Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: QV06 Suchmaschine

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 30.09.2013, 14:40   #1
floju18
 
QV06 Suchmaschine - Standard

QV06 Suchmaschine



Hallo,

bei Download habe ich mir wohl etwas eingefangen Seitdem habe ich das Problem, dass ich im Firefox auf die "QV06-Suchmaschine" umgeleitet werde.

Bei der Abarbeitung eurer Foren-Checkliste lief alles gut, bis ich bei Schritt 3 "Scan mit GMER" ankam: Zweimal hat sich mein Laptop während des Scans aufgehängt. Jetzt bin ich verunsichert, was ich tun soll.

Logfiles anbei
Angehängte Dateien
Dateityp: pdf JRT - .pdf (13,0 KB, 186x aufgerufen)
Dateityp: pdf FRST - .pdf (62,5 KB, 471x aufgerufen)
Dateityp: pdf Addition -.pdf (41,5 KB, 361x aufgerufen)

Alt 30.09.2013, 15:03   #2
M-K-D-B
/// TB-Ausbilder
 
QV06 Suchmaschine - Standard

QV06 Suchmaschine






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
    Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
    Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.



Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen.
__________________

__________________

Alt 30.09.2013, 15:05   #3
M-K-D-B
/// TB-Ausbilder
 
QV06 Suchmaschine - Standard

QV06 Suchmaschine



Servus,


lass bitte das mit den PDF Dokumenten, ist viel zu umständlich.


Poste mir die beiden FRST als Textdokumente direkt hier rein, das geht so.
__________________
__________________

Alt 01.10.2013, 13:04   #4
floju18
 
QV06 Suchmaschine - Standard

QV06 Suchmaschine




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by WWK Premium Partner (administrator) on PPKHP6560B on 01-10-2013 13:53:53
Running from C:\Users\WWK Premium Partner\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\windows\system32\atieclxx.exe
(Hewlett-Packard Company) C:\windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\windows\system32\vcsFPService.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Hewlett-Packard Company) c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Infineon Technologies AG) c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
(Infineon Technologies AG) c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(NÜRNBERGER Versicherungsgruppe) C:\Program Files (x86)\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Infineon Technologies AG) c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
(Quest Software) C:\windows\system32\pnusbvirtualhubwssrv.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Quest Software) C:\windows\SysWOW64\pnssosvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(SCHALLÖHR VERLAG GmbH) C:\Program Files (x86)\SCHALLÖHR VERLAG GmbH\Beamte2013\X_update2013beamte.exe
(NÜRNBERGER Versicherungsgruppe) C:\Program Files (x86)\NÜRNBERGER AutoUpdater\BT.Setup.Updater.TrayApp.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Quest Software) C:\Windows\SysWOW64\PNUSBCLITRAY.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\HanseMerkur\ServiceExtensions\jre\bin\javaw.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Quest Software) C:\Windows\SysWOW64\PNTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Infineon Technologies AG) c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Farbar) C:\Users\WWK Premium Partner\Downloads\FRST64(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-10-15] (Synaptics Incorporated)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [5398528 2012-02-14] (Broadcom Corporation)
HKLM\...\Run: [MfeEpePcMonitor] - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2012-04-05] ()
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-01-10] (IDT, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59872 2012-12-17] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59872 2012-12-17] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59872 2012-12-17] (Apple Inc.)
HKLM-x32\...\Run: [File Sanitizer] - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12277248 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DsMgr] - C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [93240 2011-03-11] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [IFXSPMGT] - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2012-09-17] (Hewlett-Packard Company)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-11] (PDF Complete Inc)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [522736 2011-04-18] ()
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [381440 2009-08-06] (shbox.de)
HKLM-x32\...\Run: [ISA Service Extensions] - C:\Program Files (x86)\HanseMerkur\ServiceExtensions\start_serviceextensions.bat [78 2013-05-17] ()
HKLM-x32\...\Run: [pnusbclitray] - C:\Windows\\SysWOW64\pnusbclitray.exe [67920 2013-03-12] (Quest Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-24] (CANON INC.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968 2012-12-20] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
Lsa: [Notification Packages] DPPassFilter EpePcNp64 scecli
Startup: C:\Users\WWK Premium Partner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ie_de_display?ie=UTF8&tagbase=bds-p07&tbrId=v1_abb-channel-7_5a814bd5f88c488b9a1f2f5778b9c9df_30_46_20130917_DE_ie_sp_
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: LyriXeeker-1 - {11111111-1111-1111-1111-110411181156} - C:\Program Files (x86)\LyriXeeker-1\LyriXeeker-1-bho64.dll No File
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll ()
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: mso-offdap - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9BF6FEA5-D37A-43C5-8F14-EC9850A923D6}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\WWK Premium Partner\AppData\Roaming\Mozilla\Firefox\Profiles\vs717c5b.default
FF DefaultSearchEngine: Amazon 
FF SearchEngineOrder.1: Amazon 
FF SelectedSearchEngine: Amazon 
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p07_serp_ff_de_display?ie=UTF8&tagbase=bds-p07&tag=bds-p07-serp-de-ff-21&tbrId=v1_abb-channel-7_5a814bd5f88c488b9a1f2f5778b9c9df_30_46_20130917_DE_ff_ab_&query=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\WWK Premium Partner\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\WWK Premium Partner\AppData\Roaming\Mozilla\Firefox\Profiles\vs717c5b.default\Extensions\763ab44b-71df-436c-906e-2ee8e1d7b302@af951efb-381e-47b2-ac45-80df41e44bc7.com
FF Extension: No Name - C:\Users\WWK Premium Partner\AppData\Roaming\Mozilla\Firefox\Profiles\vs717c5b.default\Extensions\abb@amazon.com
FF Extension: LastPass - C:\Users\WWK Premium Partner\AppData\Roaming\Mozilla\Firefox\Profiles\vs717c5b.default\Extensions\support@lastpass.com
FF Extension: No Name - C:\Users\WWK Premium Partner\AppData\Roaming\Mozilla\Firefox\Profiles\vs717c5b.default\Extensions\ac2d3b039f0ce897e9a65010f184e784d8e54512d2bcf025ab121d40fd5a7419_lp.key
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968 2012-12-20] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3516408 2013-07-05] (devolo AG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 IFXSpMgtSrv; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1125728 2011-01-20] (Infineon Technologies AG)
R2 IFXTCS; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [980320 2011-01-20] (Infineon Technologies AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2012-04-05] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NbgAutoUpdater; C:\Program Files (x86)\NÜRNBERGER AutoUpdater\BT.Setup.InstallationsDienst.exe [26224 2012-03-06] (NÜRNBERGER Versicherungsgruppe)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc)
R2 PersonalSecureDriveService; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [203104 2011-01-20] (Infineon Technologies AG)
R2 pnusbvirtualhubwssrv; C:\windows\system32\pnusbvirtualhubwssrv.exe [474112 2013-07-26] (Quest Software)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE [48128 2012-02-14] (Broadcom Corporation)
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [586280 2011-03-03] (Ericsson AB)
S2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]

