| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Yahoo Smartbar laesst sich im Control Panel nicht loeschenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.09.2014, 21:16
| #1 |
 |  Yahoo Smartbar laesst sich im Control Panel nicht loeschen Hallo liebes Trojaner-Board-Team, ich habe mir irgendwie die Yahoo Smartbar heruntergeladen und seither versucht diese immer alles ueber yahoo zu oeffnen. Mein Laptop (ganz neu), ist auch auf einmal total langsam. Ich habe die Smartbar bereits aus firefox entfernt, bzw. deaktiviert. Sie kommt aber einfach immer wieder und ich kann sie nicht loeschen. Auch im Contral Panel funktioniert es nicht. Dort taucht sie auch immer wieder auf, bzw. laesst sich lediglich verbergen. Ich freue mich auf schnelle Hilfe. LG Mareike |
|
03.09.2014, 05:50
| #2 |
| /// the machine /// TB-Ausbilder    | Yahoo Smartbar laesst sich im Control Panel nicht loeschen hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.09.2014, 11:57
| #3 |
| | Yahoo Smartbar laesst sich im Control Panel nicht loeschen Hallo,
__________________hier nun die FRST-Datei: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by Mika at 2014-09-04 12:46:50
Running from C:\Users\Mika\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat X Suite (HKLM-x32\...\{3F41BA46-09C3-4500-96D7-DC4390AD0124}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.08 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Captivate Quiz Results Analyzer (HKLM-x32\...\QuizResultsAnalyzer.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Captivate Quiz Results Analyzer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Captivate Reviewer (HKLM-x32\...\AdobeCaptivateReviewer2.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Captivate Reviewer (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.6603 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.3214 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3123 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.3126 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (x32 Version: 12.0.3205.55 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E17BF11-A72D-4DA8-BFAA-DD262C17C2DE}) (Version: - Microsoft)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Custom Help (Version: 16.05.1000.0264 - Intel Corporation) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{D9D0E75C-F791-402A-98E2-A2F43E7B0CE3}) (Version: 1.1.1054.0 - Dell Inc.)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson Network Guide WF-2540 Series (HKLM-x32\...\WF-2540 Series Netg) (Version: - )
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson User's Guide WF-2540 Series (HKLM-x32\...\WF-2540 Series Useg) (Version: - )
EPSON WF-2540 Series Printer Uninstall (HKLM\...\EPSON WF-2540 Series) (Version: - SEIKO EPSON Corporation)
EPSON WorkForce 845 Series Printer Uninstall (HKLM\...\EPSON WorkForce 845 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.05.1000.0574 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1327.1) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{f782ff3b-2729-43d2-973c-8de9d966ab4f}) (Version: 16.5.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.05.1000.0264 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NICI U.S./Worldwide 2.77.1.0 (x64) (HKLM\...\{123B3157-26AF-43F5-AD46-AB200AC56292}) (Version: 2.77.1.0 - Novell, Inc.)
Novell Client for Windows (HKLM\...\Novell Client for Windows) (Version: 2 SP3 - Novell, Inc.)
OCS Inventory NG Agent 2.0.4.0 (HKLM-x32\...\OCS Inventory NG Agent) (Version: 2.0.4.0 - OCS Inventory NG Team)
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.5.4.2686 - ownCloud)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.14 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
RUBICon (HKLM-x32\...\{438134D3-0BD4-4C52-8575-5B2B63AD01C2}) (Version: 2.0.25 - RUB)
SCR3xxx Smart Card Reader (HKLM-x32\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
Sophos Remote Management System (HKLM-x32\...\{FED1005D-CBC8-45D5-A288-FFC7BB304121}) (Version: 3.4.1 - Sophos Limited)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{B74255AD-6736-4648-A35E-CCB2D38D3818}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{2B0BC4FE-4936-4EC6-8521-526CF31B3DC4}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8260F0BF-F234-41FC-AB11-218A9925F77B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FA74B1B8-D3F4-4B4A-88DE-41CB8CEDAC3F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{6E2862B8-C10A-4FD0-9B82-8D9761301AAA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4A0B4ED7-3652-42C9-9D7E-42686986F69A}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E2C51083-2E10-4E61-8F36-E6308DD0FA94}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{650D4F00-56F1-4E8F-ABFD-7C842253C96A}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{6818F6FB-6270-4DE8-9827-40E852111F2A}) (Version: 11.88.66.18547 - Linkury Inc.) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1401536446-3937075962-3797694313-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Mika\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1401536446-3937075962-3797694313-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Mika\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1401536446-3937075962-3797694313-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Mika\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1401536446-3937075962-3797694313-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Mika\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
07-08-2014 20:55:58 Installed Java 7 Update 67
15-08-2014 13:52:51 Scheduled Checkpoint
22-08-2014 20:24:21 Windows Update
24-08-2014 19:14:47 Removed AVG PC TuneUp 2014
01-09-2014 08:38:12 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {11659BF4-558C-4C3B-853F-06FECA34C7AE} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {1B2BF8DD-A5F3-443E-9784-DD89D84A32C1} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23414E0B-9EFA-43EC-B96E-5A7C9BC83FC4} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1401536446-3937075962-3797694313-1001
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D4CE93F-7BB8-41E9-8B07-28586282C63E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {305519EB-20D7-4C4B-AD23-4CF5F9BA3E5B} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B39C4DC-BA26-4D7E-9CEE-B7467AAC4260} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5DC5B020-B715-4915-AD75-B95E50E6BFE2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-02] (Synaptics Incorporated)
Task: {5F3365BC-2E42-45CC-AF4A-790015D2535B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {697FDBB6-B708-48C0-9F32-0991B38D369C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {745EDC17-6674-4860-986E-1E2D84EBF812} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7A941184-7D06-4463-AC2A-5E4483274381} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9145FCF9-AC1D-4F37-909A-B0D518D0C7AF} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AF485B05-42E2-46AA-AD96-1B4BDDB0A0EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-06] (Google Inc.)
Task: {B661E6F8-CC08-4A08-92BA-2DA78E5470CC} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {BBBABFFF-723B-4B9F-A3A4-EB4102E8ACB5} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {C6912531-DD93-4A5D-9600-B4E13DE69723} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-06] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D90E4531-2999-4082-A356-FA0A5A5EC883} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F4B36036-046B-4271-9996-1A1EC1FAB3DA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-27 12:59 - 2013-01-16 00:17 - 01004088 _____ () C:\Windows\system32\ncnetprovider.dll
2013-08-27 12:59 - 2013-01-16 00:17 - 00109112 _____ () C:\Windows\system32\NCLangID.dll
2013-08-27 12:59 - 2013-01-16 00:17 - 00174648 _____ () C:\Windows\system32\MAPBASE.dll
2013-08-27 12:59 - 2013-01-16 00:17 - 00272440 _____ () C:\Windows\system32\NWSHLXNT.dll
2013-08-27 12:59 - 2013-01-16 12:02 - 00015872 _____ () C:\Windows\system32\nls\ENGLISH\NCLangIDR.DLL
2013-08-27 12:59 - 2013-01-16 12:06 - 00086016 _____ () C:\Windows\system32\nls\ENGLISH\MAPBASER.DLL
2013-08-27 12:59 - 2013-01-16 12:07 - 00101376 _____ () C:\Windows\system32\nls\ENGLISH\NWSHLXNTR.DLL
2013-08-27 12:59 - 2013-01-16 12:08 - 00488448 _____ () C:\Windows\system32\nls\ENGLISH\ncnetproviderR.DLL
2013-08-27 12:59 - 2013-01-16 00:17 - 00048696 _____ () C:\Windows\system32\ncv1_0.DLL
2013-08-27 12:59 - 2013-01-16 12:02 - 00015872 _____ () C:\Windows\SYSTEM32\nls\ENGLISH\NCLangIDR.DLL
2013-08-27 12:59 - 2013-01-16 00:17 - 00152120 _____ () C:\Program Files\Novell\Client\XTier\Common\libslp.dll
2014-07-27 11:41 - 2014-07-27 11:41 - 08892576 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-27 12:59 - 2013-01-16 00:17 - 00039992 _____ () C:\Program Files\Novell\Client\nwtray.exe
2013-08-27 12:59 - 2013-01-16 00:17 - 01004088 _____ () C:\Windows\SYSTEM32\NCNetProvider.DLL
2013-08-27 12:59 - 2013-01-16 00:17 - 00109112 _____ () C:\Windows\SYSTEM32\NCLangID.dll
2013-08-27 12:59 - 2013-01-16 00:17 - 00174648 _____ () C:\Windows\SYSTEM32\MAPBASE.dll
2013-08-27 12:59 - 2013-01-16 00:17 - 00272440 _____ () C:\Windows\SYSTEM32\NWSHLXNT.dll
2013-08-27 12:59 - 2013-01-16 12:06 - 00086016 _____ () C:\Windows\SYSTEM32\nls\ENGLISH\MAPBASER.DLL
2013-08-27 12:59 - 2013-01-16 12:07 - 00101376 _____ () C:\Windows\SYSTEM32\nls\ENGLISH\NWSHLXNTR.DLL
2013-08-27 12:59 - 2013-01-16 12:08 - 00488448 _____ () C:\Windows\SYSTEM32\nls\ENGLISH\NCNetProviderR.DLL
2014-01-05 04:14 - 2014-04-30 17:35 - 00486880 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2013-12-21 08:05 - 2013-12-21 08:05 - 00133120 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOfficeAddin.DEU
2014-04-24 10:24 - 2014-04-24 10:24 - 01055808 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 01539136 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 00183360 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_DynamicAny.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 00760896 _____ () C:\Program Files (x86)\Sophos\Remote Management System\LIBEAY32.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 00076864 _____ () C:\Program Files (x86)\Sophos\Remote Management System\ACE_SSL.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 00146496 _____ () C:\Program Files (x86)\Sophos\Remote Management System\SSLEAY32.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 00535616 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_PortableServer.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.DLL
2014-04-24 10:24 - 2014-04-24 10:24 - 00740416 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Security.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 00039488 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_Valuetype.dll
2014-04-24 10:24 - 2014-04-24 10:24 - 00244800 _____ () C:\Program Files (x86)\Sophos\Remote Management System\TAO_SSLIOP.dll
2011-09-29 18:19 - 2011-09-29 18:19 - 00067584 _____ () C:\Program Files (x86)\OCS Inventory Agent\zlib1.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00047400 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00071464 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\srau.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00166696 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 02344232 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00067880 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\spbl.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00159528 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00015144 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\siem.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00067880 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\sppsm.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00698152 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00015656 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00079656 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00027944 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00069928 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\srut.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00030504 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\srsbs.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00066344 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00151336 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\smti.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00032040 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\srom.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00032040 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\smtu.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00040232 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\smta.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00070440 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\smsp.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00046888 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\srbu.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00025384 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\sgml.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00062760 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00025896 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\srpdm.dll
2014-07-21 14:32 - 2014-07-21 14:32 - 00044328 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00036648 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-07-21 14:33 - 2014-07-21 14:33 - 00256296 _____ () C:\Users\Mika\AppData\Local\Smartbar\Application\srns.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2014-01-05 04:06 - 2013-03-05 05:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 21:41 - 2013-03-05 21:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-01-05 03:59 - 2013-09-04 02:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-05-02 17:44 - 2013-12-18 00:47 - 01904928 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-01-05 04:14 - 2012-11-26 09:20 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-01-05 04:14 - 2012-11-26 09:20 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2014-08-15 22:44 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-15 22:44 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-15 22:44 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-15 22:44 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-15 22:44 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-15 22:44 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Mika\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Mika\SkyDrive.old:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/04/2014 00:45:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/04/2014 03:17:38 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/04/2014 00:06:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20573 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1cd8
Start Time: 01cfc717154e1195
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
Report Id: 93ea17e2-33b6-11e4-827c-fcf8ae3cd0dd
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (09/02/2014 09:44:33 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT AUTHORITY)
Description: DNS lookup failure trying to resolve the following addresses: baal,fe80::e5fb:d6dc:265b:6126.%%3
Error: (09/01/2014 11:59:06 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/01/2014 02:03:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/01/2014 10:09:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20573 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1958
Start Time: 01cfc56332f5a1fb
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
Report Id: 5483b9ef-31af-11e4-827b-fcf8ae3cd0dd
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (08/31/2014 11:36:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (08/31/2014 11:36:29 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/31/2014 11:36:29 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
System errors:
=============
Error: (09/02/2014 09:39:23 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee AP Service service depends on the following service: mfevtp. This service might not be installed.
