Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: SpyHunter 4 deinstallieren

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.12.2014, 13:44   #1
611wi
 
SpyHunter 4 deinstallieren - Standard

SpyHunter 4 deinstallieren



Hallo,

ich habe Spyhunter 4 installiert. Möchte ich das ganze jetzt deinstallieren, bekomme ich einen Link zum Kauf der Software aber die Deinstallation läuft nicht weiter.
Betriebssystem ist Win 8

Solltet Ihr noch mehr Info`s benötigen, gebe ich die gerne weiter.
Miniaturansicht angehängter Grafiken
SpyHunter 4 deinstallieren-meldung.jpg  

Alt 10.12.2014, 13:47   #2
schrauber
/// the machine
/// TB-Ausbilder
 

SpyHunter 4 deinstallieren - Standard

SpyHunter 4 deinstallieren



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 10.12.2014, 15:25   #3
611wi
 
SpyHunter 4 deinstallieren - Standard

SpyHunter 4 deinstallieren



So, habe die Anwendung laufen lassen.

Folgende Logs sind dabei herausgekommen
__________________

Alt 10.12.2014, 15:31   #4
611wi
 
SpyHunter 4 deinstallieren - Standard

SpyHunter 4 deinstallieren



Und noch einmal


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2014
Ran by Ina (administrator) on CARSTEN-LAP on 10-12-2014 15:22:49
Running from C:\Users\Ina\Downloads
Loaded Profile: Ina (Available profiles: Carsten & Ina & Gast)
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(REINER SCT) C:\WINDOWS\SysWOW64\cjpcsc.exe
() C:\Users\Ina\AppData\Roaming\NetController\netcontrollerservice.exe
(Microsoft Corporation) C:\WINDOWS\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosBrowserMonitor.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\passwordmanagercom.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 15\fredirstarter.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Users\Ina\AppData\Roaming\NetController\netcontroller.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\WINDOWS\System32\mspaint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosHotKeyService.exe [100864 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS15 Chrome Autofill Relay] => C:\Program Files (x86)\Steganos Privacy Suite 15\passwordmanagercom.exe [480120 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS15 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 15\fredirstarter.exe [17920 2014-08-04] (Steganos Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\...\Run: [SSS15 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 15\SteganosBrowserMonitor.exe [73216 2014-08-04] (Steganos Software GmbH)
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\...\Run: [Raptr] => C:\PROGRA~2\Raptr\raptrstub.exe --startup
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\WINDOWS\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\WINDOWS\System32\schtasks.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
HKU\S-1-5-21-2832616108-679565341-4177513334-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1414086852&from=cor&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409
SearchScopes: HKU\S-1-5-21-2832616108-679565341-4177513334-1003 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2832616108-679565341-4177513334-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409&q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 15\SPMIEToolbar64.dll (Steganos Software GmbH)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 15\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2832616108-679565341-4177513334-1003 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Ina\AppData\Roaming\Mozilla\Firefox\Profiles\i67hlt1o.default-1418204789442
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 15\spmplugin3 [2014-10-18]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn [2014-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-29]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-10-30]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Ina\AppData\Roaming\Mozilla\Firefox\Profiles\gpe4ya0u.default\extensions\detgdp@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?type=sc&ts=1418204241&from=wpm12103&uid=SAMSUNGXSSDX830XSeries_S0Z4NEAC867409