==================== Drivers (Whitelisted) ====================

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-24] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-24] (Ericsson AB)
R3 h36wgps; C:\Windows\System32\DRIVERS\h36wgps64.sys [101416 2011-03-01] (Ericsson AB)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26712 2011-02-08] (JMicron Technology Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620128 2013-09-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-09-03] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2012-09-03] (Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-09-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-09-19] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [100808 2012-04-05] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158920 2012-04-05] (McAfee, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2010-01-26] (Infineon Technologies AG)
R2 pnpnptool; C:\windows\system32\Drivers\pnpnptool.sys [52176 2013-07-26] (Quest Software)
S3 pnusbd; C:\windows\system32\Drivers\pnusbd.sys [37712 2013-07-26] (Quest Software)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1863680 2012-03-30] (Sonix Co. Ltd.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [277032 2011-03-04] (Ericsson AB)
S3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-09-19] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-01 13:52 - 2013-10-01 13:52 - 01953880 _____ (Farbar) C:\Users\WWK Premium Partner\Downloads\FRST64(1).exe
2013-09-30 21:13 - 2013-09-30 21:13 - 00000000 ____D C:\Users\WWK Premium Partner\Desktop\Neuer Ordner
2013-09-30 15:29 - 2013-09-30 15:29 - 00033827 _____ C:\Users\WWK Premium Partner\Downloads\Addition.txt
2013-09-30 15:28 - 2013-09-30 15:28 - 00000000 ____D C:\FRST
2013-09-30 15:27 - 2013-09-30 15:28 - 01953880 _____ (Farbar) C:\Users\WWK Premium Partner\Downloads\FRST64.exe
2013-09-30 15:27 - 2013-09-30 15:27 - 01086873 _____ (Farbar) C:\Users\WWK Premium Partner\Downloads\FRST.exe
2013-09-30 15:26 - 2013-09-30 15:26 - 00000272 _____ C:\Users\WWK Premium Partner\Downloads\defogger_enable.log
2013-09-30 15:25 - 2013-09-30 15:26 - 00000500 _____ C:\Users\WWK Premium Partner\Downloads\defogger_disable.log
2013-09-30 15:25 - 2013-09-30 15:26 - 00000000 _____ C:\Users\WWK Premium Partner\defogger_reenable
2013-09-30 15:25 - 2013-09-30 15:25 - 00050477 _____ C:\Users\WWK Premium Partner\Downloads\Defogger.exe
2013-09-24 15:17 - 2013-09-24 15:17 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-24 15:16 - 2013-09-24 15:16 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2013-09-24 15:16 - 2013-09-24 15:16 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2013-09-24 15:16 - 2013-09-24 15:16 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2013-09-24 15:16 - 2013-09-24 15:16 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2013-09-24 12:23 - 2013-09-24 12:23 - 00000000 ____D C:\Program Files (x86)\SumatraPDF
2013-09-24 12:19 - 2013-09-24 12:19 - 00000000 ____D C:\Users\WWK Premium Partner\AppData\Local\Secunia PSI
2013-09-24 12:17 - 2013-09-24 12:19 - 00448512 _____ (OldTimer Tools) C:\Users\WWK Premium Partner\Downloads\TFC.exe
2013-09-24 12:14 - 2013-09-24 12:14 - 03272136 _____ (Secunia) C:\Users\WWK Premium Partner\Downloads\PSISetup711.exe
2013-09-24 12:14 - 2013-09-24 12:14 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-09-24 12:13 - 2013-09-24 12:13 - 00000000 ____D C:\Users\WWK Premium Partner\Documents\Neuer Ordner
2013-09-24 11:46 - 2013-09-24 11:47 - 02347384 _____ (ESET) C:\Users\WWK Premium Partner\Downloads\esetsmartinstaller_enu.exe
2013-09-24 11:30 - 2013-09-24 11:30 - 00002641 _____ C:\Users\WWK Premium Partner\Desktop\JRT.txt
2013-09-24 11:23 - 2013-09-24 11:23 - 01030038 _____ (Thisisu) C:\Users\WWK Premium Partner\Downloads\JRT.exe
2013-09-24 11:23 - 2013-09-24 11:23 - 00000000 ____D C:\windows\ERUNT
2013-09-24 11:09 - 2013-09-24 11:11 - 00000000 ____D C:\AdwCleaner
2013-09-24 11:09 - 2013-09-24 11:09 - 01042066 _____ C:\Users\WWK Premium Partner\Downloads\adwcleaner.exe
2013-09-24 10:47 - 2013-09-24 10:47 - 00000000 ____D C:\Users\WWK Premium Partner\AppData\Roaming\Malwarebytes
2013-09-24 10:47 - 2013-09-24 10:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-24 10:47 - 2013-09-24 10:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-24 10:47 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-09-24 10:46 - 2013-09-24 10:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\WWK Premium Partner\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 11:25 - 2013-09-19 11:25 - 00262144 _____ C:\windows\system32\config\elam
2013-09-19 10:56 - 2013-09-19 10:56 - 00001078 _____ C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2013-09-19 10:56 - 2012-07-11 17:09 - 00064856 _____ (Kaspersky Lab) C:\windows\system32\klfphc.dll
2013-09-19 10:55 - 2013-10-01 13:49 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-19 10:55 - 2013-09-19 10:55 - 00000000 ____D C:\windows\ELAMBKUP
2013-09-19 10:55 - 2013-09-19 10:55 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-09-19 10:55 - 2011-06-02 14:39 - 00084536 _____ (Infowatch) C:\windows\system32\Drivers\CSCrySec.sys
2013-09-19 10:55 - 2011-06-02 14:39 - 00066616 _____ (Infowatch) C:\windows\system32\Drivers\CSVirtualDiskDrv.sys
2013-09-19 10:54 - 2013-09-19 11:23 - 00620128 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2013-09-19 10:54 - 2013-09-19 11:23 - 00090208 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2013-09-19 10:42 - 2013-09-19 10:47 - 188758520 _____ (Kaspersky Lab) C:\Users\WWK Premium Partner\Downloads\pure13.0.2.558de-de.exe
2013-09-19 10:33 - 2013-09-19 10:33 - 00000000 ____D C:\Users\WWK Premium Partner\AppData\Local\Mikogo4
2013-09-19 10:19 - 2013-09-19 10:30 - 00001708 _____ C:\windows\system32\ASOROSet.bin
2013-09-19 10:18 - 2013-09-19 10:18 - 00000000 ____D C:\windows\system32\config\RCCBakup
2013-09-19 10:00 - 2013-09-20 12:08 - 00003120 _____ C:\windows\System32\Tasks\Advanced System Protector_startup
2013-09-19 10:00 - 2012-07-25 12:03 - 00016896 _____ C:\windows\system32\sasnative64.exe
2013-09-17 17:25 - 2013-09-17 17:37 - 00000408 _____ C:\Users\WWK Premium Partner\AppData\Roaming\CamShapes.ini
2013-09-17 17:25 - 2013-09-17 17:37 - 00000408 _____ C:\Users\WWK Premium Partner\AppData\Roaming\CamLayout.ini
2013-09-17 17:25 - 2013-09-17 17:37 - 00000096 _____ C:\Users\WWK Premium Partner\AppData\Roaming\Camdata.ini
2013-09-17 17:25 - 2013-09-17 17:25 - 00000000 ____D C:\User Data
2013-09-17 17:24 - 2013-09-17 17:24 - 01167576 _____ C:\Users\WWK Premium Partner\Downloads\CamStudio2.7r316(1).exe
2013-09-17 17:17 - 2013-09-17 17:17 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3868.dll
2013-09-17 17:12 - 2013-10-01 11:25 - 00001324 _____ C:\windows\Tasks\LyriXeeker-1-updater.job
2013-09-17 17:12 - 2013-09-17 17:25 - 00004354 _____ C:\windows\System32\Tasks\LyriXeeker-1-updater
2013-09-17 17:11 - 2013-10-01 11:30 - 00001862 _____ C:\windows\Tasks\LyriXeeker-1-firefoxinstaller.job
2013-09-17 17:11 - 2013-10-01 11:25 - 00001228 _____ C:\windows\Tasks\LyriXeeker-1-codedownloader.job
2013-09-17 17:11 - 2013-10-01 11:25 - 00001128 _____ C:\windows\Tasks\LyriXeeker-1-enabler.job
2013-09-17 17:11 - 2013-09-24 10:53 - 00000000 ____D C:\Program Files (x86)\LyriXeeker-1
2013-09-17 17:11 - 2013-09-17 17:25 - 00004258 _____ C:\windows\System32\Tasks\LyriXeeker-1-codedownloader
2013-09-17 17:11 - 2013-09-17 17:25 - 00004158 _____ C:\windows\System32\Tasks\LyriXeeker-1-enabler
2013-09-17 17:09 - 2013-09-17 17:10 - 01167576 _____ C:\Users\WWK Premium Partner\Downloads\CamStudio2.7r316.exe
2013-09-17 17:07 - 2013-09-17 17:37 - 00004532 _____ C:\Users\WWK Premium Partner\AppData\Roaming\CamStudio.cfg
2013-09-17 17:04 - 2013-09-17 17:25 - 00000000 ____D C:\Program Files (x86)\CamStudio 2.7
2013-09-17 17:03 - 2013-09-17 17:04 - 03099532 _____ (CamStudio Open Source                                       ) C:\Users\WWK Premium Partner\Downloads\CamStudio_2.7_r316_setup.exe
2013-09-17 17:02 - 2013-09-17 17:10 - 26641368 _____ C:\Users\WWK Premium Partner\Downloads\2013-08-29_Videomarketing und Facebook Werbung.mp4.part
2013-09-17 17:02 - 2013-09-17 17:02 - 00000000 _____ C:\Users\WWK Premium Partner\Downloads\2013-08-29_Videomarketing und Facebook Werbung.mp4
2013-09-17 14:38 - 2013-09-17 14:38 - 00002597 _____ C:\Users\WWK Premium Partner\Desktop\XiButler.lnk
2013-09-17 11:19 - 2013-09-17 11:23 - 184256920 _____ (Microsoft Corporation) C:\Users\WWK Premium Partner\Downloads\AccessRuntime(1).exe
2013-09-17 11:12 - 2013-09-17 11:17 - 223266168 _____ (Microsoft Corporation) C:\Users\WWK Premium Partner\Downloads\AccessRuntime_X64.exe
2013-09-17 11:10 - 2013-09-17 11:10 - 01232896 _____ C:\Users\WWK Premium Partner\Desktop\Kundendatenbank Blank.123
2013-09-17 09:45 - 2013-09-27 15:27 - 00000000 ____D C:\Program Files (x86)\XiButler
2013-09-17 09:44 - 2013-09-17 09:44 - 01572352 _____ C:\Users\WWK Premium Partner\Downloads\XiButler.msi
2013-09-13 03:00 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-13 03:00 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-13 03:00 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-13 03:00 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-13 03:00 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-13 03:00 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-09-13 03:00 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-13 03:00 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-13 03:00 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-13 03:00 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-13 03:00 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-09-13 03:00 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-09-13 03:00 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-09-13 03:00 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-09-13 03:00 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-13 03:00 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-09-13 03:00 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-09-13 03:00 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-09-13 03:00 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-09-13 03:00 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-09-13 03:00 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 00:41 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2013-09-12 00:33 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-09-12 00:33 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-09-12 00:33 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2013-09-12 00:33 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2013-09-12 00:33 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2013-09-12 00:33 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2013-09-12 00:33 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2013-09-12 00:33 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2013-09-12 00:33 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2013-09-12 00:33 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2013-09-12 00:33 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2013-09-12 00:33 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2013-09-12 00:33 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2013-09-12 00:33 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2013-09-12 00:33 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2013-09-12 00:33 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2013-09-12 00:33 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2013-09-12 00:33 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2013-09-12 00:33 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2013-09-12 00:33 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 00:33 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 00:22 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-09-12 00:21 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2013-09-12 00:21 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2013-09-12 00:21 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2013-09-12 00:21 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll

