPod
2014-01-26 14:25 - 2014-01-26 14:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-26 14:22 - 2013-11-26 17:10 - 00000000 ____D () C:\ProgramData\Apple
2014-01-26 14:10 - 2014-01-04 15:58 - 00000000 ____D () C:\Users\Eric\AppData\Local\Adobe
2014-01-26 14:10 - 2013-09-13 20:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-26 14:10 - 2013-09-13 20:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 19:44 - 2014-01-24 19:44 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-01-24 19:44 - 2014-01-24 18:07 - 00001948 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-01-24 18:13 - 2014-01-21 15:24 - 00000000 ____D () C:\Users\Eric\AppData\Local\Spotify
2014-01-24 18:07 - 2014-01-24 18:07 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-01-24 18:07 - 2014-01-24 18:07 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-22 22:26 - 2014-01-22 22:20 - 24380486 _____ () C:\Users\Eric\Desktop\Physik und Chemie.zip
2014-01-22 22:18 - 2014-01-22 22:18 - 00000000 ____D () C:\Users\Eric\Desktop\Neuer Ordner
2014-01-22 20:30 - 2013-12-27 13:07 - 00000000 ____D () C:\Users\Eric\Documents\Bluetooth Folder
2014-01-22 15:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-21 16:11 - 2014-01-07 18:05 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\DassaultSystemes
2014-01-21 15:24 - 2014-01-21 15:24 - 00001807 _____ () C:\Users\Eric\Desktop\Spotify.lnk
2014-01-21 15:24 - 2014-01-21 15:24 - 00001793 _____ () C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-01-21 15:22 - 2014-01-21 15:22 - 00127080 _____ (Spotify Ltd) C:\Users\Eric\Downloads\SpotifySetup(1).exe
2014-01-21 15:21 - 2014-01-21 15:21 - 00127080 _____ (Spotify Ltd) C:\Users\Eric\Downloads\SpotifySetup.exe
2014-01-19 10:30 - 2014-01-07 17:10 - 00000000 ____D () C:\Users\Eric\AppData\Local\CrashDumps
2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 18:43 - 2014-01-15 21:09 - 00000000 ____D () C:\Program Files (x86)\Sibelius Software
2014-01-17 18:25 - 2014-01-17 18:25 - 06796432 _____ (Mindspark Interactive Network) C:\Users\Eric\Downloads\VideoDownloadConverterSetup.exe
2014-01-17 18:25 - 2014-01-17 18:06 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\DVDVideoSoft
2014-01-17 18:23 - 2014-01-17 18:09 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-01-17 18:21 - 2014-01-17 18:08 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\Eric\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230(1).exe
2014-01-17 18:19 - 2013-12-27 13:05 - 00000000 ____D () C:\Users\Eric\AppData\Local\VirtualStore
2014-01-17 18:10 - 2014-01-17 18:10 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\TuneUp Software
2014-01-17 18:09 - 2014-01-17 18:09 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-17 18:08 - 2014-01-17 18:08 - 00002461 _____ () C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-01-17 18:08 - 2014-01-17 18:07 - 00000000 ____D () C:\Users\Eric\AppData\Local\Smartbar
2014-01-17 18:06 - 2014-01-17 18:06 - 00001589 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-01-17 18:06 - 2014-01-17 18:06 - 00001272 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-01-17 18:06 - 2014-01-17 18:06 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\OpenCandy
2014-01-17 18:06 - 2014-01-17 18:06 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-01-17 16:38 - 2014-01-17 16:10 - 1118289683 _____ () C:\Users\Eric\Downloads\Ubuntu-11.10.7z
2014-01-17 16:11 - 2014-01-17 16:11 - 01396285 _____ () C:\Users\Eric\Downloads\USB-Installer-Win-Ubuntu.exe
2014-01-17 16:10 - 2014-01-17 16:09 - 09725202 _____ () C:\Users\Eric\Downloads\Oracle_VM_VirtualBox_Extension_Pack-4.1.8-75467.vbox-extpack
2014-01-17 16:09 - 2014-01-17 16:07 - 92193072 _____ (Oracle Corporation) C:\Users\Eric\Downloads\VirtualBox-4.1.8-75467-Win.exe
2014-01-17 16:05 - 2014-01-17 16:05 - 01095461 _____ (pendrivelinux.com) C:\Users\Eric\Downloads\Universal-USB-Installer-1.9.5.2.exe
2014-01-17 16:00 - 2014-01-04 15:05 - 00000000 ____D () C:\Users\Eric\AppData\Local\DigitalPersona,_Inc