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-19]
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Ina\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-19]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Ina\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [518192 2014-01-27] (REINER SCT)
R2 NetControllerService; C:\Users\Ina\AppData\Roaming\NetController\netcontrollerservice.exe [187168 2014-10-16] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-12-10] (Enigma Software Group USA, LLC.)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-10] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20141203.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-12-10] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-10] ()
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20141209.001\IDSvia64.sys [637656 2014-11-18] (Symantec Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141209.004\ENG64.SYS [129752 2014-12-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20141209.004\EX64.SYS [2137304 2014-12-05] (Symantec Corporation)
R1 ncdevice; C:\Windows\system32\DRIVERS\ncdevice.sys [41248 2014-05-22] (NT Kernel Resources)
R1 SLEE_18_DRIVER; C:\WINDOWS\Sleen1864.sys [109144 2014-07-29] (Softwareentwicklung Remus - ArchiCrypt - )
R1 SRTSP; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1506000.020\SymELAM.sys [23568 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-10-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 15:22 - 2014-12-10 15:22 - 02119680 _____ (Farbar) C:\Users\Ina\Downloads\frst64.exe
2014-12-10 15:22 - 2014-12-10 15:22 - 00023030 _____ () C:\Users\Ina\Downloads\FRST.txt
2014-12-10 15:22 - 2014-12-10 15:22 - 00000000 ____D () C:\FRST
2014-12-10 13:21 - 2014-12-10 13:31 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-10 13:20 - 2014-12-10 13:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ina\Downloads\revosetup95.exe
2014-12-10 13:05 - 2014-12-10 13:05 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-12-10 13:02 - 2014-12-10 13:02 - 05049344 _____ (Crawler.com ) C:\Users\Ina\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-12-10 13:00 - 2014-12-10 13:00 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Ina\Downloads\avira_de_av___ws.exe
2014-12-10 11:00 - 2014-12-10 11:00 - 00003324 _____ () C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2014-12-10 11:00 - 2014-12-10 11:00 - 00001089 _____ () C:\Users\Ina\Desktop\SpyHunter.lnk
2014-12-10 11:00 - 2014-12-10 11:00 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\Enigma Software Group
2014-12-10 11:00 - 2014-12-10 11:00 - 00000000 ____D () C:\sh4ldr
2014-12-10 11:00 - 2014-12-10 11:00 - 00000000 _____ () C:\autoexec.bat
2014-12-10 10:59 - 2014-12-10 10:59 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Ina\Downloads\SpyHunter-Installer.exe
2014-12-10 10:59 - 2014-12-10 10:59 - 00022704 _____ () C:\WINDOWS\system32\Drivers\EsgScanner.sys
2014-12-10 10:59 - 2014-12-10 10:59 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-12-10 10:58 - 2014-12-10 10:58 - 00707664 _____ (iS3, Inc.) C:\Users\Ina\Downloads\SZSetup_AID10121_AV.exe
2014-12-10 10:37 - 2014-12-10 10:57 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-12-10 10:37 - 2014-12-10 10:37 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\WinZipper
2014-12-09 19:43 - 2014-12-09 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-04 18:27 - 2014-12-04 18:27 - 00002142 _____ () C:\Users\Ina\AppData\Local\recently-used.xbel
2014-12-02 09:36 - 2014-12-02 10:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-11-30 18:41 - 2014-11-30 18:41 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2014-11-30 18:40 - 2014-11-30 18:41 - 00000000 ____D () C:\ProgramData\RavensburgerTipToi
2014-11-30 18:40 - 2014-11-30 18:40 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\RavensburgerTipToi
2014-11-29 21:47 - 2014-11-29 21:47 - 00000000 ____D () C:\ProgramData\newbackup
2014-11-29 21:46 - 2014-11-29 21:46 - 00000000 ____D () C:\ProgramData\launcher
2014-11-29 01:21 - 2014-11-29 01:21 - 00002373 _____ () C:\Users\Public\Desktop\Paragon Backup and Recovery™ 2014 Free.lnk
2014-11-29 01:21 - 2014-11-29 01:21 - 00002205 _____ () C:\Users\Public\Desktop\Paragon Recovery Media Builder™.lnk
2014-11-29 01:21 - 2014-11-29 01:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Backup and Recovery™ 2014 Free
2014-11-29 01:21 - 2014-11-29 01:21 - 00000000 ____D () C:\Program Files\Paragon Software
2014-11-29 01:20 - 2014-11-29 01:20 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Downloaded Installations
2014-11-29 01:19 - 2014-11-29 01:19 - 00000000 ____D () C:\ProgramData\explauncher