==================== One Month Modified Files and Folders =======

2013-10-01 13:52 - 2013-10-01 13:52 - 01953880 _____ (Farbar) C:\Users\WWK Premium Partner\Downloads\FRST64(1).exe
2013-10-01 13:49 - 2013-09-19 10:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-10-01 13:49 - 2012-12-19 14:17 - 00000000 ____D C:\Users\WWK Premium Partner\Documents\Outlook-Dateien
2013-10-01 13:46 - 2012-02-14 13:11 - 01081074 _____ C:\windows\WindowsUpdate.log
2013-10-01 13:45 - 2012-09-19 10:51 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-10-01 11:42 - 2013-08-18 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-01 11:30 - 2013-09-17 17:11 - 00001862 _____ C:\windows\Tasks\LyriXeeker-1-firefoxinstaller.job
2013-10-01 11:25 - 2013-09-17 17:12 - 00001324 _____ C:\windows\Tasks\LyriXeeker-1-updater.job
2013-10-01 11:25 - 2013-09-17 17:11 - 00001228 _____ C:\windows\Tasks\LyriXeeker-1-codedownloader.job
2013-10-01 11:25 - 2013-09-17 17:11 - 00001128 _____ C:\windows\Tasks\LyriXeeker-1-enabler.job
2013-10-01 08:45 - 2009-07-14 06:45 - 00020720 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-01 08:45 - 2009-07-14 06:45 - 00020720 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-01 08:43 - 2011-03-08 19:03 - 00702312 _____ C:\windows\system32\perfh007.dat
2013-10-01 08:43 - 2011-03-08 19:03 - 00149836 _____ C:\windows\system32\perfc007.dat
2013-10-01 08:43 - 2009-07-14 07:13 - 01621244 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-01 08:35 - 2011-03-08 19:00 - 00000000 ____D C:\ProgramData\PDFC
2013-10-01 08:34 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-01 08:34 - 2009-07-14 06:51 - 00065793 _____ C:\windows\setupact.log
2013-09-30 21:13 - 2013-09-30 21:13 - 00000000 ____D C:\Users\WWK Premium Partner\Desktop\Neuer Ordner
2013-09-30 15:38 - 2013-01-09 18:24 - 00001860 _____ C:\fpRedmon.log
2013-09-30 15:38 - 2013-01-09 18:24 - 00000000 ____D C:\Users\WWK Premium Partner\AppData\Local\FreePDF_XP
2013-09-30 15:29 - 2013-09-30 15:29 - 00033827 _____ C:\Users\WWK Premium Partner\Downloads\Addition.txt
2013-09-30 15:28 - 2013-09-30 15:28 - 00000000 ____D C:\FRST
2013-09-30 15:28 - 2013-09-30 15:27 - 01953880 _____ (Farbar) C:\Users\WWK Premium Partner\Downloads\FRST64.exe
2013-09-30 15:27 - 2013-09-30 15:27 - 01086873 _____ (Farbar) C:\Users\WWK Premium Partner\Downloads\FRST.exe
2013-09-30 15:26 - 2013-09-30 15:26 - 00000272 _____ C:\Users\WWK Premium Partner\Downloads\defogger_enable.log
2013-09-30 15:26 - 2013-09-30 15:25 - 00000500 _____ C:\Users\WWK Premium Partner\Downloads\defogger_disable.log
2013-09-30 15:26 - 2013-09-30 15:25 - 00000000 _____ C:\Users\WWK Premium Partner\defogger_reenable
2013-09-30 15:26 - 2012-04-05 08:23 - 00000000 ____D C:\Users\WWK Premium Partner
2013-09-30 15:25 - 2013-09-30 15:25 - 00050477 _____ C:\Users\WWK Premium Partner\Downloads\Defogger.exe
2013-09-28 13:31 - 2012-05-30 10:21 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-09-28 13:30 - 2013-02-08 09:08 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-09-27 15:27 - 2013-09-17 09:45 - 00000000 ____D C:\Program Files (x86)\XiButler
2013-09-24 15:24 - 2011-03-08 18:27 - 01645398 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-09-24 15:17 - 2013-09-24 15:17 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-24 15:17 - 2013-08-13 14:49 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-24 15:17 - 2013-08-13 14:49 - 00000000 ____D C:\Program Files\iTunes
2013-09-24 15:17 - 2013-08-13 14:49 - 00000000 ____D C:\Program Files\iPod
2013-09-24 15:17 - 2013-08-13 14:49 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-24 15:16 - 2013-09-24 15:16 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2013-09-24 15:16 - 2013-09-24 15:16 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2013-09-24 15:16 - 2013-09-24 15:16 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2013-09-24 15:16 - 2013-09-24 15:16 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2013-09-24 12:23 - 2013-09-24 12:23 - 00000000 ____D C:\Program Files (x86)\SumatraPDF
2013-09-24 12:19 - 2013-09-24 12:19 - 00000000 ____D C:\Users\WWK Premium Partner\AppData\Local\Secunia PSI
2013-09-24 12:19 - 2013-09-24 12:17 - 00448512 _____ (OldTimer Tools) C:\Users\WWK Premium Partner\Downloads\TFC.exe
2013-09-24 12:14 - 2013-09-24 12:14 - 03272136 _____ (Secunia) C:\Users\WWK Premium Partner\Downloads\PSISetup711.exe
2013-09-24 12:14 - 2013-09-24 12:14 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-09-24 12:13 - 2013-09-24 12:13 - 00000000 ____D C:\Users\WWK Premium Partner\Documents\Neuer Ordner
2013-09-24 11:47 - 2013-09-24 11:46 - 02347384 _____ (ESET) C:\Users\WWK Premium Partner\Downloads\esetsmartinstaller_enu.exe
2013-09-24 11:30 - 2013-09-24 11:30 - 00002641 _____ C:\Users\WWK Premium Partner\Desktop\JRT.txt
2013-09-24 11:23 - 2013-09-24 11:23 - 01030038 _____ (Thisisu) C:\Users\WWK Premium Partner\Downloads\JRT.exe
2013-09-24 11:23 - 2013-09-24 11:23 - 00000000 ____D C:\windows\ERUNT
2013-09-24 11:11 - 2013-09-24 11:09 - 00000000 ____D C:\AdwCleaner
2013-09-24 11:11 - 2012-04-05 08:29 - 00001023 _____ C:\Users\WWK Premium Partner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-24 11:09 - 2013-09-24 11:09 - 01042066 _____ C:\Users\WWK Premium Partner\Downloads\adwcleaner.exe
2013-09-24 11:04 - 2012-02-14 13:43 - 00382926 _____ C:\windows\PFRO.log
2013-09-24 10:53 - 2013-09-17 17:11 - 00000000 ____D C:\Program Files (x86)\LyriXeeker-1
2013-09-24 10:47 - 2013-09-24 10:47 - 00000000 ____D C:\Users\WWK Premium Partner\AppData\Roaming\Malwarebytes