2014-01-16 08:46 - 2013-11-26 17:24 - 00000225 _____ () C:\Windows\CryptoMill_CreoService.001
2014-01-16 08:45 - 2009-07-14 05:45 - 00462720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 08:27 - 2014-01-10 20:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 08:25 - 2014-01-10 20:57 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 21:47 - 2013-12-27 13:07 - 00135896 _____ () C:\Users\Eric\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-15 21:14 - 2014-01-15 21:12 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Sibelius Software
2014-01-15 21:13 - 2014-01-15 21:13 - 00000608 ____H () C:\ProgramData\T2
2014-01-15 21:13 - 2014-01-15 21:13 - 00000604 ____H () C:\Windows\T4
2014-01-15 21:13 - 2014-01-15 21:13 - 00000604 ____H () C:\Windows\SysWOW64\T3
2014-01-15 21:13 - 2014-01-15 21:13 - 00000604 ____H () C:\Program Files (x86)\STLL Notifier
2014-01-15 21:13 - 2014-01-15 21:13 - 00000000 ____D () C:\ProgramData\Sibelius Software
2014-01-15 21:11 - 2014-01-15 21:11 - 00000774 _____ () C:\Windows\KB893803v2.log
2014-01-15 20:55 - 2014-01-15 20:55 - 00000000 ____D () C:\Users\Eric\Documents\Sibelius Software
2014-01-15 20:55 - 2014-01-15 20:55 - 00000000 ____D () C:\Users\Eric\Documents\Sibelius 5.1 [h33t][poolpro]
2014-01-15 19:58 - 2014-01-15 19:58 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-01-13 16:46 - 2014-01-13 16:46 - 00000507 _____ () C:\Users\Eric\Downloads\signature.asc
2014-01-10 20:57 - 2013-09-13 20:02 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-01-10 20:55 - 2013-09-13 20:02 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-01-10 20:55 - 2013-09-13 20:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-01-10 20:10 - 2014-01-10 20:10 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\WinRAR
2014-01-10 20:09 - 2014-01-10 20:09 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-10 20:09 - 2014-01-10 20:09 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-10 20:09 - 2014-01-10 20:08 - 02083288 _____ () C:\Users\Eric\Downloads\winrar-x64-501d.exe
2014-01-09 13:56 - 2014-01-09 13:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-01-07 18:22 - 2013-12-27 14:56 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-01-07 18:17 - 2013-12-27 14:24 - 00000000 ____D () C:\Users\Eric\Downloads\sldim
2014-01-07 18:09 - 2014-01-07 18:09 - 00000000 ____D () C:\ProgramData\Simpoe
2014-01-07 18:09 - 2014-01-07 17:57 - 00000000 ____D () C:\Program Files\SolidWorks Corp
2014-01-07 18:08 - 2014-01-07 18:08 - 00000000 ____D () C:\ProgramData\COSMOS Applications
2014-01-07 18:07 - 2014-01-07 18:07 - 00002190 _____ () C:\Users\Eric\Desktop\SolidWorks eDrawings 2013 x64 Edition.lnk
2014-01-07 18:07 - 2014-01-07 18:07 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\help_images_otherUI
2014-01-07 18:07 - 2014-01-07 18:07 - 00000000 ____D () C:\ProgramData\SolidWorks Flow Simulation
2014-01-07 18:07 - 2014-01-07 18:07 - 00000000 _____ () C:\Windows\eDrawingOfficeAutomator.INI
2014-01-07 18:06 - 2014-01-04 15:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-07 18:05 - 2014-01-07 18:05 - 00000000 ____D () C:\Users\Eric\Documents\SolidWorks Visual Studio Tools for Applications
2014-01-07 18:05 - 2014-01-07 18:05 - 00000000 ____D () C:\Users\Eric\AppData\Local\DassaultSystemes
2014-01-07 18:05 - 2014-01-07 18:05 - 00000000 ____D () C:\ProgramData\DassaultSystemes
2014-01-07 18:03 - 2014-01-07 17:39 - 00000000 ____D () C:\SolidWorks Data (2)
2014-01-07 18:01 - 2014-01-07 18:01 - 00002819 _____ () C:\Users\Public\Desktop\SolidWorks 2013 x64 Edition.lnk
2014-01-07 18:00 - 2013-12-27 14:40 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared
2014-01-07 17:57 - 2014-01-07 17:57 - 00000000 ____D () C:\ProgramData\SolidWorks
2014-01-07 17:57 - 2014-01-07 17:57 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-07 17:56 - 2014-01-07 17:56 - 00000000 ____D () C:\Users\Eric\Documents\Visual Studio 2005
2014-01-07 17:56 - 2014-01-04 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-01-07 17:55 - 2014-01-04 15:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-07 17:54 - 2014-01-07 17:37 - 00000000 ____D () C:\Windows\SolidWorks