Error: (08/31/2014 09:34:06 PM) (Source: DCOM) (EventID: 10016) (User: EWBFBM-MBL15)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}EWBFBM-MBL15MikaS-1-5-21-1401536446-3937075962-3797694313-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (08/31/2014 09:33:54 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee AP Service service depends on the following service: mfevtp. This service might not be installed.
Error: (08/31/2014 09:33:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:27:26 on 31/08/2014 was unexpected.
Error: (08/31/2014 09:31:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053
Error: (08/31/2014 09:30:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error:
%%1053
Error: (08/31/2014 09:27:29 PM) (Source: DCOM) (EventID: 10005) (User: EWBFBM-MBL15)
Description: 1053wercplsupportUnavailable{0E9A7BB5-F699-4D66-8A47-B919F5B6A1DB}
Error: (08/31/2014 09:27:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Problem Reports and Solutions Control Panel Support service failed to start due to the following error:
%%1053
Error: (08/31/2014 09:27:27 PM) (Source: DCOM) (EventID: 10005) (User: EWBFBM-MBL15)
Description: 1053wercplsupportUnavailable{0E9A7BB5-F699-4D66-8A47-B919F5B6A1DB}
Error: (08/31/2014 09:27:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Problem Reports and Solutions Control Panel Support service failed to start due to the following error:
%%1053
Microsoft Office Sessions:
=========================
Error: (09/04/2014 00:45:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/04/2014 03:17:38 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/04/2014 00:06:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.205731cd801cfc717154e11954294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe93ea17e2-33b6-11e4-827c-fcf8ae3cd0ddmicrosoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (09/02/2014 09:44:33 PM) (Source: Sophos Message Router) (EventID: 8005) (User: NT AUTHORITY)
Description: baal,fe80::e5fb:d6dc:265b:6126
Error: (09/01/2014 11:59:06 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/01/2014 02:03:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/01/2014 10:09:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20573195801cfc56332f5a1fb4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe5483b9ef-31af-11e4-827b-fcf8ae3cd0ddmicrosoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (08/31/2014 11:36:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (08/31/2014 11:36:29 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (08/31/2014 11:36:29 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
CodeIntegrity Errors:
===================================
Date: 2014-04-23 11:45:25.762
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-04-23 11:45:25.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-04-23 11:45:25.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 29%
Total physical RAM: 8096.64 MB
Available physical RAM: 5743.82 MB
Total Pagefile: 9376.64 MB
Available Pagefile: 6615.02 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:922.82 GB) (Free:863.82 GB) NTFS
Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:7.56 GB) (Free:0.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3FA227C9)
Partition: GPT Partition Type.
==================== End Of Log ============================
Viele Gruesse und danke Mareike FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Mika (administrator) on EWBFBM-MBL15 on 04-09-2014 12:44:45
Running from C:\Users\Mika\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Novell, Inc.) C:\Program Files\Novell\Client\XTier\Services\xtsvcmgr.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files (x86)\USBDLM\USBDLM.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(OCS Inventory NG) C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files (x86)\USBDLM\USBDLM_usr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Novell\Client\nwtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHSA.EXE
(Smartbar) C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.exe
(OCS Inventory NG) C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760432 2013-08-03] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NWTRAY] => C:\Program Files\Novell\Client\nwtray.exe [39992 2013-01-16] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-20] (Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1401536446-3937075962-3797694313-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1401536446-3937075962-3797694313-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Mika\AppData\Local\Smartbar\Application\Smartbar.exe [28968 2014-07-21] (Smartbar)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-20] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-20] (Sophos Limited)
Lsa: [Authentication Packages] msv1_0 ncv1_0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OCS Inventory NG Systray.lnk
ShortcutTarget: OCS Inventory NG Systray.lnk -> C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe (OCS Inventory NG)
ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4KAa6bwkWJ24FuiCLw,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx5uOmQWjz0I6WMitNn7d-aMUiVHM5tTYIvyyWxOMQBP9ZwO2gRkBDGuPJp68KMLBgsyr8iNF-HU2qRyErnfcLmEiLFSQAE0A,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4KAa6bwkWJ24FuiCLw,,&q={searchTerms}
SearchScopes: HKLM - DefaultScope {12E797B7-A75C-4051-B4D9-8F48480ECCE7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {12E797B7-A75C-4051-B4D9-8F48480ECCE7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4srFFaxk8fDnMJwYwA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4srFFaxk8fDnMJwYwA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4KAa6bwkWJ24FuiCLw,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4KAa6bwkWJ24FuiCLw,,&q={searchTerms}
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-04-24]
Chrome:
=======
CHR Profile: C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Google Drive) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (YouTube) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (Google Search) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-04-24]
CHR Extension: (Hola Better Internet) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-16]
CHR Extension: (Babbel-Knopf für Google Chrome™) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdoppplimagabiddoakkgppnpfglein [2014-04-30]
CHR Extension: (Google Wallet) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [148688 2014-07-22] (Dell Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-08-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe [35840 2012-01-27] (OCS Inventory NG) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-20] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-20] (Sophos Limited)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2014-04-24] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-20] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2014-04-24] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-20] (Sophos Limited)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300328 2014-05-20] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-20] (Sophos Limited)
R2 USBDLM; C:\Program Files (x86)\USBDLM\USBDLM.exe [337888 2012-01-15] (Uwe Sieber - www.uwe-sieber.de) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 XTSvcMgr; C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe [20536 2013-01-16] (Novell, Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-24] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385784 2013-06-27] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [114632 2013-07-01] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 NCFilter; C:\Windows\System32\DRIVERS\NCFilter.sys [112696 2013-01-16] ()
R2 NCFSD; C:\Program Files\Novell\Client\XTier\Drivers\ncfsd.sys [115256 2013-01-16] ()
R2 NCIOCTL; C:\Program Files\Novell\Client\XTier\Drivers\ncioctl.sys [90680 2013-01-16] ()
R0 NCRecognizer; C:\Windows\System32\DRIVERS\NCRecognizer.sys [120376 2013-01-16] ()
R0 NCUncFilter; C:\Windows\System32\DRIVERS\NCUncFilter.sys [26680 2013-01-16] ()
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
R1 NICM; C:\Program Files\Novell\Client\XTier\Drivers\nicm.sys [31800 2013-01-16] (Novell, Inc.)
S3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73984 2013-06-05] (Identive)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-20] (Sophos Limited)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2014-05-20] (Sophos Limited)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-02] (Synaptics Incorporated)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2014-05-20] (Sophos Limited)
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2014-05-20] (Sophos Limited)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
U3 nccache; C:\Program Files\Novell\Client\XTier\Drivers\nccache.sys [55864 2013-01-16] (Novell, Inc.)
U3 nciom; C:\Program Files\Novell\Client\XTier\Drivers\nciom.sys [80952 2013-01-16] (Novell, Inc.)
U3 ncp; C:\Program Files\Novell\Client\XTier\Drivers\ncp.sys [79416 2013-01-16] (Novell, Inc.)
U3 ncpfsp; C:\Program Files\Novell\Client\XTier\Drivers\ncpfsp.sys [101944 2013-01-16] (Novell, Inc.)
U3 ncpl; C:\Program Files\Novell\Client\XTier\Drivers\ncpl.sys [49720 2013-01-16] (Novell, Inc.)
U3 ndm; C:\Program Files\Novell\Client\XTier\Drivers\ndm.sys [20024 2013-01-16] (Novell, Inc.)
U3 ndmndap; C:\Program Files\Novell\Client\XTier\Drivers\ndmndap.sys [84024 2013-01-16] (Novell, Inc.)
U3 niam; C:\Program Files\Novell\Client\XTier\Drivers\niam.sys [39480 2013-01-16] (Novell, Inc.)
U3 nipctl; C:\Program Files\Novell\Client\XTier\Drivers\nipctl.sys [56376 2013-01-16] (Novell, Inc.)
U3 nscm; C:\Program Files\Novell\Client\XTier\Drivers\nscm.sys [37944 2013-01-16] (Novell, Inc.)
U3 nsns; C:\Program Files\Novell\Client\XTier\Drivers\nsns.sys [25656 2013-01-16] (Novell, Inc.)
U3 nsvccost; C:\Program Files\Novell\Client\XTier\Drivers\nsvccost.sys [36408 2013-01-16] (Novell, Inc.)
