Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.11.2013, 06:46   #1
sambasonic
 
wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos - Standard

wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos



Hallo & recht schönen Dank an den/die Retter(in) , die sich meinem Problem annehmen wollen.

Ich muss zugeben, daß ich doch nach Belieben Freeware runterlade, aber meist sehr genau auf die Bedingungen und Buttons achte ....ab und zu rutscht halt doch was durch. Mein Wissen über die erforderlichen Schritte komplett Malwarefree zu sein ist begrenzt.
Habe Bitdefender als Internet Security an Bord, ansonsten auch mal Spybot laufen lassen.

Was ist passiert: Freeeware "youtube to mp3 " aus dem web runtergeladen.

1) Nach Installation startet Chrome nicht mehr mit Google, sondern mit " snapdo " mit entsprechend umgeleiteten unbrauchbaren Links auf der Ergebnisseite. Dito mit Firefox.
2) snap.do in den jeweiligen Browsereinstellungen entfernt, Standards wieder hergestellt
3) In Systemsteuerung/Programme deinstallieren fanden sich 2 Einträge: a) snap.Do und b) snap.Do Engine etc. (sorry...vergessen). Also b) ließ sich deinstallieren, a) bleibt trotz aller Versuche an Bord
4) Im web gesucht, Trojaner-Board gefunden, registriert und die Empfehlungen - so gut ich konnte -abgearbeitet.

Wäre gerne wieder Malware free und danke Euch/Dir schon mal ganz herzlich ...

Nun die Logs oder weitere Infos von:

1) Defogger
2) Adw-Cleaner
3) Farbars Recovery Scan Tool
4) Gmer
5) Malwarebytes Anti Malware
6) Eset online Scan

zu 1) Defogger - Anweisungen befolgt

zu 2) Adw-Cleaner - Cleaning durchgeführt. Log anbei

# AdwCleaner v3.012 - Bericht erstellt am 18/11/2013 um 20:05:06
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzername : Desk 1 - office - DESK1-OFFICE
# Gestartet von : C:\Users\Desk 1 - office\Downloads\adwcleaner_3012.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16520


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Desk 1 - office\AppData\Roaming\Mozilla\Firefox\Profiles\o55cqaq1.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [82382 octets] - [18/11/2013 13:44:23]
AdwCleaner[R1].txt - [772 octets] - [18/11/2013 20:05:06]
AdwCleaner[S0].txt - [68641 octets] - [18/11/2013 13:50:55]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [892 octets] ##########