2013-09-24 10:47 - 2013-09-24 10:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-24 10:47 - 2013-09-24 10:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-24 10:46 - 2013-09-24 10:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\WWK Premium Partner\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-24 08:38 - 2012-09-19 10:51 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-09-24 08:38 - 2012-09-19 10:51 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-24 08:38 - 2012-09-19 10:51 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 12:08 - 2013-09-19 10:00 - 00003120 _____ C:\windows\System32\Tasks\Advanced System Protector_startup
2013-09-19 11:25 - 2013-09-19 11:25 - 00262144 _____ C:\windows\system32\config\elam
2013-09-19 11:23 - 2013-09-19 10:54 - 00620128 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klif.sys
2013-09-19 11:23 - 2013-09-19 10:54 - 00090208 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\klflt.sys
2013-09-19 11:23 - 2012-10-18 14:50 - 00054368 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kltdi.sys
2013-09-19 11:23 - 2012-08-13 16:49 - 00178448 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\kneps.sys
2013-09-19 10:56 - 2013-09-19 10:56 - 00001078 _____ C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2013-09-19 10:55 - 2013-09-19 10:55 - 00000000 ____D C:\windows\ELAMBKUP
2013-09-19 10:55 - 2013-09-19 10:55 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-09-19 10:50 - 2012-04-26 19:20 - 00000000 ____D C:\ProgramData\Norton
2013-09-19 10:47 - 2013-09-19 10:42 - 188758520 _____ (Kaspersky Lab) C:\Users\WWK Premium Partner\Downloads\pure13.0.2.558de-de.exe
2013-09-19 10:39 - 2012-04-05 08:29 - 00000000 ___RD C:\Users\WWK Premium Partner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-19 10:33 - 2013-09-19 10:33 - 00000000 ____D C:\Users\WWK Premium Partner\AppData\Local\Mikogo4
2013-09-19 10:30 - 2013-09-19 10:19 - 00001708 _____ C:\windows\system32\ASOROSet.bin
2013-09-19 10:30 - 2009-07-14 04:34 - 94896128 _____ C:\windows\system32\config\SOFTWARE.bak
2013-09-19 10:30 - 2009-07-14 04:34 - 18087936 _____ C:\windows\system32\config\SYSTEM.bak
2013-09-19 10:30 - 2009-07-14 04:34 - 00024576 _____ C:\windows\system32\config\SECURITY.bak
2013-09-19 10:23 - 2009-07-14 04:34 - 00028672 _____ C:\windows\system32\config\SAM.bak
2013-09-19 10:18 - 2013-09-19 10:18 - 00000000 ____D C:\windows\system32\config\RCCBakup
2013-09-17 17:37 - 2013-09-17 17:25 - 00000408 _____ C:\Users\WWK Premium Partner\AppData\Roaming\CamShapes.ini
2013-09-17 17:37 - 2013-09-17 17:25 - 00000408 _____ C:\Users\WWK Premium Partner\AppData\Roaming\CamLayout.ini
2013-09-17 17:37 - 2013-09-17 17:25 - 00000096 _____ C:\Users\WWK Premium Partner\AppData\Roaming\Camdata.ini
2013-09-17 17:37 - 2013-09-17 17:07 - 00004532 _____ C:\Users\WWK Premium Partner\AppData\Roaming\CamStudio.cfg
2013-09-17 17:25 - 2013-09-17 17:25 - 00000000 ____D C:\User Data
2013-09-17 17:25 - 2013-09-17 17:12 - 00004354 _____ C:\windows\System32\Tasks\LyriXeeker-1-updater
2013-09-17 17:25 - 2013-09-17 17:11 - 00004258 _____ C:\windows\System32\Tasks\LyriXeeker-1-codedownloader
2013-09-17 17:25 - 2013-09-17 17:11 - 00004158 _____ C:\windows\System32\Tasks\LyriXeeker-1-enabler
2013-09-17 17:25 - 2013-09-17 17:04 - 00000000 ____D C:\Program Files (x86)\CamStudio 2.7
2013-09-17 17:24 - 2013-09-17 17:24 - 01167576 _____ C:\Users\WWK Premium Partner\Downloads\CamStudio2.7r316(1).exe
2013-09-17 17:17 - 2013-09-17 17:17 - 00129536 _____ C:\Users\Public\AlexaNSISPlugin.3868.dll
2013-09-17 17:10 - 2013-09-17 17:09 - 01167576 _____ C:\Users\WWK Premium Partner\Downloads\CamStudio2.7r316.exe
2013-09-17 17:10 - 2013-09-17 17:02 - 26641368 _____ C:\Users\WWK Premium Partner\Downloads\2013-08-29_Videomarketing und Facebook Werbung.mp4.part
2013-09-17 17:04 - 2013-09-17 17:03 - 03099532 _____ (CamStudio Open Source                                       ) C:\Users\WWK Premium Partner\Downloads\CamStudio_2.7_r316_setup.exe
2013-09-17 17:02 - 2013-09-17 17:02 - 00000000 _____ C:\Users\WWK Premium Partner\Downloads\2013-08-29_Videomarketing und Facebook Werbung.mp4
2013-09-17 14:38 - 2013-09-17 14:38 - 00002597 _____ C:\Users\WWK Premium Partner\Desktop\XiButler.lnk
2013-09-17 11:25 - 2012-04-26 16:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-17 11:23 - 2013-09-17 11:19 - 184256920 _____ (Microsoft Corporation) C:\Users\WWK Premium Partner\Downloads\AccessRuntime(1).exe
2013-09-17 11:17 - 2013-09-17 11:12 - 223266168 _____ (Microsoft Corporation) C:\Users\WWK Premium Partner\Downloads\AccessRuntime_X64.exe
2013-09-17 11:10 - 2013-09-17 11:10 - 01232896 _____ C:\Users\WWK Premium Partner\Desktop\Kundendatenbank Blank.123
2013-09-17 09:44 - 2013-09-17 09:44 - 01572352 _____ C:\Users\WWK Premium Partner\Downloads\XiButler.msi
2013-09-12 09:07 - 2012-04-05 08:29 - 00000000 ___RD C:\Users\WWK Premium Partner\Virtual Machines
2013-09-12 09:07 - 2012-04-05 08:29 - 00000000 ___RD C:\Users\WWK Premium Partner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 04:04 - 2012-04-05 08:20 - 00000000 ____D C:\windows\rescache
2013-09-12 03:27 - 2009-07-14 06:45 - 00459432 _____ C:\windows\system32\FNTCACHE.DAT
2013-09-12 03:10 - 2013-08-18 12:44 - 00000000 ____D C:\windows\system32\MRT
2013-09-12 03:07 - 2012-04-05 09:41 - 79143768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-09-04 16:01 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2013-09-03 16:24 - 2013-04-04 16:53 - 00000000 ____D C:\VH3