U3 xtxplat; C:\Program Files\Novell\Client\XTier\Drivers\xtxplat.sys [59960 2013-01-16] (Novell, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-04 12:44 - 2014-09-04 12:45 - 00030066 _____ () C:\Users\Mika\Downloads\FRST.txt
2014-09-04 12:44 - 2014-09-04 12:45 - 00000000 ____D () C:\FRST
2014-09-04 12:44 - 2014-09-04 12:44 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64.exe
2014-09-02 21:54 - 2014-09-02 21:54 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (2).xlsx
2014-09-02 21:52 - 2014-09-02 21:52 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (1).xlsx
2014-09-02 21:41 - 2014-09-02 21:42 - 00025067 _____ () C:\Users\Mika\Downloads\college co-voiturage.xlsx
2014-08-31 22:48 - 2014-08-31 22:48 - 00000545 _____ () C:\Users\Mika\Downloads\calendrier_20150402000000_20150410235900.vcs
2014-08-27 23:43 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 00:02 - 2014-05-20 21:43 - 00032512 _____ (Sophos Limited) C:\Windows\system32\Drivers\swi_callout.sys
2014-08-25 17:37 - 2014-08-25 17:37 - 01998244 _____ () C:\Users\Mika\Downloads\attachments (12).zip
2014-08-25 17:36 - 2014-08-25 17:36 - 02107228 _____ () C:\Users\Mika\Downloads\attachments (11).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 03255969 _____ () C:\Users\Mika\Downloads\attachments (10).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 02674751 _____ () C:\Users\Mika\Downloads\attachments (9).zip
2014-08-25 17:34 - 2014-08-25 17:34 - 02270156 _____ () C:\Users\Mika\Downloads\attachments (8).zip
2014-08-25 17:33 - 2014-08-25 17:33 - 02963525 _____ () C:\Users\Mika\Downloads\attachments (7).zip
2014-08-25 17:32 - 2014-08-25 17:33 - 01945200 _____ () C:\Users\Mika\Downloads\attachments (6).zip
2014-08-25 17:30 - 2014-08-25 17:30 - 02325830 _____ () C:\Users\Mika\Downloads\attachments (5).zip
2014-08-25 17:28 - 2014-08-25 17:29 - 02392400 _____ () C:\Users\Mika\Downloads\attachments (4).zip
2014-08-25 17:16 - 2014-08-25 17:17 - 02847479 _____ () C:\Users\Mika\Downloads\attachments (3).zip
2014-08-25 17:12 - 2014-08-25 17:12 - 03490850 _____ () C:\Users\Mika\Downloads\attachments (2).zip
2014-08-25 17:11 - 2014-08-25 17:11 - 03023231 _____ () C:\Users\Mika\Downloads\attachments (1).zip
2014-08-25 16:59 - 2014-08-25 17:43 - 00000000 ____D () C:\Users\Mika\Desktop\Sommer 2014 bei den Roths
2014-08-24 21:25 - 2014-08-24 22:40 - 602974611 _____ () C:\Users\Mika\Desktop\Dokumentation-112_Hochzeiten.mp4
2014-08-24 21:12 - 2014-08-24 21:12 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Local\AVG
2014-08-22 22:48 - 2014-08-22 23:00 - 00000000 ____D () C:\ProgramData\AVG
2014-08-22 22:48 - 2014-08-22 22:48 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-22 22:44 - 2014-08-25 08:38 - 00002698 _____ () C:\Users\Mika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-22 22:39 - 2014-08-22 22:39 - 00000000 ____D () C:\Users\Mika\AppData\Local\Smartbar
2014-08-22 22:39 - 2014-08-22 22:39 - 00000000 ____D () C:\Users\Mika\AppData\Local\LPT
2014-08-22 22:36 - 2014-08-22 22:36 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\OpenCandy
2014-08-22 22:35 - 2014-08-25 23:51 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\DVDVideoSoft
2014-08-22 22:32 - 2014-08-22 22:35 - 27935080 _____ (DVDVideoSoft Ltd. ) C:\Users\Mika\Downloads\FreeYouTubeDownload3.2.44.820.exe
2014-08-22 22:20 - 2014-08-22 22:20 - 01143151 _____ () C:\Users\Mika\Downloads\Evet, ich will!.pptx
2014-08-16 11:24 - 2014-08-16 11:24 - 00000000 ____D () C:\Users\Mika\Downloads\MediathekView_7
2014-08-16 11:19 - 2014-08-16 11:22 - 30755210 _____ () C:\Users\Mika\Downloads\MediathekView_7.zip
2014-08-15 15:41 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 15:41 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 15:41 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-15 15:41 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 15:41 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 15:41 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 15:41 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 15:41 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 15:41 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 15:41 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 15:41 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 15:41 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 15:41 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 15:41 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 15:41 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 15:41 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 15:41 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 15:41 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 15:41 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 15:41 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 15:41 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 15:41 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 15:41 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 15:41 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 15:41 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 15:41 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 15:41 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 15:41 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 15:41 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 15:41 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 15:41 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 15:41 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 15:41 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 15:41 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 15:41 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 15:41 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 15:41 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 15:41 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 15:39 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 15:39 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 15:39 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-15 15:39 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 15:39 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-15 15:39 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-15 15:38 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-15 15:38 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-15 15:38 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-15 15:38 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-15 15:35 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-15 15:34 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-15 15:34 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-15 15:34 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-15 15:34 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 15:34 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 15:34 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-15 15:34 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-15 15:34 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-15 15:34 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-15 15:34 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-15 15:34 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-15 15:34 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-15 15:34 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-15 15:34 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-15 15:34 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-15 15:34 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-15 15:34 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-15 15:34 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-15 15:34 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-15 15:34 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-15 15:34 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-15 15:34 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-15 15:34 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-15 15:34 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-15 15:34 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-15 15:34 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-15 15:34 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-15 15:34 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-15 15:34 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-15 15:34 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-15 15:34 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-15 15:34 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-15 15:34 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-15 15:34 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-15 15:34 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-15 15:34 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-15 15:34 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-15 15:34 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-15 15:34 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-15 15:34 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-15 15:34 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-15 15:34 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-15 15:33 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-15 15:33 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-15 15:33 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-15 15:33 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-15 15:33 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-15 15:33 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-15 15:33 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-15 15:33 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-15 15:33 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-15 15:33 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-15 15:33 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-15 15:33 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-15 15:33 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-15 15:33 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 15:33 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-15 15:33 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-15 15:32 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-15 15:30 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 15:30 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 15:30 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 15:30 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 15:30 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 15:30 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 15:30 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 15:30 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 15:30 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-07 22:58 - 2014-08-15 16:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-07 22:56 - 2014-08-07 22:56 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-07 22:56 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-07 22:56 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-07 22:56 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-07 22:56 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-06 20:29 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-08-06 20:23 - 2014-08-06 20:23 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-04 12:45 - 2014-09-04 12:44 - 00030066 _____ () C:\Users\Mika\Downloads\FRST.txt
2014-09-04 12:45 - 2014-09-04 12:44 - 00000000 ____D () C:\FRST
2014-09-04 12:45 - 2014-01-05 04:01 - 02084725 _____ () C:\Windows\WindowsUpdate.log
2014-09-04 12:44 - 2014-09-04 12:44 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64.exe
2014-09-04 12:42 - 2014-04-06 17:22 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 12:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-04 03:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-04 00:07 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-02 23:47 - 2014-04-04 07:40 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1401536446-3937075962-3797694313-1001
2014-09-02 23:42 - 2014-04-06 17:22 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-02 21:54 - 2014-09-02 21:54 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (2).xlsx
2014-09-02 21:54 - 2014-04-04 07:34 - 00000000 ____D () C:\Users\Mika\AppData\Local\Packages
2014-09-02 21:52 - 2014-09-02 21:52 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (1).xlsx
2014-09-02 21:47 - 2014-01-05 04:13 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-09-02 21:42 - 2014-09-02 21:41 - 00025067 _____ () C:\Users\Mika\Downloads\college co-voiturage.xlsx
2014-09-02 21:41 - 2014-04-04 07:54 - 00000000 ___DO () C:\Users\Mika\SkyDrive
2014-09-02 21:39 - 2013-08-22 16:46 - 00022348 _____ () C:\Windows\setupact.log
2014-09-02 21:39 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-02 21:38 - 2013-08-22 16:44 - 05054648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-02 00:43 - 2014-04-04 07:31 - 00000000 ____D () C:\Users\Mika
2014-09-02 00:43 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-02 00:06 - 2014-04-04 07:41 - 00000000 ____D () C:\ProgramData\softthinks
2014-09-01 16:40 - 2014-04-13 23:48 - 00849408 ___SH () C:\Users\Mika\Desktop\Thumbs.db
2014-09-01 10:38 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-31 22:48 - 2014-08-31 22:48 - 00000545 _____ () C:\Users\Mika\Downloads\calendrier_20150402000000_20150410235900.vcs
2014-08-28 22:43 - 2014-01-05 03:40 - 00068434 _____ () C:\Windows\PFRO.log
2014-08-25 23:51 - 2014-08-22 22:35 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\DVDVideoSoft
2014-08-25 17:43 - 2014-08-25 16:59 - 00000000 ____D () C:\Users\Mika\Desktop\Sommer 2014 bei den Roths
2014-08-25 17:37 - 2014-08-25 17:37 - 01998244 _____ () C:\Users\Mika\Downloads\attachments (12).zip
2014-08-25 17:36 - 2014-08-25 17:36 - 02107228 _____ () C:\Users\Mika\Downloads\attachments (11).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 03255969 _____ () C:\Users\Mika\Downloads\attachments (10).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 02674751 _____ () C:\Users\Mika\Downloads\attachments (9).zip
2014-08-25 17:34 - 2014-08-25 17:34 - 02270156 _____ () C:\Users\Mika\Downloads\attachments (8).zip
2014-08-25 17:33 - 2014-08-25 17:33 - 02963525 _____ () C:\Users\Mika\Downloads\attachments (7).zip
2014-08-25 17:33 - 2014-08-25 17:32 - 01945200 _____ () C:\Users\Mika\Downloads\attachments (6).zip
2014-08-25 17:30 - 2014-08-25 17:30 - 02325830 _____ () C:\Users\Mika\Downloads\attachments (5).zip
2014-08-25 17:29 - 2014-08-25 17:28 - 02392400 _____ () C:\Users\Mika\Downloads\attachments (4).zip
2014-08-25 17:17 - 2014-08-25 17:16 - 02847479 _____ () C:\Users\Mika\Downloads\attachments (3).zip
2014-08-25 17:12 - 2014-08-25 17:12 - 03490850 _____ () C:\Users\Mika\Downloads\attachments (2).zip
2014-08-25 17:11 - 2014-08-25 17:11 - 03023231 _____ () C:\Users\Mika\Downloads\attachments (1).zip
2014-08-25 10:48 - 2014-06-20 08:35 - 00000000 ____D () C:\Users\Mika\Desktop\Dreier
2014-08-25 10:47 - 2014-04-29 22:48 - 00730112 ___SH () C:\Users\Mika\Downloads\Thumbs.db
2014-08-25 08:38 - 2014-08-22 22:44 - 00002698 _____ () C:\Users\Mika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-24 22:40 - 2014-08-24 21:25 - 602974611 _____ () C:\Users\Mika\Desktop\Dokumentation-112_Hochzeiten.mp4
2014-08-24 21:22 - 2014-06-11 10:43 - 00000000 ____D () C:\Users\Mika\MediathekView
2014-08-24 21:20 - 2014-06-11 10:38 - 00000000 ____D () C:\Users\Mika\.mediathek3
2014-08-24 21:12 - 2014-08-24 21:12 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-08-23 02:42 - 2014-08-27 23:43 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 23:00 - 2014-08-22 22:48 - 00000000 ____D () C:\ProgramData\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Local\AVG