zu 3) Farbar Recovery Scan FRST64 durchgeführt. Log anbei

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2013 02
Ran by Desk 1 - office (administrator) on DESK1-OFFICE on 18-11-2013 19:22:46
Running from C:\Users\Desk 1 - office\Downloads
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
() C:\Program Files (x86)\Steganos Internet Anonym VPN\AVPNStarter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\DriveLED\oodlag.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TuneUp Software) C:\Windows\System32\TUProgSt.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
() C:\Users\Desk 1 - office\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(BitTorrent Inc.) C:\Users\Desk 1 - office\AppData\Roaming\uTorrent\uTorrent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\StCenter.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!DSL\FwebProt.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 9\TSCHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 9\SnagPriv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 9\snagiteditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Microsoft Corporation) C:\PROGRA~2\MICROS~2\Office12\OUTLOOK.EXE
(Google Inc.) C:\Users\Desk 1 - office\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Desk 1 - office\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Desk 1 - office\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Desk 1 - office\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Desk 1 - office\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Desk 1 - office\AppData\Local\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Farbar) C:\Users\Desk 1 - office\Downloads\FRST64 (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.Exe [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403616 2011-12-16] (Acronis)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1738968 2013-10-30] (Bitdefender)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [AutoStartNPSAgent] - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Desk 1 - office\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-09] ()
HKCU\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [564256 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1004608 2013-10-30] (Bitdefender)
HKCU\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [621448 2013-10-30] (Bitdefender)
HKCU\...\Run: [uTorrent] - C:\Users\Desk 1 - office\AppData\Roaming\uTorrent\uTorrent.exe [900440 2013-11-16] (BitTorrent Inc.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-18] (Google Inc.)
HKCU\...\Run: [WSHelperSetup.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
MountPoints2: {1ecff08c-ad26-11de-9287-00248c5ca5fd} - L:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {46b38690-5743-11df-b586-001f3f05018d} - H:\LaunchU3.exe -a
MountPoints2: {6906a0d6-ad29-11de-bd38-806e6f6e6963} - L:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {81496240-46bd-11e3-8317-00248c5ca5fd} - H:\LGAutoRun.exe
MountPoints2: {aa418ef1-a2ef-11de-b152-001f3f05018d} - H:\LaunchU3.exe -a
MountPoints2: {bf76da5b-a148-11de-9eb0-00248c5ca5fd} - H:\pushinst.exe
MountPoints2: {e84dee15-cc77-11df-bce4-001f3f05018d} - H:\AutoRun.exe
MountPoints2: {e84dee29-cc77-11df-bce4-001f3f05018d} - H:\AutoRun.exe
HKLM-x32\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [KBD] - C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.exe [12288 2008-07-21] (Microsoft)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe [1794048 2008-10-28] (AVM Berlin)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [WSHelperSetup.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088 2009-08-05] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088 2009-08-05] (Hewlett-Packard)
HKU\Gast\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088 2009-08-05] (Hewlett-Packard)
HKU\Gast\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-18] (Google Inc.)
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-04-16] (Hewlett-Packard Company)
HKU\Gast\...\Run: [GMX SMS-Manager] - C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe [3539968 2007-07-19] (1&1 Internet AG)
HKU\Gast\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\Gast\...\Run: [Google Update] - C:\Users\Desk 1 - office\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-18] (Google Inc.)
HKU\Gast\...\Run: [AutoStartNPSAgent] - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\Gast\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKU\Gast\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKU\Gast\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\Gast 1\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088 2009-08-05] (Hewlett-Packard)
HKU\Gast 1\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-18] (Google Inc.)
HKU\Gast 1\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-04-16] (Hewlett-Packard Company)
HKU\Gast 1\...\Run: [GMX SMS-Manager] - C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe [3539968 2007-07-19] (1&1 Internet AG)
HKU\Gast 1\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\Gast 1\...\Run: [Google Update] - C:\Users\Desk 1 - office\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-18] (Google Inc.)
HKU\Gast 1\...\Run: [AutoStartNPSAgent] - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\Gast 1\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKU\Gast 1\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKU\Gast 1\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [ ] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [ ] ()
IMEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\Users\Desk 1 - office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk
ShortcutTarget: FRITZ!DSL Protect.lnk -> C:\Program Files (x86)\FRITZ!DSL\FwebProt.exe (AVM Berlin)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {7C638C6B-5B27-4A85-83CB-40250D1E4AC4} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {CA8FE908-E845-4081-937D-C045FEC0FC98} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Desk 1 - office\AppData\Roaming\Mozilla\Firefox\Profiles\o55cqaq1.default
FF Homepage: about:home
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper - C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Desk 1 - office\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Desk 1 - office\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Desk 1 - office\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Desk 1 - office\AppData\Roaming\Mozilla\Firefox\Profiles\o55cqaq1.default\Extensions\staged(15)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Desk 1 - office\AppData\Roaming\Mozilla\Firefox\Profiles\o55cqaq1.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: No Name - C:\Users\Desk 1 - office\AppData\Roaming\Mozilla\Firefox\Profiles\o55cqaq1.default\Extensions\{9BAE5926-8513-417d-8E47-774955A7C60D}.xpi
FF Extension: fireftp - C:\Users\Desk 1 - office\AppData\Roaming\Mozilla\Firefox\Profiles\o55cqaq1.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
FF Extension: Adblock Plus - C:\Users\Desk 1 - office\AppData\Roaming\Mozilla\Firefox\Profiles\o55cqaq1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: downbarconfig - C:\Users\Desk 1 - office\AppData\Roaming\Mozilla\Firefox\Profiles\o55cqaq1.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: () - C:\Users\DESK1-~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (GIFPAL) - C:\Users\DESK1-~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch\1.2_0
CHR Extension: (Psykopaint) - C:\Users\DESK1-~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0
CHR Extension: (Gmail) - C:\Users\DESK1-~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [364544 2008-10-28] (AVM Berlin)
R2 AVPNStarter; C:\Program Files (x86)\Steganos Internet Anonym VPN\AVPNStarter.exe [21504 2009-10-06] ()
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77120 2013-10-23] (Bitdefender)