Files to move or delete:
====================
C:\Users\WWK Premium Partner\AppData\Roaming\Camdata.ini
C:\Users\WWK Premium Partner\AppData\Roaming\CamLayout.ini
C:\Users\WWK Premium Partner\AppData\Roaming\CamShapes.ini
C:\Users\Public\AlexaNSISPlugin.3868.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-01 09:05

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by WWK Premium Partner at 2013-09-30 15:29:10
Running from C:\Users\WWK Premium Partner\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky PURE 3.0 (Enabled - Up to date)
{C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date)
{7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date)
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 3.8.0.1430)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.16.0)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft Webcam Sharing Manager (x32 Version: 2.0.0.30)
ATI Catalyst Install Manager (Version: 3.0.812.0)
AV-WIN (x32 Version: 3.112.6)
Beamtenprogramm 2012 (x32 Version: 12.1.0.3)
Beamtenprogramm 2013 (x32 Version: 13.1.0.2)
Bing Bar (x32 Version: 7.1.361.0)
Bing Rewards Client Installer (x32 Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
Broadcom 2070 Bluetooth 3.0 (Version: 6.3.0.6300)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.48.61)
Broadcom Wireless Utility (Version: 5.60.48.61)
CamStudio version 2.7 (x32 Version: 2.7)
Canada Life Berechnungssoftware (x32 Version: 16.0.0)
Canon IJ Network Scan Utility (x32)
Canon IJ Network Tool (x32 Version: 3.1.1)
Canon MG5200 series MP Drivers
Canon MP Navigator EX 4.0 (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version:
2011.0206.1335.24298)
Catalyst Control Center InstallProxy (x32 Version: 2011.0206.1335.24298)
Catalyst Control Center Localization All (x32 Version: 2011.0206.1335.24298)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0206.1335.24298)
CCC Help Chinese Standard (x32 Version: 2011.0206.1334.24298)
CCC Help Chinese Traditional (x32 Version: 2011.0206.1334.24298)
CCC Help Czech (x32 Version: 2011.0206.1334.24298)
CCC Help Danish (x32 Version: 2011.0206.1334.24298)
CCC Help Dutch (x32 Version: 2011.0206.1334.24298)
CCC Help English (x32 Version: 2011.0206.1334.24298)
CCC Help Finnish (x32 Version: 2011.0206.1334.24298)
CCC Help French (x32 Version: 2011.0206.1334.24298)
CCC Help German (x32 Version: 2011.0206.1334.24298)
CCC Help Greek (x32 Version: 2011.0206.1334.24298)
CCC Help Hungarian (x32 Version: 2011.0206.1334.24298)
CCC Help Italian (x32 Version: 2011.0206.1334.24298)
CCC Help Japanese (x32 Version: 2011.0206.1334.24298)
CCC Help Korean (x32 Version: 2011.0206.1334.24298)
CCC Help Norwegian (x32 Version: 2011.0206.1334.24298)
CCC Help Polish (x32 Version: 2011.0206.1334.24298)
CCC Help Portuguese (x32 Version: 2011.0206.1334.24298)
CCC Help Russian (x32 Version: 2011.0206.1334.24298)
CCC Help Spanish (x32 Version: 2011.0206.1334.24298)
CCC Help Swedish (x32 Version: 2011.0206.1334.24298)
CCC Help Thai (x32 Version: 2011.0206.1334.24298)
CCC Help Turkish (x32 Version: 2011.0206.1334.24298)
ccc-core-static (x32 Version: 2011.0206.1335.24298)
ccc-utility64 (Version: 2011.0206.1335.24298)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Citrix Online Launcher (x32 Version: 1.0.122)
CodeMeter Runtime Kit v4.20a (Version: 4.20.282.501)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Device Access Manager for HP ProtectTools (Version: 6.0.0.9)
devolo dLAN Cockpit (x32 Version: 4.1.2.0)
DirectX 9 Runtime (x32 Version: 1.00.0000)
Drive Encryption For HP ProtectTools (Version: 6.0.99.30652)
Drucken in PDF Annotator (novaPDF OEM 7.7 printer)
EasyBau (x32 Version: 3.00)
Embedded Security for HP ProtectTools (Version: 6.0.100.2572)
Energy Star Digital Logo (x32 Version: 1.0.1)
Face Recognition for HP ProtectTools (Version: 6.00.4303)
File Sanitizer For HP ProtectTools (x32 Version: 6.0.0.13)
Finanzplaner (x32)
FreePDF (Remove only) (x32)
GoToMeeting 5.7.0.1172 (HKCU Version: 5.7.0.1172)
GPL Ghostscript 8.70 (x32)
Gschwind Finanzplanung (x32)
HanseMerkur ISA Makler (x32 Version: 1.13.0)
HanseMerkur ISA Service Extensions (x32 Version: 1.1.11)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.16.1)
HP Auto (Version: 1.0.12494.3472)
HP Client Automation Agent Preload (x32 Version: 7.5)
HP Connection Manager (x32 Version: 4.1.22.1)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP DayStarter (Version: 2.0.0.12)
HP Documentation (x32 Version: 1.1.0.0)
HP ESU for Microsoft Windows 7 (x32 Version: 2.0.6.1)
HP GPS and Location (x32 Version: 1.0.26.1)
HP Mobile Broadband Drivers (x32 Version: 6.3.5.3)
HP Power Assistant (Version: 2.5.0.16)
HP ProtectTools Security Manager (Version: 6.08.1017)
HP QuickWeb (x32 Version: 3.0.3.9925)
HP Setup (x32 Version: 8.5.4526.3645)
HP SoftPaq Download Manager (x32 Version: 3.2.0.0)
HP Software Framework (x32 Version: 4.5.12.1)
HP Software Setup (x32 Version: 8.2.1.1)
HP Support Assistant (x32 Version: 7.0.39.15)
HP System Default Settings (x32 Version: 2.4.1.2)
HP Wallpaper (x32 Version: 2.00)
HP Web Camera (Version: 1.0.0)
HP Webcam (x32 Version: 1.0.26.3)
HP Webcam Driver (x32 Version: 5.8.50058.0)
iCloud (Version: 2.1.1.3)
IDT Audio (x32 Version: 1.0.6428.0)
Intel(R) Identity Protection Technology 1.0.71.0 (x32 Version: 1.0.71.0)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Network Connections Drivers (Version: 15.4)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004)
iTunes (Version: 11.1.0.126)
JMicron 1394 Filter Driver (x32 Version: 1.00.21.00)
JMicron Flash Media Controller Driver (x32 Version: 1.0.57.2)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558)
KV-WIN (x32 Version: 7.112.5)
LastPass (uninstall only) (x32)
LightScribe System Software (x32 Version: 1.18.15.1)
LSI HDA Modem (Version: 2.2.100)
LV-WIN (x32 Version: 7.112.6)
LyriXeeker-1 (x32 Version: 1.28.153.3)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access 2002 Runtime (x32 Version: 10.0.2701.01)
Microsoft Access 2010 Runtime Service Pack 1 (SP1) (x32)
Microsoft Access Runtime 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Runtime 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Runtime MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server Compact 3.5 SP1 (Deutsch) (x32 Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 x64 (Deutsch) (Version: 3.5.5692.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version:
9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version:
9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version:
9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version:
9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version:
9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version:
9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version:
10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version:
10.0.30319)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser und SDK (x32 Version: 4.20.9818.0)
NÜRNBERGER AutoUpdater (x32 Version: 1.1.1)
NÜRNBERGER BTplus 12.2012 (x32 Version: 12.12.4708.21291)
PDF Annotator 4.0.0.403 (x32 Version: 4.0.0.403)
PDF Complete Special Edition (x32 Version: 4.0.64)
Privacy Manager for HP ProtectTools (Version: 6.01.842)
RBVirtualFolder64Inst (Version: 1.00.0000)
RedMon - Redirection Port Monitor
Roxio Activation Module (x32 Version: 1.0)
Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0)
Roxio Express Labeler 3 (x32 Version: 3.2.2)
Roxio MyDVD Business 2010 (x32 Version: 1.0.410)
Roxio MyDVD Business 2010 (x32 Version: 12.1.73.14)
Roxio Secure Burn (x32 Version: 1.8)
Roxio Secure Burn (x32 Version: 1.8.73.2)
SDK (x32 Version: 2.30.042)
Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011)
Sentinel Protection Installer 7.6.5 (x32 Version: 7.6.5)
SumatraPDF (x32 Version: 2.2.1)
Synaptics Pointing Device Driver (Version: 16.0.3.0)
TeamViewer 8 (x32 Version: 8.0.18051)
Theft Recovery for HP ProtectTools (x32 Version: 6.0.0.33)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version:
1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version:
1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version:
1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version:
1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
(x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
UseNeXT (x32)
Validity Fingerprint Sensor Driver (Version: 4.3.226.0)
VH3 2.479 (x32 Version: 2.479)
VIP Access SDK x64(1.0.0.50) (x32 Version: 1.0.0.50)
VorsorgePLANER (x32 Version: 3.0)