2014-08-22 22:48 - 2014-08-22 22:48 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-22 22:39 - 2014-08-22 22:39 - 00000000 ____D () C:\Users\Mika\AppData\Local\Smartbar
2014-08-22 22:39 - 2014-08-22 22:39 - 00000000 ____D () C:\Users\Mika\AppData\Local\LPT
2014-08-22 22:36 - 2014-08-22 22:36 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\OpenCandy
2014-08-22 22:35 - 2014-08-22 22:32 - 27935080 _____ (DVDVideoSoft Ltd. ) C:\Users\Mika\Downloads\FreeYouTubeDownload3.2.44.820.exe
2014-08-22 22:25 - 2014-04-24 10:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-22 22:25 - 2014-04-24 10:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-22 22:20 - 2014-08-22 22:20 - 01143151 _____ () C:\Users\Mika\Downloads\Evet, ich will!.pptx
2014-08-21 16:11 - 2014-04-04 07:34 - 00000000 ____D () C:\Users\Mika\AppData\Local\VirtualStore
2014-08-19 23:37 - 2014-04-27 19:35 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-08-16 11:24 - 2014-08-16 11:24 - 00000000 ____D () C:\Users\Mika\Downloads\MediathekView_7
2014-08-16 11:22 - 2014-08-16 11:19 - 30755210 _____ () C:\Users\Mika\Downloads\MediathekView_7.zip
2014-08-15 17:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-08-15 16:19 - 2014-04-07 22:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 16:16 - 2014-04-07 22:39 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 16:11 - 2014-08-07 22:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 15:29 - 2014-07-25 17:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 15:29 - 2014-04-15 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 15:29 - 2014-04-06 17:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 15:29 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 15:29 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 15:29 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 15:29 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 15:29 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 15:29 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 15:29 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 15:29 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 15:29 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 15:29 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 15:29 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 15:28 - 2014-07-25 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 15:28 - 2014-04-15 11:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 15:11 - 2014-01-05 03:32 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-15 15:07 - 2014-06-11 15:21 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-08 12:16 - 2014-04-08 01:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-08 12:16 - 2014-04-08 01:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-07 22:57 - 2014-04-24 10:15 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-07 22:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-08-07 22:56 - 2014-08-07 22:56 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-07 22:56 - 2014-04-24 10:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 04:12 - 2014-08-15 15:30 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-07 00:38 - 2014-08-15 15:41 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 20:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-06 20:28 - 2014-04-08 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-06 20:23 - 2014-08-06 20:23 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\openvpn-2.2.2-install.exe
C:\Users\Administrator\AppData\Local\Temp\ose00000.exe
C:\Users\Mika\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Mika\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Mika\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Mika\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Mika\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Mika\AppData\Local\Temp\zmqs123s.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-26 15:13
==================== End Of Log ============================
--- --- --- |
|
05.09.2014, 08:02
| #4 |
| /// the machine /// TB-Ausbilder | Yahoo Smartbar laesst sich im Control Panel nicht loeschen Adware & Co. deinstallieren
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.09.2014, 17:33
| #5 |
| | Yahoo Smartbar laesst sich im Control Panel nicht loeschen Hallo Schrauber, hier nun alle Dateien, die ich hinzufuegen sollte  .Dankeschoen. Hier nun der Inhalt der mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 05/09/2014 Suchlauf-Zeit: 09:42:31 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.05.02 Rootkit Datenbank: v2014.08.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Mika Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 349272 Verstrichene Zeit: 25 Min, 27 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 3 PUP.Optional.Snapdo.T, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [4abcd812dba02b0b057e5d5bde24cd33], PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [4abcd812dba02b0b057e5d5bde24cd33], PUP.Optional.Linkury.A, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, In Quarantäne, [15f17575e4973cfaa556fcfa1be7f10f], Registrierungswerte: 4 PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [33d372785f1c8da9625bc72cfe04e41c] PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [2fd787637b00ee485667ce257a8833cd] PUP.Optional.Snapdo.T, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [9175faf06c0f16201879a657ed156c94] PUP.Optional.Linkury.A, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, YahooOC, In Quarantäne, [15f17575e4973cfaa556fcfa1be7f10f] Registrierungsdaten: 7 PUP.Optional.HelperBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4srFFaxk8fDnMJwYwA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4srFFaxk8fDnMJwYwA,,&q={searchTerms}),Ersetzt,[0ff765851f5c95a17ebe00e5d72d8d73] PUP.Optional.HelperBar.A, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}),Ersetzt,[a3637f6bc9b239fdb08f5d8844c0e61a] PUP.Optional.HelperBar.A, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx5uOmQWjz0I6WMitNn7d-aMUiVHM5tTYIvyyWxOMQBP9ZwO2gRkBDGuPJp68KMLBgsyr8iNF-HU2qRzYmcnvPXEJRs2RAhkw,,, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx5uOmQWjz0I6WMitNn7d-aMUiVHM5tTYIvyyWxOMQBP9ZwO2gRkBDGuPJp68KMLBgsyr8iNF-HU2qRzYmcnvPXEJRs2RAhkw,,),Ersetzt,[4cba9753a0dbaf87330d4d98cc38837d] PUP.Optional.HelperBar.A, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}),Ersetzt,[4bbb8367691237fff8462bba966e0cf4] PUP.Optional.HelperBar.A, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}),Ersetzt,[22e42dbdf28984b250f1ffe620e437c9] PUP.Optional.HelperBar.A, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}),Ersetzt,[db2bb03a02799d9946fcfce950b452ae] PUP.Optional.HelperBar.A, HKU\S-1-5-21-1401536446-3937075962-3797694313-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH5eQLKgJfooXiCdOpjA,,&q={searchTerms}),Ersetzt,[12f48961e09b4beb3c0132b3947055ab] Ordner: 3 PUP.Optional.OpenCandy, C:\Users\Mika\AppData\Roaming\OpenCandy, In Quarantäne, [1beba6444f2caa8c7ce972567b873cc4], PUP.Optional.OpenCandy, C:\Users\Mika\AppData\Roaming\OpenCandy\16BEC3A55D874752A9F81E0C461E1F14, In Quarantäne, [1beba6444f2caa8c7ce972567b873cc4], PUP.Optional.OpenCandy, C:\Users\Mika\AppData\Roaming\OpenCandy\2FD01650E2894E93A63E7FD12AE5C548, In Quarantäne, [1beba6444f2caa8c7ce972567b873cc4], Dateien: 9 Trojan.Agent, C:\Users\Mika\AppData\Local\Temp\is-3SB4H.tmp\netlogger.exe, In Quarantäne, [ab5beefc5e1df244be3fa2109869e41c], PUP.Optional.DownloadSponsor, C:\Users\Mika\Downloads\mwsnap-3-0-0-74.exe, In Quarantäne, [33d3bd2d6d0ed75fe020e2d27a8a9f61], PUP.Optional.Superfish.A, C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [0501d3175526a78f72a662ab3bc8ba46], PUP.Optional.Superfish.A, C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [9b6b03e72f4cfd393fd9e429c73c1ee2], PUP.Optional.WebSearch.A, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\xv768coj.default\searchplugins\Web Search.xml, In Quarantäne, [09fd03e74c2f2f07a395de3d29da0ff1], PUP.Optional.OpenCandy, C:\Users\Mika\AppData\Roaming\OpenCandy\2FD01650E2894E93A63E7FD12AE5C548\AVG-PC-TuneUp2014FRA-15-fr-FR-p4v1.exe, In Quarantäne, [1beba6444f2caa8c7ce972567b873cc4], PUP.Optional.HelperBar.A, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\xv768coj.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx_1OKEWTgGZZyBnexySuGJeX7U6hACMq7wdGhHOb6DBIEmvteQZg37oW5Dx-7cniiFdvn6TkXyUHvHwS_aficZZl6-aIfFsA,,");), Ersetzt,[d1351ad00a7178beb155aa7745c0b54b] PUP.Optional.HelperBar.A, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\xv768coj.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx130Ja3WXQRMwe30Pvy9Bj5BSvwYTwSHc2hFUiX2_xKwqCDflxZHmdVyA8fDu62hA9FUyEdu2YehYH4srFFaxk8fDnMJwYwA,,&q=");), Ersetzt,[6a9ce802aad1f442b94ecf521fe6fe02] PUP.Optional.HelperBar.A, C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\xv768coj.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6YBCFyuyOThLNxhk3_r6DjOQ_hx3-Kx3ZPNet6x-HNLcRPmqpCPBhGKekYDXR4nPiMc92bmo4FW8vx5uOmQWjz0I6WMitNn7d-aMUiVHM5tTYIvyyWxOMQBP9ZwO2gRkBDGuPJp68KMLBgsyr8iNF-HU2qRyh0CaGnoe-ud10PJBg,,");), Ersetzt,[798da248d3a8a591fd7ef72a10f5619f] Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.309 - Report created 05/09/2014 at 11:08:10
# Updated 02/09/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Mika - EWBFBM-MBL15
# Running from : C:\Users\Mika\Downloads\adwcleaner_3.309 (1).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Mika\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Mika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\OCS
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Google Chrome v37.0.2062.103
[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : gkojfkhlekighikafcpjkiklfbnlmeio
*************************
AdwCleaner[R0].txt - [2370 octets] - [05/09/2014 11:02:17]
AdwCleaner[S0].txt - [2075 octets] - [05/09/2014 11:08:10]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2135 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Mika on 05/09/2014 at 17:55:20.30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/09/2014 at 18:06:20.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Mika (administrator) on EWBFBM-MBL15 on 05-09-2014 18:25:27
Running from C:\Users\Mika\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Novell, Inc.) C:\Program Files\Novell\Client\XTier\Services\xtsvcmgr.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files (x86)\USBDLM\USBDLM.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(OCS Inventory NG) C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files (x86)\USBDLM\USBDLM_usr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Novell\Client\nwtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHSA.EXE
(OCS Inventory NG) C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760432 2013-08-03] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NWTRAY] => C:\Program Files\Novell\Client\nwtray.exe [39992 2013-01-16] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-20] (Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1401536446-3937075962-3797694313-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-20] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-20] (Sophos Limited)
Lsa: [Authentication Packages] msv1_0 ncv1_0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OCS Inventory NG Systray.lnk
ShortcutTarget: OCS Inventory NG Systray.lnk -> C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe (OCS Inventory NG)
ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM - {12E797B7-A75C-4051-B4D9-8F48480ECCE7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-04-24]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> E57CD084386C70E0BF0CFFFE9835BDC13B12E62319A93C9F1553C406634B08D0
CHR DefaultSearchURL: Default -> 061A9A0B64A899B593E9FDCB3D4E3FB31EF9417C8195F6BDFCA9C991BDC1A86B
CHR Profile: C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Google Drive) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (Google Search) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-04-24]
CHR Extension: (Hola Better Internet) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-16]
CHR Extension: (Babbel-Knopf für Google Chrome™) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdoppplimagabiddoakkgppnpfglein [2014-04-30]
CHR Extension: (Google Wallet) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [148688 2014-07-22] (Dell Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-08-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe [35840 2012-01-27] (OCS Inventory NG) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-20] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-20] (Sophos Limited)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2014-04-24] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-20] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2014-04-24] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-20] (Sophos Limited)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300328 2014-05-20] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-20] (Sophos Limited)
R2 USBDLM; C:\Program Files (x86)\USBDLM\USBDLM.exe [337888 2012-01-15] (Uwe Sieber - www.uwe-sieber.de) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 XTSvcMgr; C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe [20536 2013-01-16] (Novell, Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-24] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385784 2013-06-27] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [114632 2013-07-01] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 NCFilter; C:\Windows\System32\DRIVERS\NCFilter.sys [112696 2013-01-16] ()
R2 NCFSD; C:\Program Files\Novell\Client\XTier\Drivers\ncfsd.sys [115256 2013-01-16] ()
R2 NCIOCTL; C:\Program Files\Novell\Client\XTier\Drivers\ncioctl.sys [90680 2013-01-16] ()
R0 NCRecognizer; C:\Windows\System32\DRIVERS\NCRecognizer.sys [120376 2013-01-16] ()
R0 NCUncFilter; C:\Windows\System32\DRIVERS\NCUncFilter.sys [26680 2013-01-16] ()
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
R1 NICM; C:\Program Files\Novell\Client\XTier\Drivers\nicm.sys [31800 2013-01-16] (Novell, Inc.)
S3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73984 2013-06-05] (Identive)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-20] (Sophos Limited)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2014-05-20] (Sophos Limited)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-02] (Synaptics Incorporated)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2014-05-20] (Sophos Limited)
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2014-05-20] (Sophos Limited)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
U3 nccache; C:\Program Files\Novell\Client\XTier\Drivers\nccache.sys [55864 2013-01-16] (Novell, Inc.)
U3 nciom; C:\Program Files\Novell\Client\XTier\Drivers\nciom.sys [80952 2013-01-16] (Novell, Inc.)
U3 ncp; C:\Program Files\Novell\Client\XTier\Drivers\ncp.sys [79416 2013-01-16] (Novell, Inc.)
U3 ncpfsp; C:\Program Files\Novell\Client\XTier\Drivers\ncpfsp.sys [101944 2013-01-16] (Novell, Inc.)
U3 ncpl; C:\Program Files\Novell\Client\XTier\Drivers\ncpl.sys [49720 2013-01-16] (Novell, Inc.)
U3 ndm; C:\Program Files\Novell\Client\XTier\Drivers\ndm.sys [20024 2013-01-16] (Novell, Inc.)
U3 ndmndap; C:\Program Files\Novell\Client\XTier\Drivers\ndmndap.sys [84024 2013-01-16] (Novell, Inc.)
U3 niam; C:\Program Files\Novell\Client\XTier\Drivers\niam.sys [39480 2013-01-16] (Novell, Inc.)
U3 nipctl; C:\Program Files\Novell\Client\XTier\Drivers\nipctl.sys [56376 2013-01-16] (Novell, Inc.)