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] ()
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-09-16] (DATA BECKER GmbH & Co KG)
R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin)
R2 O&O DriveLED; C:\Program Files\OO Software\DriveLED\oodlag.exe [610048 2009-09-28] (O&O Software GmbH)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 StarMoney 7.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe [554160 2011-11-08] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
S3 Symantec RemoteAssist; C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe [394704 2008-01-29] (Symantec, Inc.)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [506696 2011-03-01] (TuneUp Software)
R2 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [842056 2011-03-01] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2409272 2013-10-11] (TuneUp Software)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-04-22] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-04-22] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-23] (Bitdefender)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-07-04] (Vodafone)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1506736 2013-10-30] (Bitdefender)
R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [296400 2009-03-03] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [58496 2008-01-21] (Microsoft Corporation)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 ASPI; C:\Windows\SysWow64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2013-07-19] (BitDefender)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2008-10-28] (AVM Berlin)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [119888 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-07-23] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2008-10-28] (AVM GmbH)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-10-07] (BitDefender LLC)
S3 hwdatacard; C:\Windows\SysWow64\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Huawei Technologies Co., Ltd.)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [59136 2008-05-27] (Generic USB smartcard reader)
S3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [913408 2009-10-21] (DiBcom)
R3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95232 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
R3 nmserial; C:\Windows\System32\DRIVERS\nmserial.sys [70144 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
R0 OODrvled; C:\Windows\System32\DRIVERS\OODrvled.sys [30216 2009-09-28] (O&O Software GmbH)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-12-12] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-12-12] (RapidSolution Software AG)
S3 RTL2832UBDA; C:\Windows\SysWow64\drivers\RTL2832UBDA.sys [225256 2011-05-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWow64\Drivers\RTL2832UUSB.sys [39016 2011-05-17] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\SysWow64\DRIVERS\RTL2832U_IRHID.sys [48488 2011-06-13] (Realtek)
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [136192 2010-04-27] (MCCI Corporation)
S3 ssm_mdfl; C:\Windows\System32\DRIVERS\ssm_mdfl.sys [18944 2010-04-27] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\DRIVERS\ssm_mdm.sys [172032 2010-04-27] (MCCI Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-10-07] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R0 vidsflt61; C:\Windows\System32\DRIVERS\vsflt61.sys [142944 2012-01-23] (Acronis)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S3 Bulk1528; System32\Drivers\Bulk1528.sys [x]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 netr7364; system32\DRIVERS\netr7364.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [x]
U3 pwtcqpog; \??\C:\Users\DESK1-~1\AppData\Local\Temp\pwtcqpog.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-18 19:21 - 2013-11-18 19:21 - 01958026 _____ (Farbar) C:\Users\Desk 1 - office\Downloads\FRST64 (2).exe
2013-11-18 19:20 - 2013-11-18 19:20 - 00050477 _____ C:\Users\Desk 1 - office\Downloads\Defogger (1).exe
2013-11-18 16:15 - 2013-11-18 16:16 - 00377856 _____ C:\Users\Desk 1 - office\Downloads\gmer_2.1.19163.exe
2013-11-18 16:14 - 2013-11-18 16:14 - 00096987 _____ C:\Users\Desk 1 - office\Desktop\FRST.txt
2013-11-18 16:11 - 2013-11-18 16:11 - 01958026 _____ (Farbar) C:\Users\Desk 1 - office\Downloads\FRST64 (1).exe
2013-11-18 16:10 - 2013-11-18 16:10 - 00000492 _____ C:\Users\Desk 1 - office\Downloads\defogger_disable.log
2013-11-18 16:10 - 2013-11-18 16:10 - 00000000 _____ C:\Users\Desk 1 - office\defogger_reenable
2013-11-18 16:09 - 2013-11-18 16:09 - 00050477 _____ C:\Users\Desk 1 - office\Downloads\Defogger.exe
2013-11-18 16:07 - 2013-11-18 17:02 - 00000000 ____D C:\Users\Desk 1 - office\Desktop\T R O - B O A R D
2013-11-18 15:07 - 2013-11-18 15:07 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\Malwarebytes
2013-11-18 15:06 - 2013-11-18 15:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Desk 1 - office\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 15:06 - 2013-11-18 15:06 - 00000950 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-18 15:06 - 2013-11-18 15:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 15:06 - 2013-11-18 15:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 15:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-18 14:38 - 2013-11-18 14:39 - 00852616 _____ C:\Windows\dd_NET_Framework35_LangPack_MSI0018.txt
2013-11-18 14:37 - 2013-11-18 14:39 - 00076348 _____ C:\Windows\dd_dotnetfx35install_lp.txt
2013-11-18 14:37 - 2013-11-18 14:38 - 00036144 _____ C:\Windows\dd_depcheck_NETFX_EXP_35.txt
2013-11-18 14:37 - 2013-11-18 14:37 - 00000002 _____ C:\Windows\dd_dotnetfx35error_lp.txt
2013-11-18 14:15 - 2013-11-18 14:15 - 02347384 _____ (ESET) C:\Users\Desk 1 - office\Downloads\esetsmartinstaller_enu.exe
2013-11-18 13:59 - 2013-11-18 14:04 - 00000000 ____D C:\Users\Desk 1 - office\Desktop\ADC
2013-11-18 13:44 - 2013-11-18 13:51 - 00000000 ____D C:\AdwCleaner
2013-11-18 13:43 - 2013-11-18 13:43 - 01085542 _____ C:\Users\Desk 1 - office\Downloads\adwcleaner.exe
2013-11-18 13:32 - 2013-11-18 13:35 - 00054660 _____ C:\Users\Desk 1 - office\Downloads\Addition.txt
2013-11-18 13:31 - 2013-11-18 19:22 - 00034271 _____ C:\Users\Desk 1 - office\Downloads\FRST.txt
2013-11-18 13:30 - 2013-11-18 13:30 - 01958026 _____ (Farbar) C:\Users\Desk 1 - office\Downloads\FRST64.exe
2013-11-18 13:30 - 2013-11-18 13:30 - 00000000 ____D C:\FRST
2013-11-18 13:23 - 2013-11-18 13:23 - 00000958 _____ C:\Users\Desk 1 - office\Desktop\PC Speed Maximizer.lnk
2013-11-18 13:22 - 2013-11-18 13:22 - 00665064 _____ C:\Users\Desk 1 - office\Downloads\ZipExtractorSetup.exe
2013-11-16 13:49 - 2013-11-16 13:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 12:59 - 2013-11-18 13:51 - 00000234 _____ C:\Users\Desk 1 - office\Desktop\Search.lnk
2013-11-16 12:59 - 2013-11-18 13:51 - 00000234 _____ C:\Users\Desk 1 - office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-11-16 12:56 - 2013-11-16 12:56 - 32206488 _____ (DVDVideoSoft Ltd. ) C:\Users\Desk 1 - office\Downloads\FreeYouTubeToMP3Converter (1).exe
2013-11-16 12:56 - 2013-11-16 12:56 - 01128840 _____ (Koyote-Lab Inc) C:\Users\Desk 1 - office\Downloads\FreeVideoConverterSetup-r135-n-bc (1).exe
2013-11-16 08:28 - 2013-11-16 08:29 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{D813AAEA-2103-4530-8636-74782353F0E0}
2013-11-15 19:17 - 2013-11-15 19:17 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{F9C6A41C-77AC-4E59-97C6-054A3911C85C}
2013-11-15 07:16 - 2013-11-15 07:17 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{010717F9-45D1-401C-9113-978A1B238F1C}
2013-11-15 00:04 - 2013-11-15 00:04 - 00000000 ____D C:\Users\Desk 1 - office\{5a89a9ca-6bbd-4fd9-9162-7c78bfe22294}