vWorkspace Connector for Web Access (x32 Version: 8.0.0.1186)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
XiButler (x32 Version: 1.0.10)
==================== Restore Points =========================
13-09-2013 01:00:15 Windows Update
17-09-2013 07:20:45 Windows Update
17-09-2013 07:44:53 XiButler wird installiert
17-09-2013 09:24:27 Configured Microsoft Access Runtime 2010
17-09-2013 12:33:10 Windows-Sicherung
19-09-2013 08:02:15 RegClean Pro Do, Sep 19, 13 10:02
20-09-2013 09:29:52 Windows Update
24-09-2013 06:49:17 Windows Update
27-09-2013 11:55:55 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A
C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0287B57E-CA94-4AC8-B8AF-175B840C00CB} - \RegClean Pro_UPDATES No Task
File
Task: {064DD95D-8C77-43F1-8CAB-EE59A91C421A} -
System32\Tasks\Microsoft\Windows\MUI\Lpksetup =>
C:\windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {3E6379DC-4DD6-4997-BC01-DCF2F9A9851A} -
System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
[2010-02-23] (Microsoft Corporation)
Task: {4B92585A-1B8E-446D-99E0-A8310F6DC4C9} - System32\Tasks\Adobe Flash Player
Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[2013-09-24] (Adobe Systems Incorporated)
Task: {61A281A4-F50F-4577-8290-7642B02FF6DB} - \EPUpdater No Task File
Task: {66CEAA40-F57B-4C67-B34C-C27DCFA2D0A1} -
System32\Tasks\LyriXeeker-1-updater => C:\Program Files
(x86)\LyriXeeker-1\LyriXeeker-1-updater.exe [2013-09-17] (Lyrics)
Task: {6C06CEB4-25C8-4B27-AC00-C6BFB8304471} - System32\Tasks\Hewlett-Packard\HP
Support Assistant\HP Support Assistant Quick Start => C:\Program Files
(x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27]
(Hewlett-Packard Company)
Task: {759D1418-C293-45AA-9C75-1246D12E9BF3} -
System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple
Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7927FB5E-45D6-4C6B-9BC8-ABE2C2FB58BA} -
System32\Tasks\LyriXeeker-1-codedownloader => C:\Program Files
(x86)\LyriXeeker-1\LyriXeeker-1-codedownloader.exe [2013-09-17] (Lyrics)
Task: {7FB8D1FA-8BB6-46CE-9705-026BC5D066E7} -
System32\Tasks\LyriXeeker-1-firefoxinstaller => C:\Program Files
(x86)\LyriXeeker-1\LyriXeeker-1-firefoxinstaller.exe [2013-09-17] (Lyrics)
Task: {9E877A49-42F5-49D7-BE5E-263EA71109D5} -
System32\Tasks\LyriXeeker-1-enabler => C:\Program Files
(x86)\LyriXeeker-1\LyriXeeker-1-enabler.exe [2013-09-17] (Lyrics)
Task: {A4BE0854-768F-46CE-9590-AEEAC1AC7C6B} - System32\Tasks\Hewlett-Packard\HP
Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support
Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard
Company)
Task: {A81985D4-9653-45CB-927E-EC1071244C2E} - System32\Tasks\Hewlett-Packard\HP
Support Assistant\PC Health Analysis => C:\Program Files
(x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27]
(Hewlett-Packard Company)
Task: {C36E4A42-D774-4CE7-B281-D4485CB7F12C} -
System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start
osppsvc
Task: {FF9B076F-7098-4C61-AD81-B823B5A05787} - System32\Tasks\Advanced System
Protector_startup => C:\Program Files (x86)\Advanced System
Protector\AdvancedSystemProtector.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job =>
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\LyriXeeker-1-codedownloader.job => C:\Program Files
(x86)\LyriXeeker-1\LyriXeeker-1-codedownloader.exe
Task: C:\windows\Tasks\LyriXeeker-1-enabler.job => C:\Program Files
(x86)\LyriXeeker-1\LyriXeeker-1-enabler.exe
Task: C:\windows\Tasks\LyriXeeker-1-firefoxinstaller.job => C:\Program Files
(x86)\LyriXeeker-1\LyriXeeker-1-firefoxinstaller.exe
Task: C:\windows\Tasks\LyriXeeker-1-updater.job => C:\Program Files
(x86)\LyriXeeker-1\LyriXeeker-1-updater.exe
==================== Loaded Modules (whitelisted) =============
2010-07-30 05:39 - 2010-07-30 05:39 - 00173856 _____ () C:\Program
Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2012-02-10 15:26 - 2012-02-10 15:26 - 01083392 _____ () C:\Program
Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-02-12 02:26 - 2011-02-12 02:26 - 00098304 ____R () C:\Program Files
(x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-02-06 23:34 - 2011-02-06 23:34 - 00243712 _____ () C:\Program Files
(x86)\ATI
Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-02-12 02:26 - 2011-02-12 02:26 - 00024576 ____R () C:\Program Files
(x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files
(x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files
(x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files
(x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files
(x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2010-09-06 23:18 - 2010-09-06 23:18 - 01412608 _____ ()
C:\windows\system32\LIBEAY32.dll
2012-04-05 18:17 - 2012-04-05 18:17 - 02830336 _____ () C:\Program
Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2012-04-05 17:40 - 2012-04-05 17:40 - 00126976 _____ () C:\Program
Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2012-04-05 18:20 - 2012-04-05 18:20 - 02863104 _____ () C:\Program
Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2012-04-05 18:18 - 2012-04-05 18:18 - 00053248 _____ () C:\Program
Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2012-04-05 17:44 - 2012-04-05 17:44 - 02035712 _____ () C:\Program
Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2012-04-05 17:45 - 2012-04-05 17:45 - 01945600 _____ () C:\Program
Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2012-04-05 18:15 - 2012-04-05 18:15 - 03092480 _____ () C:\Program
Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2010-05-19 20:05 - 2010-05-19 20:05 - 02121728 _____ () C:\Program Files
(x86)\Common Files\LightScribe\QtCore4.dll
2010-05-19 20:05 - 2010-05-19 20:05 - 07745536 _____ () C:\Program Files
(x86)\Common Files\LightScribe\QtGui4.dll
2010-05-19 20:05 - 2010-05-19 20:05 - 00135168 _____ () C:\Program Files
(x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-11-25 08:44 - 2010-11-25 08:44 - 00375280 _____ () c:\program files
(x86)\common files\roxio shared\dllshared\SQLite352.dll
2012-02-14 13:19 - 2010-02-17 21:20 - 00065576 ____R () C:\Program Files
(x86)\Ericsson\Mobile Broadband Drivers\WMCore\MBMDebug.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files
(x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-12-21 01:15 - 2010-12-21 01:15 - 01041248 _____ () C:\Program Files
(x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2013-08-20 10:53 - 2013-08-20 10:53 - 00169472 _____ ()
C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9ab0e818cb3d1b6930eba
54179f89300\IsdiInterop.ni.dll
2012-02-14 13:15 - 2011-01-13 03:56 - 00058880 _____ () C:\Program Files
(x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-08-18 11:20 - 2013-08-18 11:20 - 03551640 _____ () C:\Program Files
(x86)\Mozilla Firefox\mozjs.dll
2013-08-22 10:10 - 2013-08-16 19:42 - 01019904 _____ () C:\Users\WWK Premium
Partner\AppData\Roaming\Mozilla\Firefox\Profiles\vs717c5b.default\extensions\sup
port@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2012-05-03 08:13 - 2012-05-03 08:13 - 00369664 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\MMTOOL20.dll
2012-05-03 08:13 - 2012-05-03 08:13 - 00906784 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\OWL52f.dll
2012-05-03 08:13 - 2012-05-03 08:13 - 00275456 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\MMGRFK20.dll
2012-05-03 08:13 - 2012-06-25 08:14 - 00952832 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\MMCTL20.dll
2012-05-03 08:13 - 2012-05-03 08:13 - 00348672 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\DTBL32.dll
2012-05-03 08:13 - 2012-06-25 08:14 - 01608205 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\MMPRNT20.dll
2012-05-03 08:13 - 2012-06-25 08:14 - 00196608 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\MMPL20.dll
2012-05-03 08:13 - 2012-06-25 08:14 - 00287232 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\MMERG20.dll
2012-05-03 08:13 - 2013-06-21 09:07 - 07238656 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\lvtool20.dll
2012-05-03 08:13 - 2013-06-21 09:07 - 00382464 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVPRINT20.dll
2012-05-03 08:13 - 2013-06-21 09:07 - 02598912 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVEIN20.dll
2012-05-03 08:13 - 2013-06-21 09:07 - 01079296 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVERGALL20.dll
2012-05-03 08:13 - 2013-06-21 09:07 - 00436224 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVERG20.dll