2014-11-26 10:56 - 2014-11-19 08:29 - 00582552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutoUpdate.exe
2014-11-26 10:56 - 2014-11-19 08:29 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-11-24 10:29 - 2014-11-24 10:29 - 00008077 _____ () C:\Users\Ina\Downloads\Konto_2291037-Auszug_2014_015_mt940.txt
2014-11-24 07:59 - 2014-11-24 07:59 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-11-24 07:49 - 2014-11-24 07:49 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\ATI
2014-11-24 07:49 - 2014-11-24 07:49 - 00000000 ____D () C:\Users\Gast\AppData\Local\SRS Labs
2014-11-24 07:49 - 2014-11-24 07:49 - 00000000 ____D () C:\Users\Gast\AppData\Local\ATI
2014-11-24 07:48 - 2014-11-24 07:59 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Samsung
2014-11-24 07:48 - 2014-11-24 07:59 - 00000000 ____D () C:\Users\Gast\AppData\Local\Adobe
2014-11-24 07:48 - 2014-11-24 07:49 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Steganos
2014-11-24 07:48 - 2014-11-24 07:48 - 00005718 _____ () C:\Users\Gast\Desktop\Entfernte Anwendungen.html
2014-11-24 07:48 - 2014-11-24 07:48 - 00002249 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2014-11-24 07:48 - 2014-11-24 07:48 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-11-24 07:48 - 2014-11-24 07:48 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Logitech
2014-11-24 07:48 - 2014-11-24 07:48 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-11-24 07:48 - 2014-11-24 07:48 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-11-23 21:19 - 2014-10-11 08:44 - 19764736 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-23 21:19 - 2014-10-11 06:57 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-23 21:19 - 2014-10-09 04:59 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-11-23 21:19 - 2014-10-09 04:59 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-11-23 21:19 - 2014-10-09 04:58 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-11-23 21:19 - 2014-09-26 07:30 - 01484288 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-11-23 21:19 - 2014-09-22 06:38 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-11-23 21:19 - 2014-09-22 04:56 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-11-23 21:19 - 2014-09-18 00:24 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2014-11-23 21:19 - 2014-09-18 00:24 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2014-11-23 21:19 - 2014-09-18 00:24 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2014-11-23 21:19 - 2014-09-18 00:24 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2014-11-23 21:19 - 2014-09-17 23:57 - 01346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2014-11-23 21:19 - 2014-09-17 23:57 - 00652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2014-11-23 21:19 - 2014-09-17 23:57 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2014-11-23 21:19 - 2014-09-17 23:57 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2014-11-23 21:02 - 2014-11-05 07:40 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-23 21:02 - 2014-11-05 07:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-23 21:02 - 2014-11-05 04:16 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-23 21:02 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-23 21:02 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-23 21:02 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-23 21:02 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-23 21:02 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-23 21:02 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-23 21:02 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-23 21:02 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-23 21:02 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-23 21:02 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-23 21:02 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-23 21:02 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-23 21:02 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-23 21:02 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-23 21:02 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-23 21:02 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-23 21:02 - 2014-10-02 23:29 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-23 21:02 - 2014-10-02 23:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-23 21:02 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-23 21:02 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-23 21:02 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-23 21:02 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-23 21:02 - 2014-09-06 01:46 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-23 21:02 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-11-23 