2014-01-07 17:37 - 2014-01-07 17:37 - 00356904 _____ () C:\Users\Eric\Downloads\setup(1).exe
2014-01-07 17:21 - 2014-01-07 17:21 - 01470495 _____ () C:\Users\Eric\Documents\IM_Logs.zip
2014-01-07 17:19 - 2014-01-06 21:40 - 00000000 ____D () C:\SolidWorks Data
2014-01-07 17:13 - 2014-01-07 17:13 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-01-07 17:13 - 2014-01-07 17:13 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-01-07 17:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-01-07 17:11 - 2014-01-07 17:11 - 00000000 ____D () C:\Program Files (x86)\MSECache
Files to move or delete:
====================
C:\Users\Eric\Setup.exe
Some content of TEMP:
====================
C:\Users\Eric\AppData\Local\Temp\ose00000.exe
C:\Users\Eric\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 10:50
==================== End Of Log ============================
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2014
Ran by Eric at 2014-02-06 09:19:07
Running from C:\Users\Eric\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (x32 Version: 11.2.202.228 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0440 (Version: 5.0.7 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Energy Star (x32 Version: 1.0.9 - Hewlett-Packard Company)
Free YouTube to MP3 Converter version 3.12.20.1230 (x32 Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Hewlett-Packard ACLM.NET v1.2.2.2 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (x32 Version: 6.0.15.1 - Hewlett-Packard Company)
HP Client Security Manager (Version: 8.2.0.1663 - Hewlett-Packard Company)
HP Client Security Manager (Version: 8.2.0.1663 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Device Access Manager (Version: 8.2.0.10 - Hewlett-Packard Company)
HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)
HP Drive Encryption (Version: 8.6.1.160 - Hewlett-Packard Company)
HP Drive Encryption (Version: 8.6.1.160 - Hewlett-Packard Company) Hidden
HP ESU for Microsoft Windows 7 (x32 Version: 2.3.1 - Hewlett-Packard Company)
HP HD Webcam Driver (x32 Version: 3.4.8.30 - SunplusIT)
HP Hotkey Support (x32 Version: 5.0.20.1 - Hewlett-Packard Company)
HP PageLift (x32 Version: 1.0.11.1 - Hewlett-Packard Company)
HP Postscript Converter (Version: 4.5.12120 - Hewlett-Packard) Hidden
HP Setup (x32 Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (x32 Version: 3.4.11.0 - Hewlett-Packard Company)
HP Software Setup (x32 Version: 8.7.1.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.3.32.6 - Hewlett-Packard Company)
HP Support Information (x32 Version: 13.00.0000 - Hewlett-Packard)
HP System Default Settings (x32 Version: 2.6.1 - Hewlett-Packard Company)
HP Theft Recovery (x32 Version: 8.2.0.9 - Hewlett-Packard Company)
HP Theft Recovery (x32 Version: 8.2.0.9 - Hewlett-Packard Company) Hidden
HP Trust Circles (Version: 8.2.15.16418 - CryptoMill Technologies Ltd.) Hidden
HP Trust Circles (x32 Version: 8.2.15.16418 - CryptoMill Technologies)
IDT Audio (x32 Version: 1.0.6486.0 - IDT)
Intel(R) Management Engine Components (x32 Version: 9.5.12.1688 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3272 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.7.3.1001 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (Version: 11.1.4.62 - Apple Inc.)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (x32 Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MPC-HC 1.7.1 (64-bit) (Version: 1.7.1.0 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF-Viewer (Version: 2.5.213.1 - Tracker Software Products Ltd)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.230 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (x32 Version: 1.1.9200.18 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (x32 Version: 7.73.618.2013 - Realtek)
Search Protect (x32 Version: 2.9.65.0 - Conduit) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.13 (x32 Version: 6.13.104 - Skype Technologies S.A.)