2013-11-14 23:44 - 2013-11-14 23:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-11-14 23:38 - 2013-08-21 05:31 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2013-11-14 23:38 - 2013-08-21 05:31 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2013-11-14 23:37 - 2013-08-21 05:31 - 00103576 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2013-11-14 23:30 - 2013-11-14 23:30 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-14 23:30 - 2013-11-14 23:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-14 22:57 - 2013-10-30 04:16 - 00233472 _____ (Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe
2013-11-14 22:57 - 2013-10-30 04:16 - 00037344 _____ C:\Windows\SysWOW64\FsUsbExDisk.Sys
2013-11-14 22:57 - 2013-10-30 04:16 - 00037344 _____ C:\Windows\SysWOW64\FsUsbExDisk.Sy_
2013-11-14 22:57 - 2012-06-26 16:03 - 00110592 _____ () C:\Windows\SysWOW64\FsUsbExDevice.Dll
2013-11-14 22:56 - 2013-11-14 22:56 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Samsung
2013-11-14 22:55 - 2013-11-14 22:55 - 00001790 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-11-14 22:55 - 2013-11-14 22:55 - 00000000 ____D C:\Users\Desk 1 - office\Documents\samsung
2013-11-14 22:51 - 2012-06-26 16:03 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2013-11-14 22:51 - 2012-06-26 16:02 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll
2013-11-14 22:51 - 2012-06-26 16:02 - 00020032 _____ (Devguru Co., Ltd) C:\Windows\SysWOW64\Drivers\dgderdrv.sys
2013-11-14 22:41 - 2013-11-14 22:43 - 93912112 _____ (Samsung Electronics Co., Ltd. ) C:\Users\Desk 1 - office\Downloads\Kies_2.3.2.12064_9_7.exe
2013-11-14 20:03 - 2013-11-14 20:03 - 25987208 _____ (Wondershare ) C:\Users\Desk 1 - office\Downloads\mobiletrans_full1296 (2).exe
2013-11-14 20:02 - 2013-11-14 20:03 - 25987208 _____ (Wondershare ) C:\Users\Desk 1 - office\Downloads\mobiletrans_full1296 (1).exe
2013-11-14 13:47 - 2013-11-14 13:53 - 00000000 ____D C:\Users\Desk 1 - office\Desktop\E L I A S
2013-11-14 12:50 - 2013-11-14 12:50 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{5A0C277D-8809-452E-86EF-AA840C90B220}
2013-11-14 12:24 - 2013-10-13 16:58 - 17847296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 12:24 - 2013-10-13 16:09 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 12:24 - 2013-10-13 15:55 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 12:24 - 2013-10-13 15:48 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 12:24 - 2013-10-13 15:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 12:24 - 2013-10-13 15:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-14 12:24 - 2013-10-13 15:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-14 12:24 - 2013-10-13 15:44 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 12:24 - 2013-10-13 15:42 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 12:24 - 2013-10-13 15:42 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-14 12:24 - 2013-10-13 15:42 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-14 12:24 - 2013-10-13 15:39 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 12:24 - 2013-10-13 15:38 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 12:24 - 2013-10-13 15:36 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-14 12:24 - 2013-10-13 15:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 12:24 - 2013-10-13 15:29 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 12:24 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 12:24 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 12:24 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 12:24 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 12:24 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-14 12:24 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 12:24 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-14 12:24 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 12:24 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 12:24 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-14 12:24 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-14 12:24 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 12:24 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 12:24 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-14 12:24 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 12:24 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 08:56 - 2013-10-11 05:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 08:56 - 2013-10-11 05:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 08:56 - 2013-10-11 03:29 - 00217074 _____ C:\Windows\system32\WFP.TMF
2013-11-14 08:56 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 08:56 - 2013-10-03 16:03 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 08:56 - 2013-10-03 16:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 08:56 - 2013-10-03 13:46 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 08:56 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 08:56 - 2013-09-04 03:31 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-10 07:38 - 2013-11-10 07:38 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{910B1744-DBC4-49B8-8434-CF74BE8D7B92}
2013-11-09 23:48 - 2013-11-09 23:48 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{BD504810-F67F-4300-864B-0BFA11C47435}
2013-11-09 23:47 - 2013-11-09 23:47 - 00001214 _____ C:\Users\Desk 1 - office\Desktop\Windows Live Movie Maker.lnk
2013-11-09 22:24 - 2013-11-09 22:24 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{0AFC0C1D-02AB-498E-8E00-447BF490BF73}
2013-11-09 20:39 - 2013-11-09 20:40 - 00000000 ____D C:\Users\Desk 1 - office\Desktop\Fehelermeldung bei Start
2013-11-09 20:23 - 2013-11-09 20:23 - 00001768 _____ C:\Users\Desk 1 - office\Desktop\Windows Movie Maker.lnk
2013-11-09 14:17 - 2013-11-09 14:17 - 01529368 _____ (NCH Software) C:\Users\Desk 1 - office\Downloads\debutpsetup.exe
2013-11-09 14:17 - 2013-11-09 14:17 - 01528344 _____ (NCH Software) C:\Users\Desk 1 - office\Downloads\debutsetup (1).exe
2013-11-09 14:14 - 2013-11-09 14:14 - 01528344 _____ (NCH Software) C:\Users\Desk 1 - office\Downloads\debutsetup.exe
2013-11-09 13:58 - 2013-11-09 13:58 - 00001124 _____ C:\Users\Public\Desktop\Ashampoo Movie Studio Pro.lnk
2013-11-09 13:58 - 2013-11-09 13:58 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Ashampoo Movie Studio Pro
2013-11-09 13:49 - 2013-11-09 13:58 - 00000214 _____ C:\Users\Public\Desktop\Your Software Deals.url
2013-11-09 13:49 - 2013-11-09 13:49 - 00001081 _____ C:\Users\Public\Desktop\Ashampoo Movie Studio.lnk
2013-11-09 13:49 - 2013-11-09 13:49 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Ashampoo Movie Studio
2013-11-09 13:34 - 2013-11-09 13:35 - 171353888 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Desk 1 - office\Downloads\ashampoo_movie_studio_e1.0.9_sm.exe
2013-11-09 13:19 - 2013-11-16 12:58 - 00001076 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-11-09 13:19 - 2013-11-09 13:19 - 28892984 _____ (DVDVideoSoft Ltd. ) C:\Users\Desk 1 - office\Downloads\FreeVideoDub2.0.21.827 (1).exe
2013-11-09 13:19 - 2013-11-09 13:19 - 00001199 _____ C:\Users\Public\Desktop\Free Video Dub.lnk
2013-11-09 13:16 - 2013-11-09 13:17 - 28892984 _____ (DVDVideoSoft Ltd. ) C:\Users\Desk 1 - office\Downloads\FreeVideoDub2.0.21.827.exe
2013-11-09 08:51 - 2013-11-09 08:52 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{4842F1D8-1FB0-486A-AE51-17500AA93FDF}
2013-11-09 00:24 - 2013-11-09 00:24 - 00001696 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-09 00:23 - 2013-11-09 00:24 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-09 00:23 - 2013-11-09 00:24 - 00000000 ____D C:\Program Files\iTunes
2013-11-09 00:17 - 2012-08-21 13:01 - 00033240 ____N (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-11-08 21:12 - 2013-11-08 21:12 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Wondershare
2013-11-08 21:11 - 2013-11-08 21:11 - 00001994 _____ C:\Users\Public\Desktop\Wondershare MobileTrans.lnk
2013-11-08 21:11 - 2013-11-08 21:11 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\Wondershare