2012-05-03 08:13 - 2012-06-25 08:14 - 00776192 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\lvwinres20.dll
2012-05-03 08:13 - 2012-05-03 08:13 - 00057344 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\mmcc32.dll
2012-05-03 08:13 - 2013-07-29 09:08 - 06897664 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\lvrkflv.dll
2012-05-03 08:13 - 2013-07-29 09:08 - 13594624 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\lvrk.dll
2012-05-03 08:13 - 2012-05-03 08:13 - 00046592 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\boost_thread-vc90-mt-1_47.dll
2012-05-03 08:13 - 2013-06-21 09:07 - 00973824 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVTOOL220.DLL
2012-05-03 08:13 - 2013-06-21 09:07 - 00081920 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVAVChrZugriff.dll
2012-05-03 08:13 - 2013-06-21 09:07 - 00356352 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVANBIETERPORTRAIT20.DLL
2012-05-03 08:13 - 2013-06-21 09:07 - 00212480 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVBUERG20.DLL
2012-05-03 08:13 - 2013-06-21 09:07 - 01155584 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\LVBUR20.DLL
2012-05-03 08:13 - 2012-08-03 08:15 - 00011264 _____ () C:\Program Files
(x86)\MORGEN & MORGEN\LV-WIN\XVWin2NQ\MM_IPC.dll
2013-09-11 17:12 - 2013-09-11 17:12 - 16177544 _____ ()
C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/27/2013 03:04:16 PM) (Source: Application Hang) (User: )
Description: Programm XING 01.exe, Version 1.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der
Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu
suchen.
Prozess-ID: 9070
Startzeit: 01cebb80614218d9
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\XiButler\XING 01.exe
Berichts-ID: 4c99fe77-2775-11e3-a626-cc52afecb268
Error: (09/27/2013 02:51:51 PM) (Source: Application Hang) (User: )
Description: Programm XING 01.exe, Version 1.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der
Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu
suchen.
Prozess-ID: 77a8
Startzeit: 01cebb7e9c02fa1c
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\XiButler\XING 01.exe
Berichts-ID: 7ff4305a-2773-11e3-a626-cc52afecb268
Error: (09/27/2013 02:37:47 PM) (Source: Application Hang) (User: )
Description: Programm XING 01.exe, Version 1.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der
Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu
suchen.
Prozess-ID: 8dc0
Startzeit: 01cebb7c306a7218
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\XiButler\XING 01.exe
Berichts-ID: 52567954-2771-11e3-a626-cc52afecb268
Error: (09/27/2013 02:08:10 PM) (Source: Application Hang) (User: )
Description: Programm XING 01.exe, Version 1.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der
Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu
suchen.
Prozess-ID: 2988
Startzeit: 01cebb783d38fe65
Endzeit: 16
Anwendungspfad: C:\Program Files (x86)\XiButler\XING 01.exe
Berichts-ID: 72df8627-276d-11e3-a626-cc52afecb268
Error: (09/24/2013 01:00:09 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am
Sicherungsspeicherort "\\DISKSTATION\Datensicherung Blank\" nicht abgeschlossen.
Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen
Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
System errors:
=============
Error: (09/30/2013 01:44:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Software Framework Service" wurde aufgrund folgenden
Fehlers nicht gestartet:
%%1053
Error: (09/30/2013 01:44:50 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem
Dienst HP Software Framework Service erreicht.
Error: (09/30/2013 01:44:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Software Framework Service" wurde aufgrund folgenden
Fehlers nicht gestartet:
%%1053
Error: (09/30/2013 01:44:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem
Dienst HP Software Framework Service erreicht.
Error: (09/30/2013 01:44:12 PM) (Source: DCOM) (User: )
Description: 1053hpqwmiex{F5539356-2F02-40D4-999E-FA61F45FE12E}
Error: (09/30/2013 01:42:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "hpHotkeyMonitor" wurde aufgrund folgenden Fehlers nicht
gestartet:
%%2
Error: (09/28/2013 02:41:33 PM) (Source: DCOM) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (09/28/2013 01:44:56 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/27/2013 01:44:38 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/24/2013 01:57:47 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (09/27/2013 03:04:16 PM) (Source: Application Hang)(User: )
Description: XING 01.exe1.0.0.0907001cebb80614218d910C:\Program Files
(x86)\XiButler\XING 01.exe4c99fe77-2775-11e3-a626-cc52afecb268
Error: (09/27/2013 02:51:51 PM) (Source: Application Hang)(User: )
Description: XING 01.exe1.0.0.077a801cebb7e9c02fa1c10C:\Program Files
(x86)\XiButler\XING 01.exe7ff4305a-2773-11e3-a626-cc52afecb268
Error: (09/27/2013 02:37:47 PM) (Source: Application Hang)(User: )
Description: XING 01.exe1.0.0.08dc001cebb7c306a721810C:\Program Files
(x86)\XiButler\XING 01.exe52567954-2771-11e3-a626-cc52afecb268
Error: (09/27/2013 02:08:10 PM) (Source: Application Hang)(User: )
Description: XING 01.exe1.0.0.0298801cebb783d38fe6516C:\Program Files
(x86)\XiButler\XING 01.exe72df8627-276d-11e3-a626-cc52afecb268
Error: (09/24/2013 01:00:09 PM) (Source: Windows Backup)(User: )
Description: \\DISKSTATION\Datensicherung Blank\Der Sicherungsort wurde nicht
gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den
Sicherungsort. (0x81000006)
CodeIntegrity Errors:
===================================
Date: 2013-09-24 12:44:10.876
Description: Die Abbildintegrität der Datei
"\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft
werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden
wurde.
Date: 2013-09-24 12:44:10.876
Description: Die Abbildintegrität der Datei
"\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft
werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden
wurde.
Date: 2013-09-24 12:44:10.860
Description: Die Abbildintegrität der Datei
"\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft
werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden
wurde.
Date: 2013-09-24 12:44:10.860
Description: Die Abbildintegrität der Datei
"\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft
werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden
wurde.
Date: 2013-09-24 12:44:10.860
Description: Die Abbildintegrität der Datei
"\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft
werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden
wurde.
Date: 2013-09-24 12:44:10.860
Description: Die Abbildintegrität der Datei
"\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft
werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden
wurde.
Date: 2013-09-24 12:44:10.844
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program
Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht
überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht
gefunden wurde.
Date: 2013-09-24 12:44:10.829
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program
Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht
überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht
gefunden wurde.
Date: 2013-09-24 12:44:10.829
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program
Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht
überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht
gefunden wurde.
Date: 2013-09-19 12:43:25.116
Description: Die Abbildintegrität der Datei
"\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft
werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden
wurde.
==================== Memory info ===========================
Percentage of memory in use: 74%
Total physical RAM: 4070.36 MB
Available physical RAM: 1024.13 MB
Total Pagefile: 8138.89 MB
Available Pagefile: 3659.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:444.59 GB) (Free:354.68 GB) NTFS ==>[System with boot
components (obtained from reading drive)]
Drive d: (CODEMETER) (Fixed) (Total:0.04 GB) (Free:0 GB) FAT32
Drive e: (HP_RECOVERY) (Fixed) (Total:15.87 GB) (Free:2.38 GB) NTFS ==>[System
with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 410FAC6E)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=445 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
========================================================
Disk: 1 (Size: 39 MB) (Disk ID: 001364D1)
Partition 1: (Active) - (Size=39 MB) - (Type=0B)
==================== End Of Log ============================
Seite 11
         