SolidWorks 2013 x64 Edition SP03 (Version: 21.130.60 - SolidWorks) Hidden
SolidWorks 2013 x64 Edition SP03 (x32 Version: 21.3.0.60 - SolidWorks Corporation)
SolidWorks 2013 x64 German Resources (Version: 21.130.60 - SolidWorks Corporation) Hidden
SolidWorks eDrawings 2013 x64 Edition SP03 (Version: 13.3.111 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Flow Simulation 2013 SP03 x64 Edition (Version: 21.30.61 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2013 SP03 x64 Edition (Version: 21.30.60 - SolidWorks Corporation) Hidden
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Synaptics Pointing Device Driver (Version: 17.0.8.3 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
Validity Fingerprint Sensor Driver (Version: 4.5.130.0 - Validity Sensors, Inc.)
WinRAR 5.01 (64-Bit) (Version: 5.01.0 - win.rar GmbH)
Yahoo Community Smartbar (x32 Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION
==================== Restore Points =========================
16-01-2014 07:24:29 Windows Update
17-01-2014 17:41:52 Removed Sibelius 5
17-01-2014 17:43:57 TuneUp Utilities 2014 wird entfernt
17-01-2014 17:44:25 TuneUp Utilities 2014 (de-DE) wird entfernt
19-01-2014 09:02:49 Windows Update
22-01-2014 19:49:58 Windows Update
26-01-2014 13:16:37 Windows Update
29-01-2014 19:29:50 Windows Update
04-02-2014 13:57:15 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0271389B-BCE9-45B2-9716-CC306FC19B1C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {422F5AA9-A005-4E76-B5F2-BBADE33D4C62} - System32\Tasks\{762B59CA-7551-4C67-BF10-CED3EE57A199} => C:\Program Files (x86)\SolidWorks Corp\SolidWorks Explorer\SolidWorks Explorer 2013\solidworksexplorer.exe
Task: {6DF31DEE-84E6-4874-862D-D252C8581ECB} - System32\Tasks\{CD9E9DD7-C4FC-4094-B2FA-CBA46DC6B094} => C:\Program Files (x86)\SolidWorks Corp\SolidWorks Explorer\SolidWorks Explorer 2013\solidworksexplorer.exe
Task: {73DFD372-D604-4D24-95C2-DBB705AEDBFB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {80AC2DBD-A028-4ECA-9A7A-7CFDC22F198A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-09] (Hewlett-Packard Company)
Task: {83BC150B-7A72-4693-94A4-B26E0BB4595E} - System32\Tasks\{0453D3A2-683F-441F-9897-9A2D4133E7E4} => C:\Program Files (x86)\SolidWorks Corp\SolidWorks Explorer\SolidWorks Explorer 2013\solidworksexplorer.exe
Task: {8649E3F8-5418-4D94-9094-A1B99C1752AC} - System32\Tasks\{72101FD5-BFF3-4E01-B2C5-B6A40CDBE203} => C:\Program Files (x86)\SolidWorks Corp\SolidWorks Explorer\SolidWorks Explorer 2013\solidworksexplorer.exe
Task: {9D2C4669-82B2-4339-8B82-E257ACEB579D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-09] (Hewlett-Packard Company)
Task: {D31D72EA-59D1-430F-BE44-658D62B5C86A} - System32\Tasks\{4AE5DEDD-CF53-49E1-B798-3F8BEFE36CE1} => C:\Program Files (x86)\SolidWorks Corp\SolidWorks Explorer\SolidWorks Explorer 2013\solidworksexplorer.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2013-06-28 15:00 - 2013-06-28 15:00 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-12-30 10:48 - 2013-12-30 10:48 - 00539648 _____ () C:\Users\Eric\AppData\Local\Microsoft\Windows Sidebar\Gadgets\ClipboarderDLLs\Clipboarder.64.220.dll
2013-03-28 21:34 - 2013-03-28 21:34 - 00276008 _____ () C:\Program Files\SolidWorks Corp\SolidWorks\sldBodyDiffu.dll
2013-06-28 15:08 - 2013-06-28 15:08 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-06-28 14:56 - 2013-06-28 14:56 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00034072 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00062232 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\srau.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00149784 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00111896 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 02056984 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00055064 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\spbl.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00012568 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\siem.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00048408 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\sppsm.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00727320 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00081688 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00013592 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00016664 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00030488 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\srut.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00019736 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\srsbs.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00057112 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00014104 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\srpdm.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00013592 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\sgml.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00052504 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-11-21 09:48 - 2013-11-21 09:48 - 00047384 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-11-21 09:48 - 2013-11-21 09:48 - 00025368 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00024856 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-11-21 09:49 - 2013-11-21 09:49 - 00248088 _____ () C:\Users\Eric\AppData\Local\Smartbar\Application\srns.dll
2014-01-06 17:20 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf
2013-11-26 16:59 - 2013-07-26 06:24 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-01-21 15:24 - 2014-01-21 15:24 - 36967424 _____ () C:\Users\Eric\AppData\Roaming\Spotify\Data\libcef.dll