U3 nscm; C:\Program Files\Novell\Client\XTier\Drivers\nscm.sys [37944 2013-01-16] (Novell, Inc.)
U3 nsns; C:\Program Files\Novell\Client\XTier\Drivers\nsns.sys [25656 2013-01-16] (Novell, Inc.)
U3 nsvccost; C:\Program Files\Novell\Client\XTier\Drivers\nsvccost.sys [36408 2013-01-16] (Novell, Inc.)
U3 xtxplat; C:\Program Files\Novell\Client\XTier\Drivers\xtxplat.sys [59960 2013-01-16] (Novell, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-05 18:25 - 2014-09-05 18:25 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64 (1).exe
2014-09-05 18:06 - 2014-09-05 18:06 - 00000613 _____ () C:\Users\Mika\Desktop\JRT.txt
2014-09-05 17:55 - 2014-09-05 17:55 - 00000000 ____D () C:\Windows\ERUNT
2014-09-05 17:54 - 2014-09-05 17:54 - 01016261 _____ (Thisisu) C:\Users\Mika\Downloads\JRT.exe
2014-09-05 11:10 - 2014-09-05 11:10 - 00002231 _____ () C:\Users\Mika\Desktop\AdwCleaner[S0].txt
2014-09-05 11:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-05 11:01 - 2014-09-05 11:08 - 00000000 ____D () C:\AdwCleaner
2014-09-05 10:51 - 2014-09-05 10:52 - 01370483 _____ () C:\Users\Mika\Downloads\adwcleaner_3.309 (1).exe
2014-09-05 10:40 - 2014-09-05 10:40 - 01370483 _____ () C:\Users\Mika\Downloads\adwcleaner_3.309.exe
2014-09-05 10:39 - 2014-09-05 10:39 - 00010714 _____ () C:\Users\Mika\Desktop\mbam.txt
2014-09-05 09:41 - 2014-09-05 10:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 09:41 - 2014-09-05 09:41 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-05 09:41 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-05 09:41 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-05 09:41 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-05 09:38 - 2014-09-05 09:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mika\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-05 09:19 - 2014-09-05 09:31 - 00001286 _____ () C:\Users\Mika\Desktop\Revo Uninstaller.lnk
2014-09-05 09:19 - 2014-09-05 09:31 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-05 09:12 - 2014-09-05 09:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mika\Downloads\revosetup95.exe
2014-09-04 12:46 - 2014-09-04 12:49 - 00052390 _____ () C:\Users\Mika\Downloads\Addition.txt
2014-09-04 12:44 - 2014-09-05 18:25 - 00026758 _____ () C:\Users\Mika\Downloads\FRST.txt
2014-09-04 12:44 - 2014-09-05 18:25 - 00000000 ____D () C:\FRST
2014-09-04 12:44 - 2014-09-04 12:44 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64.exe
2014-09-02 21:54 - 2014-09-02 21:54 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (2).xlsx
2014-09-02 21:52 - 2014-09-02 21:52 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (1).xlsx
2014-09-02 21:41 - 2014-09-02 21:42 - 00025067 _____ () C:\Users\Mika\Downloads\college co-voiturage.xlsx
2014-08-31 22:48 - 2014-08-31 22:48 - 00000545 _____ () C:\Users\Mika\Downloads\calendrier_20150402000000_20150410235900.vcs
2014-08-27 23:43 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 00:02 - 2014-05-20 21:43 - 00032512 _____ (Sophos Limited) C:\Windows\system32\Drivers\swi_callout.sys
2014-08-25 17:37 - 2014-08-25 17:37 - 01998244 _____ () C:\Users\Mika\Downloads\attachments (12).zip
2014-08-25 17:36 - 2014-08-25 17:36 - 02107228 _____ () C:\Users\Mika\Downloads\attachments (11).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 03255969 _____ () C:\Users\Mika\Downloads\attachments (10).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 02674751 _____ () C:\Users\Mika\Downloads\attachments (9).zip
2014-08-25 17:34 - 2014-08-25 17:34 - 02270156 _____ () C:\Users\Mika\Downloads\attachments (8).zip
2014-08-25 17:33 - 2014-08-25 17:33 - 02963525 _____ () C:\Users\Mika\Downloads\attachments (7).zip
2014-08-25 17:32 - 2014-08-25 17:33 - 01945200 _____ () C:\Users\Mika\Downloads\attachments (6).zip
2014-08-25 17:30 - 2014-08-25 17:30 - 02325830 _____ () C:\Users\Mika\Downloads\attachments (5).zip
2014-08-25 17:28 - 2014-08-25 17:29 - 02392400 _____ () C:\Users\Mika\Downloads\attachments (4).zip
2014-08-25 17:16 - 2014-08-25 17:17 - 02847479 _____ () C:\Users\Mika\Downloads\attachments (3).zip
2014-08-25 17:12 - 2014-08-25 17:12 - 03490850 _____ () C:\Users\Mika\Downloads\attachments (2).zip
2014-08-25 17:11 - 2014-08-25 17:11 - 03023231 _____ () C:\Users\Mika\Downloads\attachments (1).zip
2014-08-25 16:59 - 2014-08-25 17:43 - 00000000 ____D () C:\Users\Mika\Desktop\Sommer 2014 bei den Roths
2014-08-24 21:25 - 2014-08-24 22:40 - 602974611 _____ () C:\Users\Mika\Desktop\Dokumentation-112_Hochzeiten.mp4
2014-08-24 21:12 - 2014-08-24 21:12 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Local\AVG
2014-08-22 22:48 - 2014-08-22 23:00 - 00000000 ____D () C:\ProgramData\AVG
2014-08-22 22:48 - 2014-08-22 22:48 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-22 22:44 - 2014-09-05 11:19 - 00001380 _____ () C:\Users\Mika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-22 22:35 - 2014-08-25 23:51 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\DVDVideoSoft
2014-08-22 22:32 - 2014-08-22 22:35 - 27935080 _____ (DVDVideoSoft Ltd. ) C:\Users\Mika\Downloads\FreeYouTubeDownload3.2.44.820.exe
2014-08-22 22:20 - 2014-08-22 22:20 - 01143151 _____ () C:\Users\Mika\Downloads\Evet, ich will!.pptx
2014-08-16 11:24 - 2014-08-16 11:24 - 00000000 ____D () C:\Users\Mika\Downloads\MediathekView_7
2014-08-16 11:19 - 2014-08-16 11:22 - 30755210 _____ () C:\Users\Mika\Downloads\MediathekView_7.zip
2014-08-15 15:41 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 15:41 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 15:41 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-15 15:41 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 15:41 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 15:41 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 15:41 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 15:41 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 15:41 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 15:41 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 15:41 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 15:41 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 15:41 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 15:41 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 15:41 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 15:41 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 15:41 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 15:41 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 15:41 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 15:41 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 15:41 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 15:41 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 15:41 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 15:41 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 15:41 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 15:41 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 15:41 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 15:41 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 15:41 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 15:41 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 15:41 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 15:41 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 15:41 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 15:41 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 15:41 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 15:41 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 15:41 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 15:41 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 15:39 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 15:39 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 15:39 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-15 15:39 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 15:39 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-15 15:39 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-15 15:38 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-15 15:38 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-15 15:38 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-15 15:38 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-15 15:35 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-15 15:34 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-15 15:34 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-15 15:34 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-15 15:34 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 15:34 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 15:34 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-15 15:34 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-15 15:34 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-15 15:34 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-15 15:34 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-15 15:34 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-15 15:34 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-15 15:34 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-15 15:34 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-15 15:34 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-15 15:34 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-15 15:34 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-15 15:34 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-15 15:34 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-15 15:34 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-15 15:34 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-15 15:34 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-15 15:34 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-15 15:34 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-15 15:34 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-15 15:34 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-15 15:34 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-15 15:34 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-15 15:34 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-15 15:34 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-15 15:34 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-15 15:34 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-15 15:34 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-15 15:34 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-15 15:34 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-15 15:34 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-15 15:34 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-15 15:34 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-15 15:34 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-15 15:34 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-15 15:34 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-15 15:34 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-15 15:33 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-15 15:33 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-15 15:33 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-15 15:33 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-15 15:33 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-15 15:33 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-15 15:33 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-15 15:33 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-15 15:33 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-15 15:33 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-15 15:33 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-15 15:33 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-15 15:33 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-15 15:33 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 15:33 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-15 15:33 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-15 15:32 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-15 15:30 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 15:30 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 15:30 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 15:30 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 15:30 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 15:30 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 15:30 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 15:30 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 15:30 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-07 22:58 - 2014-08-15 16:11 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-07 22:56 - 2014-08-07 22:56 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-07 22:56 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-07 22:56 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-07 22:56 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-07 22:56 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-06 20:29 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-08-06 20:23 - 2014-08-06 20:23 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-05 18:26 - 2014-09-04 12:44 - 00026758 _____ () C:\Users\Mika\Downloads\FRST.txt
2014-09-05 18:25 - 2014-09-05 18:25 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64 (1).exe
2014-09-05 18:25 - 2014-09-04 12:44 - 00000000 ____D () C:\FRST
2014-09-05 18:21 - 2014-01-05 04:13 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-09-05 18:18 - 2014-04-04 07:40 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1401536446-3937075962-3797694313-1001
2014-09-05 18:14 - 2014-04-06 17:22 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-05 18:14 - 2014-04-04 07:54 - 00000000 ___DO () C:\Users\Mika\SkyDrive
2014-09-05 18:13 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-05 18:10 - 2014-04-13 23:48 - 00859648 ___SH () C:\Users\Mika\Desktop\Thumbs.db
2014-09-05 18:06 - 2014-09-05 18:06 - 00000613 _____ () C:\Users\Mika\Desktop\JRT.txt
2014-09-05 18:01 - 2014-01-05 04:01 - 01338119 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-05 17:55 - 2014-09-05 17:55 - 00000000 ____D () C:\Windows\ERUNT
2014-09-05 17:54 - 2014-09-05 17:54 - 01016261 _____ (Thisisu) C:\Users\Mika\Downloads\JRT.exe
2014-09-05 13:42 - 2014-04-06 17:22 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-05 13:20 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-05 13:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-05 11:19 - 2014-08-22 22:44 - 00001380 _____ () C:\Users\Mika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-05 11:18 - 2014-04-04 07:31 - 00000000 ____D () C:\Users\Mika
2014-09-05 11:10 - 2014-09-05 11:10 - 00002231 _____ () C:\Users\Mika\Desktop\AdwCleaner[S0].txt
2014-09-05 11:09 - 2014-01-05 03:40 - 00071924 _____ () C:\Windows\PFRO.log
2014-09-05 11:09 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-05 11:08 - 2014-09-05 11:01 - 00000000 ____D () C:\AdwCleaner