21:02 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-11-23 21:02 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-23 21:02 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2014-11-23 21:02 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-23 21:02 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-11-23 21:02 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2014-11-23 21:02 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-23 21:02 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-23 21:02 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-23 21:02 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2014-11-23 21:02 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2014-11-23 21:02 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-23 21:02 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-11-23 21:01 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-23 21:01 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-23 21:01 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-23 21:01 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-11-23 21:01 - 2014-10-26 02:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-23 21:01 - 2014-10-26 02:55 - 19284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-23 21:01 - 2014-10-26 02:55 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-23 21:01 - 2014-10-26 02:55 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-23 21:01 - 2014-10-26 02:55 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 15399424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-23 21:01 - 2014-10-26 02:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-23 21:01 - 2014-10-26 02:53 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-23 21:01 - 2014-10-26 01:36 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-23 21:01 - 2014-10-26 01:35 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 13758464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-23 21:01 - 2014-10-26 01:34 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-23 21:01 - 2014-10-26 01:34 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-23 21:01 - 2014-10-26 01:19 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-11-23 21:01 - 2014-10-26 01:13 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-11-23 21:01 - 2014-10-25 22:48 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-11-23 21:01 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-23 21:01 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-23 21:01 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-23 21:01 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-11-23 21:01 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-23 21:01 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-11-23 21:01 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-23 21:01 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-23 21:01 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-23 21:01 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-23 21:01 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-23 21:01 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-22 14:00 - 2014-11-22 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REINER SCT cyberJack
2014-11-22 14:00 - 2014-01-27 17:08 - 00518192 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjpcsc.exe
2014-11-22 14:00 - 2013-05-17 14:17 - 00227672 _____ (Reiner Kartengeräte GmbH & Co.KG 1999-2012) C:\WINDOWS\SysWOW64\cjeca32.dll
2014-11-22 14:00 - 2012-10-19 15:42 - 00787576 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjpcsc32.dll
2014-11-22 14:00 - 2010-02-10 19:39 - 00269824 _____ (REINER SCT) C:\WINDOWS\SysWOW64\rsct_pnp.dll
2014-11-22 14:00 - 2007-05-31 07:38 - 00167936 _____ () C:\WINDOWS\SysWOW64\SerialXP.dll
2014-11-21 21:14 - 2014-11-26 12:31 - 00000000 ____D () C:\ProgramData\tmp
2014-11-21 21:14 - 2014-11-21 21:14 - 00000000 ____D () C:\ProgramData\hps
2014-11-21 21:13 - 2014-11-21 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnlineFotoservice
2014-11-21 21:09 - 2014-11-21 21:09 - 00000000 ____D () C:\Program Files\OnlineFotoservice
2014-11-21 21:08 - 2014-11-21 21:09 - 01627528 _____ () C:\Users\Ina\Downloads\setup_OnlineFotoservice.exe
2014-11-21 20:03 - 2014-11-21 21:05 - 00000000 ____D () C:\Users\Ina\Desktop\Kalender
2014-11-19 20:44 - 2014-11-19 20:44 - 00309248 _____ (Microsoft Corporation) C:\Users\Ina\Downloads\wmpfirefoxplugin.exe
2014-11-18 23:25 - 2014-11-18 23:25 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\XMedia Recode