2013-11-08 21:11 - 2013-11-08 21:11 - 00000000 ____D C:\Program Files (x86)\Wondershare
2013-11-08 21:10 - 2013-11-08 21:10 - 25987208 _____ (Wondershare ) C:\Users\Desk 1 - office\Downloads\mobiletrans_full1296.exe
2013-11-08 18:06 - 2013-11-08 18:07 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{FD0B60F3-1B1E-4962-8DE4-B335F91A7ECE}
2013-11-08 06:50 - 2013-11-08 06:53 - 00000000 ____D C:\Users\Desk 1 - office\USB-Stick Elias
2013-11-08 06:06 - 2013-11-08 06:06 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{DD54ED7C-9363-405A-87AD-8DDCE3A61029}
2013-11-08 05:55 - 2013-11-08 05:55 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{814CF359-A4B2-4579-8F55-38EC19C52CE7}
2013-11-07 10:27 - 2013-11-07 10:27 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{F64CEF81-1BE7-49E3-8D17-3838223528EB}
2013-11-06 12:35 - 2013-11-08 21:11 - 00000000 ____D C:\Users\Desk 1 - office\.android
2013-11-06 12:35 - 2013-11-06 12:35 - 00000000 ____D C:\Users\Desk 1 - office\Documents\LG PC Suite
2013-11-06 11:05 - 2013-11-06 11:05 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{44CA7F89-B357-4E77-B263-DF5C8D8BEB45}
2013-11-05 23:04 - 2013-11-05 23:05 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{9CF14ECE-4EAB-404E-BFBE-E376B05EBA1C}
2013-11-05 11:03 - 2013-11-05 11:03 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{931C2D1F-FC7C-4CC3-9AA7-6D16B4CA97E7}
2013-11-05 11:03 - 2013-11-05 11:03 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{1669CBD7-32AC-4E5C-81F1-FB9D7B45DDFA}
2013-11-01 14:16 - 2013-11-01 14:17 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{5B88296B-8CFE-4D40-826A-48505BC41E28}
2013-11-01 14:08 - 2013-11-01 14:08 - 00000000 ____D C:\Windows\de
2013-11-01 14:05 - 2013-11-01 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-11-01 14:03 - 2013-11-01 14:08 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-11-01 14:02 - 2013-11-01 14:02 - 00000000 ____D C:\Program Files\Windows Live
2013-11-01 14:01 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2013-11-01 14:01 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-11-01 14:01 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2013-11-01 14:01 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-11-01 13:57 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-11-01 13:57 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-11-01 13:13 - 2013-11-01 13:13 - 00003114 ____N C:\Windows\System32\Tasks\{7ED83459-BC89-4685-AF34-B754B9A6E540}
2013-11-01 13:11 - 2013-11-01 13:11 - 03901792 _____ (DataDesign AG) C:\Users\Desk 1 - office\Downloads\DDBAC (1).EXE
2013-11-01 13:07 - 2013-11-01 13:07 - 03901792 _____ (DataDesign AG) C:\Users\Desk 1 - office\Downloads\DDBAC.EXE
2013-11-01 12:44 - 2013-11-01 12:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-11-01 12:32 - 2013-11-18 14:48 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____D C:\Windows\system32\WindowsPowerShell
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-11-01 12:28 - 2013-11-01 12:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2013-11-01 12:24 - 2009-10-01 02:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2013-11-01 12:24 - 2009-10-01 02:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2013-11-01 12:24 - 2009-10-01 02:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2013-11-01 12:24 - 2009-10-01 02:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2013-11-01 12:24 - 2009-10-01 02:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2013-11-01 12:24 - 2009-10-01 02:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2013-11-01 12:24 - 2009-10-01 02:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll
2013-11-01 12:24 - 2009-10-01 02:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2013-11-01 12:24 - 2009-10-01 02:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2013-11-01 12:24 - 2009-10-01 01:52 - 02727936 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2013-11-01 12:24 - 2009-10-01 01:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-11-01 12:24 - 2009-10-01 01:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2013-11-01 12:24 - 2009-10-01 01:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2013-11-01 12:24 - 2009-10-01 01:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2013-11-01 12:24 - 2009-10-01 01:51 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2013-11-01 12:23 - 2009-08-04 09:12 - 01103872 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2013-11-01 12:23 - 2009-08-04 09:02 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2013-11-01 12:22 - 2013-11-01 12:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-01 12:22 - 2012-03-06 23:44 - 00063296 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-11-01 12:22 - 2011-03-28 18:13 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-01 12:22 - 2010-09-09 16:22 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-11-01 12:22 - 2009-10-14 23:53 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2013-11-01 12:22 - 2009-02-04 20:26 - 00001362 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk
2013-11-01 12:22 - 2008-01-21 04:20 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-01 12:22 - 2008-01-21 04:20 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-01 12:21 - 2013-11-01 12:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-01 12:21 - 2012-03-07 01:08 - 00068928 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-11-01 12:21 - 2012-03-07 01:08 - 00061248 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-11-01 12:17 - 2013-11-01 12:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-01 12:05 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-11-01 12:05 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-11-01 12:05 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-11-01 12:05 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-11-01 12:05 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-11-01 12:05 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-11-01 12:05 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-11-01 12:05 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-11-01 12:05 - 2009-07-14 13:19 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2013-11-01 12:05 - 2009-07-14 13:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winusb.dll
2013-11-01 12:05 - 2009-07-14 01:06 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2013-11-01 12:03 - 2013-11-01 12:05 - 00009141 _____ C:\Windows\system32\lvcoinst.log
2013-11-01 12:01 - 2009-10-09 22:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2013-11-01 12:01 - 2009-10-09 22:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrssrv.dll
2013-11-01 12:01 - 2009-10-09 22:56 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrsmgr.dll
2013-11-01 12:01 - 2009-10-09 22:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2013-11-01 12:01 - 2009-10-09 22:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2013-11-01 12:01 - 2009-10-09 22:34 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2013-11-01 12:00 - 2009-10-09 22:56 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2013-11-01 12:00 - 2009-10-09 22:56 - 00246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2013-11-01 12:00 - 2009-10-09 22:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrscmd.dll
2013-11-01 12:00 - 2009-10-09 22:56 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2013-11-01 12:00 - 2009-10-09 22:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2013-11-01 12:00 - 2009-10-09 22:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pwrshplugin.dll
2013-11-01 12:00 - 2009-10-09 22:56 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrs.exe
2013-11-01 12:00 - 2009-10-09 22:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrshost.exe