2014-09-05 10:52 - 2014-09-05 10:51 - 01370483 _____ () C:\Users\Mika\Downloads\adwcleaner_3.309 (1).exe
2014-09-05 10:40 - 2014-09-05 10:40 - 01370483 _____ () C:\Users\Mika\Downloads\adwcleaner_3.309.exe
2014-09-05 10:39 - 2014-09-05 10:39 - 00010714 _____ () C:\Users\Mika\Desktop\mbam.txt
2014-09-05 10:37 - 2014-09-05 09:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\schemas
2014-09-05 09:41 - 2014-09-05 09:41 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-05 09:40 - 2014-09-05 09:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mika\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-05 09:31 - 2014-09-05 09:19 - 00001286 _____ () C:\Users\Mika\Desktop\Revo Uninstaller.lnk
2014-09-05 09:31 - 2014-09-05 09:19 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-05 09:12 - 2014-09-05 09:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mika\Downloads\revosetup95.exe
2014-09-04 12:49 - 2014-09-04 12:46 - 00052390 _____ () C:\Users\Mika\Downloads\Addition.txt
2014-09-04 12:44 - 2014-09-04 12:44 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64.exe
2014-09-02 21:54 - 2014-09-02 21:54 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (2).xlsx
2014-09-02 21:54 - 2014-04-04 07:34 - 00000000 ____D () C:\Users\Mika\AppData\Local\Packages
2014-09-02 21:52 - 2014-09-02 21:52 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (1).xlsx
2014-09-02 21:42 - 2014-09-02 21:41 - 00025067 _____ () C:\Users\Mika\Downloads\college co-voiturage.xlsx
2014-09-02 21:39 - 2013-08-22 16:46 - 00022348 _____ () C:\Windows\setupact.log
2014-09-02 21:38 - 2013-08-22 16:44 - 05054648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-02 00:06 - 2014-04-04 07:41 - 00000000 ____D () C:\ProgramData\softthinks
2014-09-01 10:38 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-31 22:48 - 2014-08-31 22:48 - 00000545 _____ () C:\Users\Mika\Downloads\calendrier_20150402000000_20150410235900.vcs
2014-08-25 23:51 - 2014-08-22 22:35 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\DVDVideoSoft
2014-08-25 17:43 - 2014-08-25 16:59 - 00000000 ____D () C:\Users\Mika\Desktop\Sommer 2014 bei den Roths
2014-08-25 17:37 - 2014-08-25 17:37 - 01998244 _____ () C:\Users\Mika\Downloads\attachments (12).zip
2014-08-25 17:36 - 2014-08-25 17:36 - 02107228 _____ () C:\Users\Mika\Downloads\attachments (11).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 03255969 _____ () C:\Users\Mika\Downloads\attachments (10).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 02674751 _____ () C:\Users\Mika\Downloads\attachments (9).zip
2014-08-25 17:34 - 2014-08-25 17:34 - 02270156 _____ () C:\Users\Mika\Downloads\attachments (8).zip
2014-08-25 17:33 - 2014-08-25 17:33 - 02963525 _____ () C:\Users\Mika\Downloads\attachments (7).zip
2014-08-25 17:33 - 2014-08-25 17:32 - 01945200 _____ () C:\Users\Mika\Downloads\attachments (6).zip
2014-08-25 17:30 - 2014-08-25 17:30 - 02325830 _____ () C:\Users\Mika\Downloads\attachments (5).zip
2014-08-25 17:29 - 2014-08-25 17:28 - 02392400 _____ () C:\Users\Mika\Downloads\attachments (4).zip
2014-08-25 17:17 - 2014-08-25 17:16 - 02847479 _____ () C:\Users\Mika\Downloads\attachments (3).zip
2014-08-25 17:12 - 2014-08-25 17:12 - 03490850 _____ () C:\Users\Mika\Downloads\attachments (2).zip
2014-08-25 17:11 - 2014-08-25 17:11 - 03023231 _____ () C:\Users\Mika\Downloads\attachments (1).zip
2014-08-25 10:48 - 2014-06-20 08:35 - 00000000 ____D () C:\Users\Mika\Desktop\Dreier
2014-08-25 10:47 - 2014-04-29 22:48 - 00730112 ___SH () C:\Users\Mika\Downloads\Thumbs.db
2014-08-24 22:40 - 2014-08-24 21:25 - 602974611 _____ () C:\Users\Mika\Desktop\Dokumentation-112_Hochzeiten.mp4
2014-08-24 21:22 - 2014-06-11 10:43 - 00000000 ____D () C:\Users\Mika\MediathekView
2014-08-24 21:20 - 2014-06-11 10:38 - 00000000 ____D () C:\Users\Mika\.mediathek3
2014-08-24 21:12 - 2014-08-24 21:12 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-08-23 02:42 - 2014-08-27 23:43 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 23:00 - 2014-08-22 22:48 - 00000000 ____D () C:\ProgramData\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Local\AVG
2014-08-22 22:48 - 2014-08-22 22:48 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-22 22:35 - 2014-08-22 22:32 - 27935080 _____ (DVDVideoSoft Ltd. ) C:\Users\Mika\Downloads\FreeYouTubeDownload3.2.44.820.exe
2014-08-22 22:25 - 2014-04-24 10:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-22 22:25 - 2014-04-24 10:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-22 22:20 - 2014-08-22 22:20 - 01143151 _____ () C:\Users\Mika\Downloads\Evet, ich will!.pptx
2014-08-21 16:11 - 2014-04-04 07:34 - 00000000 ____D () C:\Users\Mika\AppData\Local\VirtualStore
2014-08-19 23:37 - 2014-04-27 19:35 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-08-16 11:24 - 2014-08-16 11:24 - 00000000 ____D () C:\Users\Mika\Downloads\MediathekView_7
2014-08-16 11:22 - 2014-08-16 11:19 - 30755210 _____ () C:\Users\Mika\Downloads\MediathekView_7.zip
2014-08-15 17:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-08-15 16:19 - 2014-04-07 22:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 16:16 - 2014-04-07 22:39 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 16:11 - 2014-08-07 22:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 15:29 - 2014-07-25 17:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 15:29 - 2014-04-15 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 15:29 - 2014-04-06 17:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 15:29 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 15:29 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 15:29 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 15:29 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 15:29 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 15:29 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 15:29 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 15:29 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 15:29 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 15:29 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 15:29 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 15:28 - 2014-07-25 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 15:28 - 2014-04-15 11:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 15:11 - 2014-01-05 03:32 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-15 15:07 - 2014-06-11 15:21 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-08 12:16 - 2014-04-08 01:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-08 12:16 - 2014-04-08 01:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-07 22:57 - 2014-04-24 10:15 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-07 22:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-08-07 22:56 - 2014-08-07 22:56 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-07 22:56 - 2014-04-24 10:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 04:12 - 2014-08-15 15:30 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-07 00:38 - 2014-08-15 15:41 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 20:43 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-06 20:28 - 2014-04-08 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-06 20:23 - 2014-08-06 20:23 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\openvpn-2.2.2-install.exe
C:\Users\Administrator\AppData\Local\Temp\ose00000.exe
C:\Users\Mika\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Mika\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Mika\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Mika\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Mika\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Mika\AppData\Local\Temp\zmqs123s.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-26 15:13
==================== End Of Log ============================
|
|
06.09.2014, 13:50
| #6 |
| /// the machine /// TB-Ausbilder | Yahoo Smartbar laesst sich im Control Panel nicht loeschenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> Yahoo Smartbar laesst sich im Control Panel nicht loeschen |
|
08.09.2014, 13:25
| #7 |
| | Yahoo Smartbar laesst sich im Control Panel nicht loeschen Hier nun schon einmal der Logfile vom ESET Online Scanner: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f253b8abffd62d4d9ad5913cf3d2e996
# engine=20046
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-08 12:01:29
# local_time=2014-09-08 02:01:29 (+0100, W. Europe Daylight Time)
# country="United Kingdom"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9730120 14561210 0 0
# compatibility_mode_1='Sophos Anti-Virus'
# compatibility_mode=8450 16777213 100 99 16797 11849795 0 0
# scanned=208170
# found=3
# cleaned=0
# scan_time=15860
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mika\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=25B9F4013FB34153FFA27E460D4B8594C79FE337 ft=1 fh=15384691e6094ee0 vn="Variante von Win32/HiddenStart.A potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\hstart.exe"
sh=3E456993A1DBCB9F32C43D985B4F578B3ED2EAE7 ft=1 fh=90c0e0ceab232bf4 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Mika\Downloads\FreeYouTubeDownload3.2.44.820.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
Sophos Anti-Virus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Mozilla Firefox (28.0)
Google Chrome 36.0.1985.143
Google Chrome 37.0.2062.103
````````Process Check: objlist.exe by Laurent````````
Sophos Sophos Anti-Virus SavService.exe
Sophos Sophos Anti-Virus SAVAdminService.exe
Sophos Sophos Anti-Virus Web Control swc_service.exe
Sophos Sophos Anti-Virus Web Intelligence swi_filter.exe
Sophos Sophos Anti-Virus Web Intelligence swi_service.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Mika (administrator) on EWBFBM-MBL15 on 08-09-2014 14:23:36
Running from C:\Users\Mika\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Novell, Inc.) C:\Program Files\Novell\Client\XTier\Services\xtsvcmgr.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files (x86)\USBDLM\USBDLM.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(OCS Inventory NG) C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe
(Uwe Sieber - www.uwe-sieber.de) C:\Program Files (x86)\USBDLM\USBDLM_usr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Novell\Client\nwtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHSA.EXE
(OCS Inventory NG) C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Mika\Downloads\FRST64 (2).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760432 2013-08-03] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [NWTRAY] => C:\Program Files\Novell\Client\nwtray.exe [39992 2013-01-16] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-04-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-20] (Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1401536446-3937075962-3797694313-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHSA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-20] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-20] (Sophos Limited)
Lsa: [Authentication Packages] msv1_0 ncv1_0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OCS Inventory NG Systray.lnk
ShortcutTarget: OCS Inventory NG Systray.lnk -> C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe (OCS Inventory NG)
ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM - {12E797B7-A75C-4051-B4D9-8F48480ECCE7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-04-24]
Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> E57CD084386C70E0BF0CFFFE9835BDC13B12E62319A93C9F1553C406634B08D0
CHR DefaultSearchURL: Default -> 061A9A0B64A899B593E9FDCB3D4E3FB31EF9417C8195F6BDFCA9C991BDC1A86B
CHR Profile: C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-06]
CHR Extension: (Google Drive) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-06]
CHR Extension: (Google Search) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-04-24]
CHR Extension: (Hola Better Internet) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-16]
CHR Extension: (Babbel-Knopf für Google Chrome™) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdoppplimagabiddoakkgppnpfglein [2014-04-30]
CHR Extension: (Google Wallet) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Mika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [148688 2014-07-22] (Dell Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-08-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe [35840 2012-01-27] (OCS Inventory NG) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-20] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-20] (Sophos Limited)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920 2014-04-04] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
R2 Sophos Agent; C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe [289856 2014-04-24] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-20] (Sophos Limited)
R2 Sophos Message Router; C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe [818240 2014-04-24] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-20] (Sophos Limited)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300328 2014-05-20] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-20] (Sophos Limited)
R2 USBDLM; C:\Program Files (x86)\USBDLM\USBDLM.exe [337888 2012-01-15] (Uwe Sieber - www.uwe-sieber.de) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 XTSvcMgr; C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe [20536 2013-01-16] (Novell, Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-24] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385784 2013-06-27] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [114632 2013-07-01] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 NCFilter; C:\Windows\System32\DRIVERS\NCFilter.sys [112696 2013-01-16] ()
R2 NCFSD; C:\Program Files\Novell\Client\XTier\Drivers\ncfsd.sys [115256 2013-01-16] ()
R2 NCIOCTL; C:\Program Files\Novell\Client\XTier\Drivers\ncioctl.sys [90680 2013-01-16] ()
R0 NCRecognizer; C:\Windows\System32\DRIVERS\NCRecognizer.sys [120376 2013-01-16] ()
R0 NCUncFilter; C:\Windows\System32\DRIVERS\NCUncFilter.sys [26680 2013-01-16] ()
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
R1 NICM; C:\Program Files\Novell\Client\XTier\Drivers\nicm.sys [31800 2013-01-16] (Novell, Inc.)
S3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73984 2013-06-05] (Identive)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-20] (Sophos Limited)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2014-05-20] (Sophos Limited)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-02] (Synaptics Incorporated)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2014-05-20] (Sophos Limited)
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2014-05-20] (Sophos Limited)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
U3 nccache; C:\Program Files\Novell\Client\XTier\Drivers\nccache.sys [55864 2013-01-16] (Novell, Inc.)