2014-11-18 23:23 - 2014-11-18 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-11-18 23:23 - 2014-11-18 23:23 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-11-16 21:27 - 2014-11-16 21:27 - 00002249 _____ () C:\Users\Carsten\Desktop\Google Chrome.lnk
2014-11-16 21:27 - 2014-11-16 21:27 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Google
2014-11-16 20:24 - 2014-11-16 20:24 - 00000000 ____D () C:\Users\Ina\AppData\Local\Microsoft Help
2014-11-13 13:24 - 2014-11-22 14:00 - 00001137 _____ () C:\Users\Public\Desktop\cyberJack Gerätemanager,  Funktionstest.lnk
2014-11-13 13:24 - 2014-11-22 14:00 - 00000000 ____D () C:\Program Files (x86)\REINER SCT
2014-11-13 13:24 - 2012-09-04 17:58 - 00058442 _____ () C:\WINDOWS\SysWOW64\cjbc_en.lan
2014-11-13 13:24 - 2012-02-22 15:48 - 00063069 _____ () C:\WINDOWS\SysWOW64\cjbc_de.lan
2014-11-13 13:24 - 2012-02-19 19:32 - 00713648 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjpcscui.exe
2014-11-13 13:24 - 2012-02-14 11:48 - 00432560 _____ (REINER SCT) C:\WINDOWS\SysWOW64\ctrsct64.dll
2014-11-13 13:24 - 2012-02-14 11:48 - 00352688 _____ (REINER SCT) C:\WINDOWS\SysWOW64\ctrsct32.dll
2014-11-13 13:24 - 2012-02-14 11:48 - 00208816 _____ (Reiner Kartengeräte GmbH) C:\WINDOWS\SysWOW64\cjppa32.dll
2014-11-13 13:24 - 2012-02-14 11:48 - 00053680 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjKbBase.dll
2014-11-13 13:24 - 2012-02-14 11:47 - 00063408 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjpcscli.exe
2014-11-13 13:24 - 2011-07-22 07:50 - 00359856 _____ (REINER SCT) C:\WINDOWS\SysWOW64\zkasigct.dll
2014-11-13 13:24 - 2009-11-09 09:48 - 00061952 _____ ( REINER SCT) C:\WINDOWS\SysWOW64\cjtpl.cpl
2014-11-13 13:24 - 2009-03-09 17:17 - 00274224 _____ (REINER SCT) C:\WINDOWS\SysWOW64\gkapi.dll
2014-11-13 13:24 - 2008-03-25 09:24 - 00060702 _____ () C:\WINDOWS\SysWOW64\rsct_pv_start.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00060702 _____ () C:\WINDOWS\SysWOW64\rsct_mv_start.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00013084 _____ () C:\WINDOWS\SysWOW64\rsct_key_clear.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00013026 _____ () C:\WINDOWS\SysWOW64\rsct_key_err.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00004636 _____ () C:\WINDOWS\SysWOW64\rsct_key_1.wav
2014-11-13 13:24 - 2008-03-25 09:24 - 00000656 _____ () C:\WINDOWS\SysWOW64\rsct_key.wav
2014-11-13 13:24 - 2008-03-19 13:48 - 00033136 _____ () C:\WINDOWS\SysWOW64\rsct_pv_stop.wav
2014-11-13 13:24 - 2008-03-19 13:48 - 00033136 _____ () C:\WINDOWS\SysWOW64\rsct_mv_stop.wav
2014-11-13 13:24 - 2007-11-07 12:20 - 00344064 _____ (REINER SCT) C:\WINDOWS\SysWOW64\SetupHBCI.exe
2014-11-13 13:24 - 2007-11-07 12:20 - 00196608 _____ (REINER SCT) C:\WINDOWS\SysWOW64\rsct_pnp.exe
2014-11-13 13:24 - 2007-05-31 07:38 - 00434252 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCRTD.DLL
2014-11-13 13:24 - 2007-05-31 07:38 - 00151552 _____ (REINER SCT) C:\WINDOWS\SysWOW64\OcfCopy.exe
2014-11-13 13:24 - 2007-05-31 07:38 - 00053248 _____ (REINER SCT) C:\WINDOWS\SysWOW64\cjtrm.dll
2014-11-13 13:24 - 2007-05-31 07:38 - 00041472 _____ (IBM Corporation) C:\WINDOWS\SysWOW64\ocfpcsc1.dll
2014-11-13 13:24 - 2007-05-31 07:38 - 00027648 _____ () C:\WINDOWS\SysWOW64\win32com.dll
2014-11-13 13:24 - 2007-05-31 07:38 - 00014949 _____ (franson.biz) C:\WINDOWS\SysWOW64\Drivers\bizVSerialNT.sys
2014-11-13 13:23 - 2014-11-13 13:23 - 11104520 _____ (Macrovision Corporation) C:\Users\Ina\Downloads\bc_6_10_8.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 15:17 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-10 13:42 - 2014-01-20 13:03 - 00909312 ___SH () C:\Users\Ina\Desktop\Thumbs.db
2014-12-10 13:33 - 2012-07-26 11:27 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-10 13:33 - 2012-07-26 11:27 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-10 13:33 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-10 13:32 - 2014-10-23 18:54 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-10 13:32 - 2014-10-18 12:46 - 00000000 ____D () C:\Program Files (x86)\Steganos Privacy Suite 15
2014-12-10 13:28 - 2014-11-09 21:52 - 00001144 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 13:28 - 2014-10-18 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 13:28 - 2014-10-17 23:40 - 00022054 _____ () C:\WINDOWS\PFRO.log
2014-12-10 13:28 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-10 13:28 - 2012-07-26 06:26 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-10 13:04 - 2014-11-09 21:52 - 00001148 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-10 11:00 - 2014-10-17 23:41 - 00000000 ____D () C:\Users\Ina
2014-12-10 10:46 - 2014-08-29 12:09 - 00000000 ____D () C:\Users\Ina\Desktop\Alte Firefox-Daten
2014-12-10 10:44 - 2014-11-09 21:52 - 00000000 ____D () C:\Users\Ina\AppData\Local\Google