2013-11-01 12:00 - 2009-10-09 22:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2013-11-01 12:00 - 2009-10-09 22:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2013-11-01 12:00 - 2009-10-09 22:55 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtfwd.dll
2013-11-01 12:00 - 2009-10-09 22:55 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wecutil.exe
2013-11-01 12:00 - 2009-10-09 22:55 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wecapi.dll
2013-11-01 12:00 - 2009-10-09 22:55 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2013-11-01 12:00 - 2009-10-09 22:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2013-11-01 12:00 - 2009-10-09 22:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2013-11-01 12:00 - 2009-10-09 22:35 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2013-11-01 12:00 - 2009-10-09 22:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2013-11-01 12:00 - 2009-10-09 22:35 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2013-11-01 12:00 - 2009-10-09 22:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2013-11-01 12:00 - 2009-10-09 22:34 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2013-11-01 12:00 - 2009-10-09 22:34 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2013-11-01 12:00 - 2009-10-09 22:34 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2013-11-01 12:00 - 2009-10-09 22:34 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2013-11-01 12:00 - 2009-10-09 22:34 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2013-11-01 12:00 - 2009-10-09 22:34 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2013-11-01 12:00 - 2009-10-09 22:34 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2013-11-01 12:00 - 2009-10-09 22:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2013-11-01 12:00 - 2009-10-09 22:34 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2013-11-01 12:00 - 2009-08-01 07:27 - 00201184 _____ C:\Windows\SysWOW64\winrm.vbs
2013-11-01 12:00 - 2009-08-01 07:27 - 00201184 _____ C:\Windows\system32\winrm.vbs
2013-11-01 12:00 - 2009-07-16 18:30 - 00004675 _____ C:\Windows\SysWOW64\wsmanconfig_schema.xml
2013-11-01 12:00 - 2009-07-16 18:30 - 00004675 _____ C:\Windows\system32\wsmanconfig_schema.xml
2013-11-01 12:00 - 2009-07-16 18:30 - 00002426 _____ C:\Windows\SysWOW64\WsmTxt.xsl
2013-11-01 12:00 - 2009-07-16 18:30 - 00002426 _____ C:\Windows\system32\WsmTxt.xsl
2013-11-01 11:59 - 2009-09-10 03:07 - 03815424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2013-11-01 11:59 - 2009-09-10 03:06 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2013-11-01 11:59 - 2009-09-10 03:05 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-11-01 11:59 - 2009-09-10 03:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2013-11-01 11:59 - 2009-09-10 03:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2013-11-01 11:59 - 2009-09-10 03:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-11-01 11:37 - 2009-09-10 16:27 - 00372736 ____N (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2013-11-01 11:37 - 2009-09-10 15:58 - 00310784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unregmp2.exe
2013-11-01 11:36 - 2010-01-25 13:10 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2013-11-01 11:36 - 2010-01-25 13:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2013-11-01 11:36 - 2010-01-25 13:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2013-11-01 11:35 - 2013-04-17 14:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-11-01 11:35 - 2013-04-17 13:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-11-01 11:35 - 2012-11-22 05:22 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-11-01 11:35 - 2012-11-22 04:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2013-11-01 11:35 - 2011-06-15 17:16 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-11-01 11:35 - 2011-06-15 17:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-11-01 11:35 - 2011-02-22 15:47 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-11-01 11:35 - 2011-02-22 15:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-11-01 11:35 - 2010-01-25 13:10 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2013-11-01 11:35 - 2010-01-25 13:10 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2013-11-01 11:35 - 2010-01-25 13:10 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2013-11-01 11:35 - 2010-01-25 13:08 - 00460288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2013-11-01 11:35 - 2010-01-25 13:00 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2013-11-01 11:35 - 2010-01-25 13:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2013-11-01 11:35 - 2010-01-25 12:58 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2013-11-01 11:35 - 2010-01-25 09:29 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2013-11-01 11:35 - 2010-01-25 09:29 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2013-11-01 11:35 - 2010-01-25 09:29 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2013-11-01 11:35 - 2010-01-25 09:29 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2013-11-01 11:35 - 2010-01-25 09:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2013-11-01 11:35 - 2010-01-25 09:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2013-11-01 11:35 - 2010-01-25 09:21 - 00347136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2013-11-01 11:35 - 2010-01-25 09:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2013-11-01 11:35 - 2009-10-23 18:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-11-01 11:35 - 2009-10-23 18:10 - 00714240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-11-01 11:30 - 2011-03-12 23:52 - 01653760 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-11-01 11:30 - 2011-03-12 22:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-11-01 11:30 - 2011-03-03 16:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2013-11-01 11:30 - 2011-03-03 16:40 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Apphlpdm.dll
2013-11-01 11:30 - 2011-03-03 15:00 - 04240384 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2013-11-01 11:30 - 2011-03-03 14:35 - 04240384 _____ (Microsoft) C:\Windows\SysWOW64\GameUXLegacyGDFs.dll
2013-11-01 11:30 - 2010-08-26 18:42 - 01927680 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-11-01 11:30 - 2010-08-26 17:34 - 01696256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-11-01 11:19 - 2013-11-01 11:19 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{ECDC1088-901B-444C-9A34-67ED243FD902}
2013-11-01 11:01 - 2013-11-08 22:18 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Windows Live
2013-11-01 11:01 - 2013-11-01 11:01 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{03032F73-6BE2-4B18-BABD-59A967F49698}
2013-11-01 08:50 - 2013-11-01 08:52 - 230365032 _____ (Microsoft Corporation) C:\Users\Desk 1 - office\Downloads\wlsetup-all.exe
2013-10-30 23:22 - 2013-10-30 23:22 - 00000980 ____N C:\Users\Desk 1 - office\Desktop\FUJIdirekt Bestellsoftware.lnk
2013-10-30 21:35 - 2013-10-30 21:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2013-10-30 20:37 - 2013-11-06 12:31 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\LG Electronics
2013-10-30 20:25 - 2013-10-30 20:25 - 00001043 _____ C:\Users\Public\Desktop\LG PC Suite.lnk
2013-10-30 20:20 - 2013-10-30 20:20 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\LG Electronics
2013-10-30 20:18 - 2013-10-30 20:20 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2013-10-30 20:12 - 2013-10-30 20:16 - 216317856 _____ (LG Electronics) C:\Users\Desk 1 - office\Downloads\LGPCSuite_Setup.exe
2013-10-29 20:36 - 2013-10-29 20:40 - 938891219 _____ C:\Users\Desk 1 - office\Downloads\iPhone3,1_6.1.3_10B329_Restore(1).ipsw
2013-10-29 20:32 - 2013-10-29 20:36 - 938891219 _____ C:\Users\Desk 1 - office\Downloads\iPhone3,1_6.1.3_10B329_Restore.ipsw
2013-10-29 16:49 - 2013-10-29 16:49 - 00125443 _____ C:\Users\Desk 1 - office\Downloads\130729-Gebuehrenrechner-V-1.0.xlsx