U3 nciom; C:\Program Files\Novell\Client\XTier\Drivers\nciom.sys [80952 2013-01-16] (Novell, Inc.)
U3 ncp; C:\Program Files\Novell\Client\XTier\Drivers\ncp.sys [79416 2013-01-16] (Novell, Inc.)
U3 ncpfsp; C:\Program Files\Novell\Client\XTier\Drivers\ncpfsp.sys [101944 2013-01-16] (Novell, Inc.)
U3 ncpl; C:\Program Files\Novell\Client\XTier\Drivers\ncpl.sys [49720 2013-01-16] (Novell, Inc.)
U3 ndm; C:\Program Files\Novell\Client\XTier\Drivers\ndm.sys [20024 2013-01-16] (Novell, Inc.)
U3 ndmndap; C:\Program Files\Novell\Client\XTier\Drivers\ndmndap.sys [84024 2013-01-16] (Novell, Inc.)
U3 niam; C:\Program Files\Novell\Client\XTier\Drivers\niam.sys [39480 2013-01-16] (Novell, Inc.)
U3 nipctl; C:\Program Files\Novell\Client\XTier\Drivers\nipctl.sys [56376 2013-01-16] (Novell, Inc.)
U3 nscm; C:\Program Files\Novell\Client\XTier\Drivers\nscm.sys [37944 2013-01-16] (Novell, Inc.)
U3 nsns; C:\Program Files\Novell\Client\XTier\Drivers\nsns.sys [25656 2013-01-16] (Novell, Inc.)
U3 nsvccost; C:\Program Files\Novell\Client\XTier\Drivers\nsvccost.sys [36408 2013-01-16] (Novell, Inc.)
U3 xtxplat; C:\Program Files\Novell\Client\XTier\Drivers\xtxplat.sys [59960 2013-01-16] (Novell, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-08 14:23 - 2014-09-08 14:23 - 02105344 _____ (Farbar) C:\Users\Mika\Downloads\FRST64 (2).exe
2014-09-08 14:19 - 2014-09-08 14:19 - 00854417 _____ () C:\Users\Mika\Downloads\SecurityCheck.exe
2014-09-08 14:19 - 2014-09-08 14:19 - 00854417 _____ () C:\Users\Mika\Downloads\SecurityCheck (1).exe
2014-09-08 14:10 - 2014-09-08 14:10 - 00000000 __SHD () C:\Users\Mika\AppData\Local\EmieUserList
2014-09-08 14:10 - 2014-09-08 14:10 - 00000000 __SHD () C:\Users\Mika\AppData\Local\EmieSiteList
2014-09-08 09:30 - 2014-09-08 09:30 - 02347384 _____ (ESET) C:\Users\Mika\Downloads\esetsmartinstaller_deu.exe
2014-09-05 18:27 - 2014-09-05 18:27 - 00061094 _____ () C:\Users\Mika\Desktop\FRST.txt
2014-09-05 18:25 - 2014-09-05 18:25 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64 (1).exe
2014-09-05 18:06 - 2014-09-05 18:06 - 00000613 _____ () C:\Users\Mika\Desktop\JRT.txt
2014-09-05 17:55 - 2014-09-05 17:55 - 00000000 ____D () C:\Windows\ERUNT
2014-09-05 17:54 - 2014-09-05 17:54 - 01016261 _____ (Thisisu) C:\Users\Mika\Downloads\JRT.exe
2014-09-05 11:10 - 2014-09-05 11:10 - 00002231 _____ () C:\Users\Mika\Desktop\AdwCleaner[S0].txt
2014-09-05 11:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-05 11:01 - 2014-09-05 11:08 - 00000000 ____D () C:\AdwCleaner
2014-09-05 10:51 - 2014-09-05 10:52 - 01370483 _____ () C:\Users\Mika\Downloads\adwcleaner_3.309 (1).exe
2014-09-05 10:40 - 2014-09-05 10:40 - 01370483 _____ () C:\Users\Mika\Downloads\adwcleaner_3.309.exe
2014-09-05 10:39 - 2014-09-05 10:39 - 00010714 _____ () C:\Users\Mika\Desktop\mbam.txt
2014-09-05 09:41 - 2014-09-05 10:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 09:41 - 2014-09-05 09:41 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-05 09:41 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-05 09:41 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-05 09:41 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-05 09:38 - 2014-09-05 09:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mika\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-05 09:19 - 2014-09-05 09:31 - 00001286 _____ () C:\Users\Mika\Desktop\Revo Uninstaller.lnk
2014-09-05 09:19 - 2014-09-05 09:31 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-05 09:12 - 2014-09-05 09:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mika\Downloads\revosetup95.exe
2014-09-04 12:46 - 2014-09-04 12:49 - 00052390 _____ () C:\Users\Mika\Downloads\Addition.txt
2014-09-04 12:44 - 2014-09-08 14:23 - 00027434 _____ () C:\Users\Mika\Downloads\FRST.txt
2014-09-04 12:44 - 2014-09-08 14:23 - 00000000 ____D () C:\FRST
2014-09-04 12:44 - 2014-09-04 12:44 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64.exe
2014-09-02 21:54 - 2014-09-02 21:54 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (2).xlsx
2014-09-02 21:52 - 2014-09-02 21:52 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (1).xlsx
2014-09-02 21:41 - 2014-09-02 21:42 - 00025067 _____ () C:\Users\Mika\Downloads\college co-voiturage.xlsx
2014-08-31 22:48 - 2014-08-31 22:48 - 00000545 _____ () C:\Users\Mika\Downloads\calendrier_20150402000000_20150410235900.vcs
2014-08-27 23:43 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 00:02 - 2014-05-20 21:43 - 00032512 _____ (Sophos Limited) C:\Windows\system32\Drivers\swi_callout.sys
2014-08-25 17:37 - 2014-08-25 17:37 - 01998244 _____ () C:\Users\Mika\Downloads\attachments (12).zip
2014-08-25 17:36 - 2014-08-25 17:36 - 02107228 _____ () C:\Users\Mika\Downloads\attachments (11).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 03255969 _____ () C:\Users\Mika\Downloads\attachments (10).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 02674751 _____ () C:\Users\Mika\Downloads\attachments (9).zip
2014-08-25 17:34 - 2014-08-25 17:34 - 02270156 _____ () C:\Users\Mika\Downloads\attachments (8).zip
2014-08-25 17:33 - 2014-08-25 17:33 - 02963525 _____ () C:\Users\Mika\Downloads\attachments (7).zip
2014-08-25 17:32 - 2014-08-25 17:33 - 01945200 _____ () C:\Users\Mika\Downloads\attachments (6).zip
2014-08-25 17:30 - 2014-08-25 17:30 - 02325830 _____ () C:\Users\Mika\Downloads\attachments (5).zip
2014-08-25 17:28 - 2014-08-25 17:29 - 02392400 _____ () C:\Users\Mika\Downloads\attachments (4).zip
2014-08-25 17:16 - 2014-08-25 17:17 - 02847479 _____ () C:\Users\Mika\Downloads\attachments (3).zip
2014-08-25 17:12 - 2014-08-25 17:12 - 03490850 _____ () C:\Users\Mika\Downloads\attachments (2).zip
2014-08-25 17:11 - 2014-08-25 17:11 - 03023231 _____ () C:\Users\Mika\Downloads\attachments (1).zip
2014-08-25 16:59 - 2014-08-25 17:43 - 00000000 ____D () C:\Users\Mika\Desktop\Sommer 2014 bei den Roths
2014-08-24 21:25 - 2014-08-24 22:40 - 602974611 _____ () C:\Users\Mika\Desktop\Dokumentation-112_Hochzeiten.mp4
2014-08-24 21:12 - 2014-08-24 21:12 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Local\AVG
2014-08-22 22:48 - 2014-08-22 23:00 - 00000000 ____D () C:\ProgramData\AVG
2014-08-22 22:48 - 2014-08-22 22:48 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-22 22:44 - 2014-09-05 11:19 - 00001380 _____ () C:\Users\Mika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-22 22:35 - 2014-08-25 23:51 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\DVDVideoSoft
2014-08-22 22:32 - 2014-08-22 22:35 - 27935080 _____ (DVDVideoSoft Ltd. ) C:\Users\Mika\Downloads\FreeYouTubeDownload3.2.44.820.exe
2014-08-22 22:20 - 2014-08-22 22:20 - 01143151 _____ () C:\Users\Mika\Downloads\Evet, ich will!.pptx
2014-08-16 11:24 - 2014-08-16 11:24 - 00000000 ____D () C:\Users\Mika\Downloads\MediathekView_7
2014-08-16 11:19 - 2014-08-16 11:22 - 30755210 _____ () C:\Users\Mika\Downloads\MediathekView_7.zip
2014-08-15 15:41 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 15:41 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 15:41 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-15 15:41 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 15:41 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 15:41 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 15:41 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 15:41 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 15:41 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 15:41 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 15:41 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 15:41 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 15:41 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 15:41 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 15:41 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 15:41 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 15:41 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 15:41 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 15:41 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 15:41 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 15:41 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 15:41 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 15:41 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 15:41 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 15:41 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 15:41 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 15:41 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 15:41 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 15:41 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 15:41 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 15:41 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 15:41 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 15:41 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 15:41 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 15:41 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 15:41 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 15:41 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 15:41 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 15:39 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 15:39 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 15:39 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-15 15:39 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 15:39 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-15 15:39 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-15 15:38 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-15 15:38 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-15 15:38 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-15 15:38 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-15 15:35 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-15 15:34 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-15 15:34 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-15 15:34 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-15 15:34 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 15:34 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 15:34 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-15 15:34 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-15 15:34 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-15 15:34 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-15 15:34 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-15 15:34 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-15 15:34 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-15 15:34 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-15 15:34 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-15 15:34 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-15 15:34 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-15 15:34 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-15 15:34 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-15 15:34 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-15 15:34 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-15 15:34 - 2014-05-03 01:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-15 15:34 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-15 15:34 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-15 15:34 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-15 15:34 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-15 15:34 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-15 15:34 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-15 15:34 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-15 15:34 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-15 15:34 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-15 15:34 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-15 15:34 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-15 15:34 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-15 15:34 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-15 15:34 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-15 15:34 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-15 15:34 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-15 15:34 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-15 15:34 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-15 15:34 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-15 15:34 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-15 15:34 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-15 15:34 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-15 15:34 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-15 15:33 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-15 15:33 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-15 15:33 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-15 15:33 - 2014-05-31 12:07 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-15 15:33 - 2014-05-31 12:07 - 00440664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00419672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00089944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-15 15:33 - 2014-05-31 12:07 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-15 15:33 - 2014-05-31 08:30 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-15 15:33 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-15 15:33 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-15 15:33 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-15 15:33 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-15 15:33 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-15 15:33 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-15 15:33 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-15 15:33 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 15:33 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-15 15:33 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-15 15:32 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-15 15:30 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 15:30 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 15:30 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 15:30 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 15:30 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 15:30 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 15:30 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 15:30 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 15:30 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-08 14:24 - 2014-09-04 12:44 - 00027434 _____ () C:\Users\Mika\Downloads\FRST.txt