2014-12-10 10:37 - 2014-10-23 18:54 - 00000000 ____D () C:\Users\Ina\AppData\Local\CrashDumps
2014-12-10 10:37 - 2014-10-18 10:30 - 00001373 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-10 10:37 - 2014-10-18 10:30 - 00001361 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-10 10:37 - 2014-10-18 09:58 - 00001652 _____ () C:\Users\Ina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-10 08:03 - 2014-10-19 12:31 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-09 23:00 - 2014-10-19 22:25 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\vlc
2014-12-08 20:34 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-07 18:53 - 2014-10-21 20:17 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-12-07 11:52 - 2014-10-19 22:26 - 00000000 ____D () C:\Users\Carsten\AppData\Local\CrashDumps
2014-12-07 11:32 - 2014-10-19 21:25 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\UseNeXT
2014-12-04 19:22 - 2014-10-30 21:27 - 00000000 ____D () C:\Users\Ina\.gimp-2.8
2014-11-30 22:40 - 2014-10-17 23:42 - 00000000 ____D () C:\Users\Carsten\AppData\Local\VirtualStore
2014-11-30 21:44 - 2014-10-18 10:03 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2832616108-679565341-4177513334-1003
2014-11-30 18:44 - 2012-07-26 08:21 - 01354469 _____ () C:\WINDOWS\setupact.log
2014-11-30 18:41 - 2014-07-22 15:43 - 00000763 _____ () C:\Users\Ina\Desktop\tiptoi.lnk
2014-11-29 19:32 - 2014-10-17 23:41 - 01440872 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-29 01:23 - 2010-07-06 19:29 - 00000000 ____D () C:\Download
2014-11-28 16:45 - 2014-10-18 00:34 - 00000000 ____D () C:\WINDOWS\Panther
2014-11-28 16:45 - 2014-09-24 16:19 - 00000000 ___HD () C:\$Windows.~BT
2014-11-28 16:44 - 2009-07-29 06:10 - 00000000 __SHD () C:\Recovery
2014-11-28 16:22 - 2009-07-29 07:03 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-11-28 16:21 - 2014-10-17 23:41 - 00095253 _____ () C:\WINDOWS\diagwrn.xml
2014-11-28 16:21 - 2014-10-17 23:41 - 00095253 _____ () C:\WINDOWS\diagerr.xml
2014-11-28 16:21 - 2012-07-26 09:13 - 00003144 _____ () C:\WINDOWS\DtcInstall.log
2014-11-28 16:18 - 2014-10-18 07:38 - 00003133 _____ () C:\WINDOWS\comsetup.log
2014-11-28 16:17 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-28 16:10 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-11-26 11:48 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-26 11:19 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 04:42 - 2011-06-11 00:58 - 00773808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100.dll
2014-11-26 04:42 - 2011-06-11 00:58 - 00421040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp100.dll
2014-11-24 07:48 - 2014-10-17 23:41 - 00000000 ____D () C:\Users\Gast
2014-11-23 21:42 - 2014-10-19 22:36 - 00323760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-23 21:41 - 2014-10-18 06:50 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-23 21:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-23 21:29 - 2014-10-19 20:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-23 21:23 - 2014-10-23 18:54 - 00000000 ____D () C:\Program Files (x86)\RCP
2014-11-23 21:22 - 2014-10-18 00:31 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-23 21:20 - 2014-10-18 00:31 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-22 14:00 - 2014-10-22 21:22 - 00019444 _____ () C:\WINDOWS\DPINST.LOG
2014-11-22 14:00 - 2014-10-22 21:22 - 00000396 _____ () C:\WINDOWS\hbcikrnl.ini
2014-11-21 19:22 - 2014-10-19 21:24 - 00000782 _____ () C:\Users\Carsten\Desktop\UseNeXT by Tangysoft.lnk
2014-11-21 19:22 - 2014-10-19 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-20 21:56 - 2012-07-26 09:14 - 00713672 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 21:56 - 2012-07-26 09:14 - 00106440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-19 22:06 - 2014-10-21 12:15 - 00073624 _____ () C:\Users\Ina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-17 13:49 - 2014-06-09 09:35 - 00336896 ___SH () C:\Users\Ina\Downloads\Thumbs.db
2014-11-14 19:59 - 2014-11-09 21:52 - 00004120 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 19:59 - 2014-11-09 21:52 - 00003884 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 12:33 - 2014-10-30 20:58 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-11-14 12:33 - 2014-10-30 20:58 - 00002212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-11-14 12:33 - 2014-10-30 20:58 - 00002051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-11-13 13:24 - 2014-10-22 21:21 - 00000000 ____D () C:\ProgramData\REINER SCT
2014-11-13 13:24 - 2014-10-19 22:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-12 20:43 - 2014-10-18 10:29 - 00000000 ____D () C:\Users\Ina\AppData\Roaming\NetController