==================== One Month Modified Files and Folders =======

2013-11-18 19:23 - 2013-11-18 13:31 - 00034271 _____ C:\Users\Desk 1 - office\Downloads\FRST.txt
2013-11-18 19:21 - 2013-11-18 19:21 - 01958026 _____ (Farbar) C:\Users\Desk 1 - office\Downloads\FRST64 (2).exe
2013-11-18 19:20 - 2013-11-18 19:20 - 00050477 _____ C:\Users\Desk 1 - office\Downloads\Defogger (1).exe
2013-11-18 19:19 - 2013-05-29 18:01 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\uTorrent
2013-11-18 19:00 - 2011-03-01 19:03 - 00000534 _____ C:\Windows\Tasks\1-Klick-Wartung.job
2013-11-18 18:58 - 2012-03-30 06:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-18 18:50 - 2012-01-05 10:49 - 00001160 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-318507041-2098409108-3261088412-1000UA.job
2013-11-18 18:48 - 2006-11-02 16:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-18 18:48 - 2006-11-02 16:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-18 18:43 - 2010-01-29 08:28 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-18 17:54 - 2012-08-06 10:20 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\9D697D07-4C6B-48A2-8A74-26FDF1983BA4.aplzod
2013-11-18 17:43 - 2010-01-29 08:28 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-18 17:10 - 2013-01-28 20:19 - 00002655 _____ C:\Users\Desk 1 - office\Desktop\Microsoft Office Word 2007.lnk
2013-11-18 17:02 - 2013-11-18 16:07 - 00000000 ____D C:\Users\Desk 1 - office\Desktop\T R O - B O A R D
2013-11-18 16:38 - 2009-03-29 07:38 - 01202183 _____ C:\Windows\WindowsUpdate.log
2013-11-18 16:16 - 2013-11-18 16:15 - 00377856 _____ C:\Users\Desk 1 - office\Downloads\gmer_2.1.19163.exe
2013-11-18 16:14 - 2013-11-18 16:14 - 00096987 _____ C:\Users\Desk 1 - office\Desktop\FRST.txt
2013-11-18 16:11 - 2013-11-18 16:11 - 01958026 _____ (Farbar) C:\Users\Desk 1 - office\Downloads\FRST64 (1).exe
2013-11-18 16:10 - 2013-11-18 16:10 - 00000492 _____ C:\Users\Desk 1 - office\Downloads\defogger_disable.log
2013-11-18 16:10 - 2013-11-18 16:10 - 00000000 _____ C:\Users\Desk 1 - office\defogger_reenable
2013-11-18 16:10 - 2009-09-14 16:47 - 00000000 ____D C:\Users\Desk 1 - office
2013-11-18 16:09 - 2013-11-18 16:09 - 00050477 _____ C:\Users\Desk 1 - office\Downloads\Defogger.exe
2013-11-18 15:07 - 2013-11-18 15:07 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\Malwarebytes
2013-11-18 15:06 - 2013-11-18 15:06 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Desk 1 - office\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 15:06 - 2013-11-18 15:06 - 00000950 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-18 15:06 - 2013-11-18 15:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 15:06 - 2013-11-18 15:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 14:53 - 2013-03-05 12:42 - 00000632 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-11-18 14:48 - 2013-11-01 12:32 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2013-11-18 14:48 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-18 14:47 - 2011-06-08 14:56 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-11-18 14:47 - 2006-11-02 16:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-18 14:46 - 2011-03-14 10:54 - 00002794 _____ C:\Windows\System32\Tasks\{3F6B0081-5801-41E8-85C5-EDD8295B30AB}
2013-11-18 14:46 - 2009-09-18 15:12 - 00002896 _____ C:\Windows\System32\Tasks\{BE745501-B048-46B3-94EA-4A14219CB99F}
2013-11-18 14:39 - 2013-11-18 14:38 - 00852616 _____ C:\Windows\dd_NET_Framework35_LangPack_MSI0018.txt
2013-11-18 14:39 - 2013-11-18 14:37 - 00076348 _____ C:\Windows\dd_dotnetfx35install_lp.txt
2013-11-18 14:38 - 2013-11-18 14:37 - 00036144 _____ C:\Windows\dd_depcheck_NETFX_EXP_35.txt
2013-11-18 14:37 - 2013-11-18 14:37 - 00000002 _____ C:\Windows\dd_dotnetfx35error_lp.txt
2013-11-18 14:26 - 2009-09-18 15:12 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\Skype
2013-11-18 14:25 - 2009-09-18 15:12 - 00000000 ____D C:\ProgramData\Skype
2013-11-18 14:24 - 2011-07-01 05:48 - 00002415 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-18 14:15 - 2013-11-18 14:15 - 02347384 _____ (ESET) C:\Users\Desk 1 - office\Downloads\esetsmartinstaller_enu.exe
2013-11-18 14:13 - 2011-05-09 16:30 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\HpUpdate
2013-11-18 14:04 - 2013-11-18 13:59 - 00000000 ____D C:\Users\Desk 1 - office\Desktop\ADC
2013-11-18 13:55 - 2013-09-11 06:21 - 00013352 _____ C:\Windows\system32\spsys.log
2013-11-18 13:54 - 2012-05-16 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-18 13:54 - 2008-01-21 04:26 - 00645234 _____ C:\Windows\PFRO.log
2013-11-18 13:51 - 2013-11-18 13:44 - 00000000 ____D C:\AdwCleaner
2013-11-18 13:51 - 2013-11-16 12:59 - 00000234 _____ C:\Users\Desk 1 - office\Desktop\Search.lnk
2013-11-18 13:51 - 2013-11-16 12:59 - 00000234 _____ C:\Users\Desk 1 - office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-11-18 13:43 - 2013-11-18 13:43 - 01085542 _____ C:\Users\Desk 1 - office\Downloads\adwcleaner.exe
2013-11-18 13:35 - 2013-11-18 13:32 - 00054660 _____ C:\Users\Desk 1 - office\Downloads\Addition.txt
2013-11-18 13:30 - 2013-11-18 13:30 - 01958026 _____ (Farbar) C:\Users\Desk 1 - office\Downloads\FRST64.exe
2013-11-18 13:30 - 2013-11-18 13:30 - 00000000 ____D C:\FRST
2013-11-18 13:23 - 2013-11-18 13:23 - 00000958 _____ C:\Users\Desk 1 - office\Desktop\PC Speed Maximizer.lnk
2013-11-18 13:22 - 2013-11-18 13:22 - 00665064 _____ C:\Users\Desk 1 - office\Downloads\ZipExtractorSetup.exe
2013-11-18 11:28 - 2011-09-08 22:34 - 00003746 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{22F45F49-C28C-4852-AC10-25018A3FD799}
2013-11-16 21:10 - 2009-02-05 03:46 - 00697358 _____ C:\Windows\system32\perfh007.dat
2013-11-16 21:10 - 2009-02-05 03:46 - 00155530 _____ C:\Windows\system32\perfc007.dat
2013-11-16 21:10 - 2006-11-02 13:46 - 01627154 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-16 20:19 - 2013-04-29 10:00 - 00058641 _____ C:\Windows\setupact.log
2013-11-16 20:18 - 2009-10-01 22:20 - 00113152 _____ C:\Users\Desk 1 - office\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-16 13:49 - 2013-11-16 13:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 13:36 - 2009-09-14 17:08 - 00000680 _____ C:\Users\Desk 1 - office\AppData\Local\d3d9caps.dat
2013-11-16 12:58 - 2013-11-09 13:19 - 00001076 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-11-16 12:58 - 2013-05-22 17:59 - 00001369 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-11-16 12:58 - 2013-05-22 11:43 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-11-16 12:57 - 2013-05-22 11:43 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\DVDVideoSoft
2013-11-16 12:56 - 2013-11-16 12:56 - 32206488 _____ (DVDVideoSoft Ltd. ) C:\Users\Desk 1 - office\Downloads\FreeYouTubeToMP3Converter (1).exe
2013-11-16 12:56 - 2013-11-16 12:56 - 01128840 _____ (Koyote-Lab Inc) C:\Users\Desk 1 - office\Downloads\FreeVideoConverterSetup-r135-n-bc (1).exe
2013-11-16 08:29 - 2013-11-16 08:28 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{D813AAEA-2103-4530-8636-74782353F0E0}
2013-11-15 23:23 - 2011-02-12 20:56 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\vlc
2013-11-15 22:50 - 2012-01-05 10:49 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-318507041-2098409108-3261088412-1000Core.job
2013-11-15 19:17 - 2013-11-15 19:17 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{F9C6A41C-77AC-4E59-97C6-054A3911C85C}
2013-11-15 13:54 - 2009-09-18 12:57 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-11-15 07:30 - 2012-01-13 22:14 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Downloaded Installations
2013-11-15 07:30 - 2009-09-14 17:53 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Microsoft Help
2013-11-15 07:23 - 2013-09-27 14:48 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-11-15 07:17 - 2013-11-15 07:16 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{010717F9-45D1-401C-9113-978A1B238F1C}
2013-11-15 07:17 - 2013-09-11 09:59 - 00002086 _____ C:\Users\Desk 1 - office\Desktop\Google Chrome.lnk
2013-11-15 00:04 - 2013-11-15 00:04 - 00000000 ____D C:\Users\Desk 1 - office\{5a89a9ca-6bbd-4fd9-9162-7c78bfe22294}
2013-11-14 23:44 - 2013-11-14 23:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-11-14 23:30 - 2013-11-14 23:30 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-11-14 23:30 - 2013-11-14 23:30 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-14 22:56 - 2013-11-14 22:56 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Samsung
2013-11-14 22:56 - 2010-01-11 10:56 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\Samsung
2013-11-14 22:55 - 2013-11-14 22:55 - 00001790 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2013-11-14 22:55 - 2013-11-14 22:55 - 00000000 ____D C:\Users\Desk 1 - office\Documents\samsung
2013-11-14 22:51 - 2009-02-04 20:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-14 22:48 - 2010-05-18 21:23 - 00000000 ____D C:\ProgramData\Samsung
2013-11-14 22:47 - 2010-01-11 10:55 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-11-14 22:43 - 2013-11-14 22:41 - 93912112 _____ (Samsung Electronics Co., Ltd. ) C:\Users\Desk 1 - office\Downloads\Kies_2.3.2.12064_9_7.exe