2014-09-08 14:23 - 2014-09-08 14:23 - 02105344 _____ (Farbar) C:\Users\Mika\Downloads\FRST64 (2).exe
2014-09-08 14:23 - 2014-09-04 12:44 - 00000000 ____D () C:\FRST
2014-09-08 14:19 - 2014-09-08 14:19 - 00854417 _____ () C:\Users\Mika\Downloads\SecurityCheck.exe
2014-09-08 14:19 - 2014-09-08 14:19 - 00854417 _____ () C:\Users\Mika\Downloads\SecurityCheck (1).exe
2014-09-08 14:10 - 2014-09-08 14:10 - 00000000 __SHD () C:\Users\Mika\AppData\Local\EmieUserList
2014-09-08 14:10 - 2014-09-08 14:10 - 00000000 __SHD () C:\Users\Mika\AppData\Local\EmieSiteList
2014-09-08 14:08 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-09-08 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-08 13:42 - 2014-04-06 17:22 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-08 09:59 - 2014-01-05 04:01 - 01456473 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 09:30 - 2014-09-08 09:30 - 02347384 _____ (ESET) C:\Users\Mika\Downloads\esetsmartinstaller_deu.exe
2014-09-08 09:30 - 2014-01-05 03:55 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-08 00:00 - 2014-04-04 07:40 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1401536446-3937075962-3797694313-1001
2014-09-07 23:42 - 2014-04-06 17:22 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-07 22:32 - 2014-01-05 04:13 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-09-07 22:25 - 2014-04-04 07:54 - 00000000 ___DO () C:\Users\Mika\SkyDrive
2014-09-07 22:23 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 21:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-07 21:41 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-06 13:27 - 2014-04-13 23:48 - 00868352 ___SH () C:\Users\Mika\Desktop\Thumbs.db
2014-09-06 12:39 - 2014-04-04 07:34 - 00000000 ____D () C:\Users\Mika\AppData\Local\Packages
2014-09-05 18:27 - 2014-09-05 18:27 - 00061094 _____ () C:\Users\Mika\Desktop\FRST.txt
2014-09-05 18:25 - 2014-09-05 18:25 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64 (1).exe
2014-09-05 18:06 - 2014-09-05 18:06 - 00000613 _____ () C:\Users\Mika\Desktop\JRT.txt
2014-09-05 17:55 - 2014-09-05 17:55 - 00000000 ____D () C:\Windows\ERUNT
2014-09-05 17:54 - 2014-09-05 17:54 - 01016261 _____ (Thisisu) C:\Users\Mika\Downloads\JRT.exe
2014-09-05 11:19 - 2014-08-22 22:44 - 00001380 _____ () C:\Users\Mika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-05 11:18 - 2014-04-04 07:31 - 00000000 ____D () C:\Users\Mika
2014-09-05 11:10 - 2014-09-05 11:10 - 00002231 _____ () C:\Users\Mika\Desktop\AdwCleaner[S0].txt
2014-09-05 11:09 - 2014-01-05 03:40 - 00071924 _____ () C:\Windows\PFRO.log
2014-09-05 11:09 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-09-05 11:08 - 2014-09-05 11:01 - 00000000 ____D () C:\AdwCleaner
2014-09-05 10:52 - 2014-09-05 10:51 - 01370483 _____ () C:\Users\Mika\Downloads\adwcleaner_3.309 (1).exe
2014-09-05 10:40 - 2014-09-05 10:40 - 01370483 _____ () C:\Users\Mika\Downloads\adwcleaner_3.309.exe
2014-09-05 10:39 - 2014-09-05 10:39 - 00010714 _____ () C:\Users\Mika\Desktop\mbam.txt
2014-09-05 10:37 - 2014-09-05 09:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 10:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\schemas
2014-09-05 09:41 - 2014-09-05 09:41 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-05 09:41 - 2014-09-05 09:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-05 09:40 - 2014-09-05 09:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mika\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-05 09:31 - 2014-09-05 09:19 - 00001286 _____ () C:\Users\Mika\Desktop\Revo Uninstaller.lnk
2014-09-05 09:31 - 2014-09-05 09:19 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-05 09:12 - 2014-09-05 09:12 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mika\Downloads\revosetup95.exe
2014-09-04 12:49 - 2014-09-04 12:46 - 00052390 _____ () C:\Users\Mika\Downloads\Addition.txt
2014-09-04 12:44 - 2014-09-04 12:44 - 02104832 _____ (Farbar) C:\Users\Mika\Downloads\FRST64.exe
2014-09-02 21:54 - 2014-09-02 21:54 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (2).xlsx
2014-09-02 21:52 - 2014-09-02 21:52 - 00053612 _____ () C:\Users\Mika\Downloads\college co-voiturage (1).xlsx
2014-09-02 21:42 - 2014-09-02 21:41 - 00025067 _____ () C:\Users\Mika\Downloads\college co-voiturage.xlsx
2014-09-02 21:39 - 2013-08-22 16:46 - 00022348 _____ () C:\Windows\setupact.log
2014-09-02 21:38 - 2013-08-22 16:44 - 05054648 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-02 00:06 - 2014-04-04 07:41 - 00000000 ____D () C:\ProgramData\softthinks
2014-09-01 10:38 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-31 22:48 - 2014-08-31 22:48 - 00000545 _____ () C:\Users\Mika\Downloads\calendrier_20150402000000_20150410235900.vcs
2014-08-25 23:51 - 2014-08-22 22:35 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\DVDVideoSoft
2014-08-25 17:43 - 2014-08-25 16:59 - 00000000 ____D () C:\Users\Mika\Desktop\Sommer 2014 bei den Roths
2014-08-25 17:37 - 2014-08-25 17:37 - 01998244 _____ () C:\Users\Mika\Downloads\attachments (12).zip
2014-08-25 17:36 - 2014-08-25 17:36 - 02107228 _____ () C:\Users\Mika\Downloads\attachments (11).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 03255969 _____ () C:\Users\Mika\Downloads\attachments (10).zip
2014-08-25 17:35 - 2014-08-25 17:35 - 02674751 _____ () C:\Users\Mika\Downloads\attachments (9).zip
2014-08-25 17:34 - 2014-08-25 17:34 - 02270156 _____ () C:\Users\Mika\Downloads\attachments (8).zip
2014-08-25 17:33 - 2014-08-25 17:33 - 02963525 _____ () C:\Users\Mika\Downloads\attachments (7).zip
2014-08-25 17:33 - 2014-08-25 17:32 - 01945200 _____ () C:\Users\Mika\Downloads\attachments (6).zip
2014-08-25 17:30 - 2014-08-25 17:30 - 02325830 _____ () C:\Users\Mika\Downloads\attachments (5).zip
2014-08-25 17:29 - 2014-08-25 17:28 - 02392400 _____ () C:\Users\Mika\Downloads\attachments (4).zip
2014-08-25 17:17 - 2014-08-25 17:16 - 02847479 _____ () C:\Users\Mika\Downloads\attachments (3).zip
2014-08-25 17:12 - 2014-08-25 17:12 - 03490850 _____ () C:\Users\Mika\Downloads\attachments (2).zip
2014-08-25 17:11 - 2014-08-25 17:11 - 03023231 _____ () C:\Users\Mika\Downloads\attachments (1).zip
2014-08-25 10:48 - 2014-06-20 08:35 - 00000000 ____D () C:\Users\Mika\Desktop\Dreier
2014-08-25 10:47 - 2014-04-29 22:48 - 00730112 ___SH () C:\Users\Mika\Downloads\Thumbs.db
2014-08-24 22:40 - 2014-08-24 21:25 - 602974611 _____ () C:\Users\Mika\Desktop\Dokumentation-112_Hochzeiten.mp4
2014-08-24 21:22 - 2014-06-11 10:43 - 00000000 ____D () C:\Users\Mika\MediathekView
2014-08-24 21:20 - 2014-06-11 10:38 - 00000000 ____D () C:\Users\Mika\.mediathek3
2014-08-24 21:12 - 2014-08-24 21:12 - 00139488 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-08-23 02:42 - 2014-08-27 23:43 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 23:00 - 2014-08-22 22:48 - 00000000 ____D () C:\ProgramData\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Roaming\AVG
2014-08-22 22:49 - 2014-08-22 22:49 - 00000000 ____D () C:\Users\Mika\AppData\Local\AVG
2014-08-22 22:48 - 2014-08-22 22:48 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-22 22:35 - 2014-08-22 22:32 - 27935080 _____ (DVDVideoSoft Ltd. ) C:\Users\Mika\Downloads\FreeYouTubeDownload3.2.44.820.exe
2014-08-22 22:25 - 2014-04-24 10:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-22 22:25 - 2014-04-24 10:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-22 22:20 - 2014-08-22 22:20 - 01143151 _____ () C:\Users\Mika\Downloads\Evet, ich will!.pptx
2014-08-21 16:11 - 2014-04-04 07:34 - 00000000 ____D () C:\Users\Mika\AppData\Local\VirtualStore
2014-08-19 23:37 - 2014-04-27 19:35 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-18 22:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-08-16 11:24 - 2014-08-16 11:24 - 00000000 ____D () C:\Users\Mika\Downloads\MediathekView_7
2014-08-16 11:22 - 2014-08-16 11:19 - 30755210 _____ () C:\Users\Mika\Downloads\MediathekView_7.zip
2014-08-15 16:19 - 2014-04-07 22:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 16:16 - 2014-04-07 22:39 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 16:11 - 2014-08-07 22:58 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 15:29 - 2014-07-25 17:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 15:29 - 2014-04-15 11:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 15:29 - 2014-04-06 17:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 15:29 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 15:29 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 15:29 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 15:29 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 15:29 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 15:29 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 15:29 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 15:29 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 15:29 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 15:29 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 15:29 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 15:28 - 2014-07-25 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 15:28 - 2014-04-15 11:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 15:11 - 2014-01-05 03:32 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-15 15:07 - 2014-06-11 15:21 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\openvpn-2.2.2-install.exe
C:\Users\Administrator\AppData\Local\Temp\ose00000.exe
C:\Users\Mika\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Mika\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Mika\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Mika\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Mika\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Mika\AppData\Local\Temp\zmqs123s.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-26 15:13
==================== End Of Log ============================
--- --- --- |
|
08.09.2014, 19:24
| #8 |
| /// the machine /// TB-Ausbilder | Yahoo Smartbar laesst sich im Control Panel nicht loeschen Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.09.2014, 10:44
| #9 |
| | Yahoo Smartbar laesst sich im Control Panel nicht loeschen Hallo Schrauber, ich habe noch einige Fragen und ein Kommentar. Die Anleitung fuer den ESET Online Scanner ist irgendwie veraltet und wenn man diesen heruntergeladen hat und dann alles einstellen will, wie ihr das geschrieben habt, dann gibt es noch andere Moeglichkeiten, die man anklicken kann und generell sind die Bereiche etwas anders aufgebaut. Vielleicht moet ihr euch das mal anschauen? Jetzt noch meine Fragen: Woher weiss ich denn, ob ich Defogger und Combofix benutzt habe? Wo finde ich das? Also, Combofix ist ja erklaert, aber Defogger nicht. Danke dir und werde deine Hinweise befolgen. Viele Gruesse Mareike |
|
10.09.2014, 20:15
| #10 |
| /// the machine /// TB-Ausbilder | Yahoo Smartbar laesst sich im Control Panel nicht loeschen Haben wir beides nicht benutzt, also gleich Delfix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Yahoo Smartbar laesst sich im Control Panel nicht loeschen |
| auf einmal, einfach, funktioniert, immer wieder, loeschen, pup.optional.downloadsponsor, pup.optional.helperbar.a, pup.optional.linkury.a, pup.optional.opencandy, pup.optional.smartbar, pup.optional.snapdo.t, pup.optional.superfish.a, pup.optional.websearch.a, schnelle, smartbar, total, trojan.agent, u.s./worldwide, versuch, versucht, win32/downloadsponsor.a, win32/hiddenstart.a, win32/opencandy.a, yahoo |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