Some content of TEMP:
====================
C:\Users\Carsten\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\Carsten\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Carsten\AppData\Local\Temp\ose00000.exe
C:\Users\Carsten\AppData\Local\Temp\raptrpatch.exe
C:\Users\Carsten\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-07 00:56

==================== End Of Log ============================
         
--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014
Ran by Ina at 2014-12-10 15:23:18
Running from C:\Users\Ina\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0055 - ASUS)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.8 - REINER SCT)
Foxit Reader (HKLM-x32\...\{27E3028E-06C8-4C09-8C3E-07F7F508304E}) (Version: 5.3.1.606 - Foxit Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
NetController (web controller) (HKLM-x32\...\NetController) (Version: 3.0.0.7 - Inquiro SA)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.0.1 - CEWE Stiftung u Co. KGaA)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - Piranha Bytes)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.32.00(01.04.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.5.0 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Software (web controller) (HKLM-x32\...\Software) (Version: 3.0.0.7 - Inquiro SA)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.4300 - SRS Labs, Inc.)
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 9.0  (HKLM-x32\...\{B1F8BD2D-0E6A-48D0-9F8F-2C4E71F1F6DE}) (Version: 9.0 - Star Finanz GmbH)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Steganos Privacy Suite 15 (HKLM-x32\...\{704C8372-B1C3-4A76-AA5C-B91021B1DCFA}) (Version: 15.2.4 - Steganos Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WindowsMangerProtect20.0.0.1013 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ATTENTION
XMedia Recode Version 3.2.0.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.2 - XMedia Recode)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

07-12-2014 11:12:13 Geplanter Prüfpunkt
10-12-2014 12:21:50 Revo Uninstaller's restore point - SpyHunter 4

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02A92145-C484-4F51-AEA6-CC206028D2F6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-23] (Microsoft Corporation)
Task: {25A59AA6-E035-43C4-ADEB-7ECBCD132246} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {3DCF56C7-5355-4C50-9267-8373AAC6502A} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-12-10] (Enigma Software Group USA, LLC.)
Task: {6B1B1C3C-1FB9-47F7-847C-836A447C0982} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {8337DE87-4C42-4ABC-B324-BD136282428D} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-06-06] (IObit)
Task: {8ACF7B49-06C7-41A0-8569-18A81BC40CDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {91A84425-629C-4433-8B78-BA441570F466} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {D28BE9CE-374D-4CE2-943B-06B07521658D} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E5565731-6903-4B26-B7D5-5935A508A9F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-05 12:19 - 2014-08-05 12:19 - 00034304 _____ () C:\WINDOWS\System32\sst6clm.dll
2014-10-16 09:23 - 2014-10-16 09:23 - 00187168 _____ () C:\Users\Ina\AppData\Roaming\NetController\netcontrollerservice.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-10-16 09:23 - 2014-10-29 07:56 - 00795424 _____ () C:\Users\Ina\AppData\Roaming\NetController\netcontroller.exe
2014-10-21 20:19 - 2011-01-13 09:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2014-10-18 13:54 - 2014-06-06 12:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-10-18 13:54 - 2014-06-06 12:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-10-18 13:54 - 2014-06-06 12:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-10-18 13:54 - 2014-06-06 12:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2014-12-02 09:36 - 2014-12-02 09:36 - 03339376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-12-02 09:36 - 2014-12-02 09:36 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-12-02 09:36 - 2014-12-02 09:36 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-12-09 19:43 - 2014-12-09 19:43 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2832616108-679565341-4177513334-500 - Administrator - Disabled)
Carsten (S-1-5-21-2832616108-679565341-4177513334-1001 - Administrator - Enabled) => C:\Users\Carsten
Gast (S-1-5-21-2832616108-679565341-4177513334-501 - Limited - Enabled) => C:\Users\Gast
Ina (S-1-5-21-2832616108-679565341-4177513334-1003 - Administrator - Enabled) => C:\Users\Ina

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2014 01:21:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (12/10/2014 10:37:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 39.0.2171.71, Zeitstempel: 0x547407a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b485c4
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00078c9e
ID des fehlerhaften Prozesses: 0x2378
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/10/2014 10:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 39.0.2171.71, Zeitstempel: 0x547407a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b485c4
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00078c9e
ID des fehlerhaften Prozesses: 0x5a4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/10/2014 10:37:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 39.0.2171.71, Zeitstempel: 0x547407a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b485c4
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00078c9e
ID des fehlerhaften Prozesses: 0x34
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/10/2014 10:37:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x23e0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (12/07/2014 11:52:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0xa98
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (12/07/2014 11:51:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0x146c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (12/07/2014 11:51:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0x27ec
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (12/07/2014 11:45:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0x918
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (12/07/2014 11:43:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.17046, Zeitstempel: 0x53b4864c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000173ec
ID des fehlerhaften Prozesses: 0x2724
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5