2014-01-21 15:24 - 2014-01-21 15:24 - 00887808 _____ () C:\Users\Eric\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-01-21 15:24 - 2014-01-21 15:24 - 00109568 _____ () C:\Users\Eric\AppData\Roaming\Spotify\Data\libegl.dll
2014-01-24 18:07 - 2014-01-26 14:10 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2014 10:49:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045
Error: (02/05/2014 10:49:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1045
Error: (02/05/2014 10:49:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2014 08:09:35 PM) (Source: MsiInstaller) (User: Eric-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (02/05/2014 09:17:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6022
Error: (02/05/2014 09:17:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6022
Error: (02/05/2014 09:17:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2014 09:17:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008
Error: (02/05/2014 09:17:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008
Error: (02/05/2014 09:17:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (02/06/2014 09:10:47 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B5388727-4751-4BCA-BC42-99947A814410}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/05/2014 07:39:29 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B5388727-4751-4BCA-BC42-99947A814410}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/05/2014 07:29:20 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B5388727-4751-4BCA-BC42-99947A814410}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2014 07:40:05 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B5388727-4751-4BCA-BC42-99947A814410}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2014 07:28:03 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B5388727-4751-4BCA-BC42-99947A814410}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2014 03:18:38 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B5388727-4751-4BCA-BC42-99947A814410}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/04/2014 03:15:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP File Sanitizer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (02/04/2014 03:13:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst DigitalPersona-Authentifizierungsdienst konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (02/04/2014 02:57:37 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B5388727-4751-4BCA-BC42-99947A814410}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/01/2014 09:51:23 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B5388727-4751-4BCA-BC42-99947A814410}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (02/05/2014 10:49:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045
Error: (02/05/2014 10:49:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1045
Error: (02/05/2014 10:49:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2014 08:09:35 PM) (Source: MsiInstaller)(User: Eric-HP)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (02/05/2014 09:17:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6022
Error: (02/05/2014 09:17:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6022
Error: (02/05/2014 09:17:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2014 09:17:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008
Error: (02/05/2014 09:17:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008
Error: (02/05/2014 09:17:32 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 53%
Total physical RAM: 3977.11 MB
Available physical RAM: 1844.02 MB
Total Pagefile: 7952.4 MB
Available Pagefile: 4918.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:450.66 GB) (Free:375.45 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.09 GB) (Free:1.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 618D8341)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)
==================== End Of Log ============================
GMER.txt Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-06 09:40:41
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\000000a1 ST500LT0 rev.0001 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Eric\AppData\Local\Temp\kfldapog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031ac000 45 bytes [00, 00, 51, 02, 54, 68, 72, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800031ac02f 16 bytes [00, 04, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe[5248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000773f1465 2 bytes [3F, 77]
.text C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe[5248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000773f14bb 2 bytes [3F, 77]
.text ... * 2
---- Processes - GMER 2.1 ----
Library C:\Users\Eric\AppData\Local\Microsoft\Windows Sidebar\Gadgets\ClipboarderDLLs\Clipboarder.220.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2576] (ClipLogNet/Helmut Buhler)(2013-12-30 09:48:41) 0000000062b40000
Library C:\Users\Eric\AppData\Local\Microsoft\Windows Sidebar\Gadgets\ClipboarderDLLs\Clipboarder.64.220.dll (*** suspicious ***) @ C:\Program Files\Windows Sidebar\sidebar.exe [2576](2013-12-30 09:48:41) 000007fee3360000
Library C:\Users\Eric\AppData\Roaming\newnext.me\nengine.dll (*** suspicious ***) @ C:\Windows\SysWOW64\rundll32.exe [3788] (NewNext Helper Engine/NewNextDotMe)(2013-12-27 12:15:46) 0000000068550000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\40f02f2f8ae4
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\40f02f2f8ae4@4caa16a60482 0x6F 0xDF 0xCE 0xF8 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\40f02f2f8ae4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\40f02f2f8ae4@4caa16a60482 0x6F 0xDF 0xCE 0xF8 ...
---- EOF - GMER 2.1 ----
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