Alt 01.10.2013, 16:52   #5
M-K-D-B
/// TB-Ausbilder
 
QV06 Suchmaschine - Standard

QV06 Suchmaschine



Servus,




Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.






Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM.

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 04.10.2013, 16:35   #6
M-K-D-B
/// TB-Ausbilder
 
QV06 Suchmaschine - Standard

QV06 Suchmaschine



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
--> QV06 Suchmaschine

Antwort

Themen zu QV06 Suchmaschine
anbei, download, eingefangen, eurer, firefox, gefangen, gen, gmer, laptop, problem, qv06 suchmaschine, scan, scans, schritt, seitdem, sichert, suchmaschine, umgeleitet, zweimal



Ähnliche Themen: QV06 Suchmaschine


  1. QV06 entfernen
    Log-Analyse und Auswertung - 14.11.2013 (9)
  2. QV06 und Spyhunter 4 entfernen
    Plagegeister aller Art und deren Bekämpfung - 31.10.2013 (15)
  3. QV06 entfernen
    Log-Analyse und Auswertung - 25.10.2013 (21)
  4. QV06 entfernen!
    Plagegeister aller Art und deren Bekämpfung - 19.10.2013 (13)
  5. QV06 und Whiiloki
    Log-Analyse und Auswertung - 15.10.2013 (14)
  6. QV06 ! virus ?
    Log-Analyse und Auswertung - 08.10.2013 (9)
  7. Virus Whilokii/QV06?
    Plagegeister aller Art und deren Bekämpfung - 08.10.2013 (7)
  8. qv06 entfernen
    Log-Analyse und Auswertung - 19.09.2013 (3)
  9. Umleitung auf "QV06-Suchmaschine" im Firefox
    Log-Analyse und Auswertung - 16.09.2013 (7)
  10. QV06.com vom PC entfernen
    Log-Analyse und Auswertung - 05.09.2013 (11)
  11. qv06 entfernen?
    Log-Analyse und Auswertung - 04.09.2013 (18)
  12. QV06 schnell Erledigt!
    Log-Analyse und Auswertung - 03.09.2013 (10)
  13. qv06-Virus eingefangen
    Log-Analyse und Auswertung - 30.08.2013 (7)
  14. Qv06 und Spyhunter
    Log-Analyse und Auswertung - 28.08.2013 (11)
  15. Qv06 Virus
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (15)
  16. qv06 und SpyHunter
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (21)
  17. hab ich noch was vom qv06 übrig?
    Log-Analyse und Auswertung - 28.06.2013 (31)

Zum Thema QV06 Suchmaschine - Hallo, bei Download habe ich mir wohl etwas eingefangen Seitdem habe ich das Problem, dass ich im Firefox auf die "QV06-Suchmaschine" umgeleitet werde. Bei der Abarbeitung eurer Foren-Checkliste lief alles - QV06 Suchmaschine...
Archiv
Du betrachtest: QV06 Suchmaschine auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.