System errors:
=============
Error: (12/10/2014 01:49:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/10/2014 01:27:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/10/2014 10:59:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "cyberJack PC/SC COM Service " wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/10/2014 10:59:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NetController service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/10/2014 10:59:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WindowsMangerProtect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/10/2014 10:57:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WinZiper service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/09/2014 11:12:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/09/2014 01:19:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/08/2014 11:30:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/08/2014 08:34:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 38%
Total physical RAM: 3948.55 MB
Available physical RAM: 2418.81 MB
Total Pagefile: 5804.55 MB
Available Pagefile: 3341.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:91.12 GB) (Free:36.84 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:147.34 GB) (Free:16.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 88E7C5B0)
Partition 1: (Active) - (Size=91.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=147.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 11.12.2014, 09:29   #5
schrauber
/// the machine
/// TB-Ausbilder
 

SpyHunter 4 deinstallieren - Standard

SpyHunter 4 deinstallieren



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    RegClean-Pro

    WindowsMangerProtect20.0.0.1013 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ATTENTION

    SpyHunter

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu SpyHunter 4 deinstallieren
benötige, deinstallation, deinstalliere, deinstallieren, fehlercode 0x80000003, fehlercode 0xc0000005, fehlercode 0xc0000142, fehlercode windows, installier, link, regclean-pro entfernen, software, spyhunter, spyhunter 4, spyhunter entfernen, sweet-page, sweet-page entfernen, this device cannot start. (code10), win



Ähnliche Themen: SpyHunter 4 deinstallieren


  1. Spyhunter 4 läßt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 06.04.2016 (42)
  2. ilivid add on eingefangen hab spyhunter 4 installiert bei windows 7 32 bit wie kann ich das deinstallieren
    Log-Analyse und Auswertung - 01.10.2015 (3)
  3. SPYHUNTER auf WIN 8.1 lässt sich nicht mehr deinstallieren
    Log-Analyse und Auswertung - 12.08.2015 (8)
  4. spyhunter entfernen deinstallieren geht nicht
    Log-Analyse und Auswertung - 08.08.2015 (1)
  5. Habe SpyHunter runtergeladen und kann nicht mehr deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 25.06.2015 (27)
  6. Spyhunter 4 deinstallieren und alle mal
    Log-Analyse und Auswertung - 23.04.2015 (1)
  7. Crossbrowse und SpyHunter deinstallieren funktioniert nicht!
    Log-Analyse und Auswertung - 02.04.2015 (8)
  8. Spyhunter 4 deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 26.02.2015 (15)
  9. Spyhunter 4 lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (16)
  10. PROBLEME mit Spyhunter und mystart! Wie bekomme ich Spyhunter wieder weg?
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (13)
  11. Windows 7 Home Premium - SpyHunter 4 deinstallieren
    Log-Analyse und Auswertung - 16.09.2014 (17)
  12. SpyHunter
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (3)
  13. Spyhunter 4
    Lob, Kritik und Wünsche - 09.01.2014 (0)
  14. Spyhunter lässt sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 06.12.2013 (7)
  15. Mit Spyhunter 47 Bedrohungen gefunden, Spyhunter wurde aber wieder deinstalliert.
    Log-Analyse und Auswertung - 25.10.2013 (9)
  16. qv06 und SpyHunter
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (21)
  17. Spyhunter
    Antiviren-, Firewall- und andere Schutzprogramme - 14.09.2007 (4)

Zum Thema SpyHunter 4 deinstallieren - Hallo, ich habe Spyhunter 4 installiert. Möchte ich das ganze jetzt deinstallieren, bekomme ich einen Link zum Kauf der Software aber die Deinstallation läuft nicht weiter. Betriebssystem ist Win 8 - SpyHunter 4 deinstallieren...
Archiv
Du betrachtest: SpyHunter 4 deinstallieren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.