2013-11-14 20:03 - 2013-11-14 20:03 - 25987208 _____ (Wondershare ) C:\Users\Desk 1 - office\Downloads\mobiletrans_full1296 (2).exe
2013-11-14 20:03 - 2013-11-14 20:02 - 25987208 _____ (Wondershare ) C:\Users\Desk 1 - office\Downloads\mobiletrans_full1296 (1).exe
2013-11-14 13:53 - 2013-11-14 13:47 - 00000000 ____D C:\Users\Desk 1 - office\Desktop\E L I A S
2013-11-14 12:51 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2013-11-14 12:50 - 2013-11-14 12:50 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{5A0C277D-8809-452E-86EF-AA840C90B220}
2013-11-14 12:26 - 2009-09-14 17:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 12:24 - 2013-08-15 17:48 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 12:17 - 2006-11-02 13:35 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-13 15:54 - 2011-07-31 18:48 - 00000000 ____D C:\Users\Desk 1 - office\Documents\Eigene Scans
2013-11-11 23:35 - 2013-05-29 18:16 - 00000000 ____D C:\Program Files\PeerBlock
2013-11-11 10:03 - 2009-09-14 17:00 - 00003594 _____ C:\Windows\System32\Tasks\HP Health Check
2013-11-10 07:38 - 2013-11-10 07:38 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{910B1744-DBC4-49B8-8434-CF74BE8D7B92}
2013-11-09 23:48 - 2013-11-09 23:48 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{BD504810-F67F-4300-864B-0BFA11C47435}
2013-11-09 23:47 - 2013-11-09 23:47 - 00001214 _____ C:\Users\Desk 1 - office\Desktop\Windows Live Movie Maker.lnk
2013-11-09 22:24 - 2013-11-09 22:24 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{0AFC0C1D-02AB-498E-8E00-447BF490BF73}
2013-11-09 22:06 - 2009-09-14 16:57 - 00000000 ___RD C:\Users\Desk 1 - office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-09 21:51 - 2012-11-07 13:34 - 00000000 ___RD C:\Users\Desk 1 - office\Dropbox
2013-11-09 21:51 - 2012-11-07 13:29 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\Dropbox
2013-11-09 20:40 - 2013-11-09 20:39 - 00000000 ____D C:\Users\Desk 1 - office\Desktop\Fehelermeldung bei Start
2013-11-09 20:23 - 2013-11-09 20:23 - 00001768 _____ C:\Users\Desk 1 - office\Desktop\Windows Movie Maker.lnk
2013-11-09 14:17 - 2013-11-09 14:17 - 01529368 _____ (NCH Software) C:\Users\Desk 1 - office\Downloads\debutpsetup.exe
2013-11-09 14:17 - 2013-11-09 14:17 - 01528344 _____ (NCH Software) C:\Users\Desk 1 - office\Downloads\debutsetup (1).exe
2013-11-09 14:14 - 2013-11-09 14:14 - 01528344 _____ (NCH Software) C:\Users\Desk 1 - office\Downloads\debutsetup.exe
2013-11-09 13:58 - 2013-11-09 13:58 - 00001124 _____ C:\Users\Public\Desktop\Ashampoo Movie Studio Pro.lnk
2013-11-09 13:58 - 2013-11-09 13:58 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Ashampoo Movie Studio Pro
2013-11-09 13:58 - 2013-11-09 13:49 - 00000214 _____ C:\Users\Public\Desktop\Your Software Deals.url
2013-11-09 13:57 - 2009-09-28 09:58 - 00000000 ____D C:\ProgramData\ashampoo
2013-11-09 13:57 - 2009-09-28 09:37 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2013-11-09 13:49 - 2013-11-09 13:49 - 00001081 _____ C:\Users\Public\Desktop\Ashampoo Movie Studio.lnk
2013-11-09 13:49 - 2013-11-09 13:49 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Ashampoo Movie Studio
2013-11-09 13:35 - 2013-11-09 13:34 - 171353888 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Desk 1 - office\Downloads\ashampoo_movie_studio_e1.0.9_sm.exe
2013-11-09 13:19 - 2013-11-09 13:19 - 28892984 _____ (DVDVideoSoft Ltd. ) C:\Users\Desk 1 - office\Downloads\FreeVideoDub2.0.21.827 (1).exe
2013-11-09 13:19 - 2013-11-09 13:19 - 00001199 _____ C:\Users\Public\Desktop\Free Video Dub.lnk
2013-11-09 13:17 - 2013-11-09 13:16 - 28892984 _____ (DVDVideoSoft Ltd. ) C:\Users\Desk 1 - office\Downloads\FreeVideoDub2.0.21.827.exe
2013-11-09 08:52 - 2013-11-09 08:51 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{4842F1D8-1FB0-486A-AE51-17500AA93FDF}
2013-11-09 00:24 - 2013-11-09 00:24 - 00001696 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-09 00:24 - 2013-11-09 00:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-09 00:24 - 2013-11-09 00:23 - 00000000 ____D C:\Program Files\iTunes
2013-11-09 00:24 - 2013-06-01 08:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-09 00:23 - 2013-06-01 08:14 - 00000000 ____D C:\Program Files\iPod
2013-11-09 00:23 - 2011-01-20 09:32 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-08 22:18 - 2013-11-01 11:01 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Windows Live
2013-11-08 21:12 - 2013-11-08 21:12 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\Wondershare
2013-11-08 21:11 - 2013-11-08 21:11 - 00001994 _____ C:\Users\Public\Desktop\Wondershare MobileTrans.lnk
2013-11-08 21:11 - 2013-11-08 21:11 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\Wondershare
2013-11-08 21:11 - 2013-11-08 21:11 - 00000000 ____D C:\Program Files (x86)\Wondershare
2013-11-08 21:11 - 2013-11-06 12:35 - 00000000 ____D C:\Users\Desk 1 - office\.android
2013-11-08 21:10 - 2013-11-08 21:10 - 25987208 _____ (Wondershare ) C:\Users\Desk 1 - office\Downloads\mobiletrans_full1296.exe
2013-11-08 18:07 - 2013-11-08 18:06 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{FD0B60F3-1B1E-4962-8DE4-B335F91A7ECE}
2013-11-08 06:53 - 2013-11-08 06:50 - 00000000 ____D C:\Users\Desk 1 - office\USB-Stick Elias
2013-11-08 06:06 - 2013-11-08 06:06 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{DD54ED7C-9363-405A-87AD-8DDCE3A61029}
2013-11-08 05:55 - 2013-11-08 05:55 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{814CF359-A4B2-4579-8F55-38EC19C52CE7}
2013-11-07 10:27 - 2013-11-07 10:27 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{F64CEF81-1BE7-49E3-8D17-3838223528EB}
2013-11-06 12:35 - 2013-11-06 12:35 - 00000000 ____D C:\Users\Desk 1 - office\Documents\LG PC Suite
2013-11-06 12:31 - 2013-10-30 20:37 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\LG Electronics
2013-11-06 11:05 - 2013-11-06 11:05 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{44CA7F89-B357-4E77-B263-DF5C8D8BEB45}
2013-11-06 01:10 - 2013-03-05 12:42 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-11-05 23:05 - 2013-11-05 23:04 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{9CF14ECE-4EAB-404E-BFBE-E376B05EBA1C}
2013-11-05 11:26 - 2012-11-07 13:34 - 00000951 _____ C:\Users\Desk 1 - office\Desktop\Dropbox.lnk
2013-11-05 11:26 - 2012-11-07 13:31 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-05 11:03 - 2013-11-05 11:03 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{931C2D1F-FC7C-4CC3-9AA7-6D16B4CA97E7}
2013-11-05 11:03 - 2013-11-05 11:03 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{1669CBD7-32AC-4E5C-81F1-FB9D7B45DDFA}
2013-11-04 20:21 - 2009-09-16 18:32 - 00000288 _____ C:\Users\Desk 1 - office\AppData\Roaming\wklnhst.dat
2013-11-04 12:16 - 2006-11-02 16:21 - 00587792 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-01 20:40 - 2009-09-14 16:57 - 00206376 _____ C:\Users\Desk 1 - office\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-01 14:17 - 2013-11-01 14:16 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{5B88296B-8CFE-4D40-826A-48505BC41E28}
2013-11-01 14:08 - 2013-11-01 14:08 - 00000000 ____D C:\Windows\de
2013-11-01 14:08 - 2013-11-01 14:03 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-11-01 14:05 - 2013-11-01 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-11-01 14:02 - 2013-11-01 14:02 - 00000000 ____D C:\Program Files\Windows Live
2013-11-01 14:02 - 2006-11-02 14:33 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-01 13:57 - 2013-05-28 10:36 - 00037906 _____ C:\Windows\DirectX.log
2013-11-01 13:14 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\Help
2013-11-01 13:13 - 2013-11-01 13:13 - 00003114 ____N C:\Windows\System32\Tasks\{7ED83459-BC89-4685-AF34-B754B9A6E540}
2013-11-01 13:11 - 2013-11-01 13:11 - 03901792 _____ (DataDesign AG) C:\Users\Desk 1 - office\Downloads\DDBAC (1).EXE
2013-11-01 13:07 - 2013-11-01 13:07 - 03901792 _____ (DataDesign AG) C:\Users\Desk 1 - office\Downloads\DDBAC.EXE
2013-11-01 12:44 - 2013-11-01 12:44 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-11-01 12:34 - 2009-02-04 20:12 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____D C:\Windows\system32\WindowsPowerShell
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-11-01 12:30 - 2013-11-01 12:30 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\bg-BG
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\zh-HK
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\uk-UA
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\tr-TR
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\th-TH
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\sl-SI
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\sk-SK
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\ro-RO
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\lv-LV
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\lt-LT
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\hr-HR
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\he-IL
2013-11-01 12:30 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\et-EE
2013-11-01 12:30 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\system32\bg-BG
2013-11-01 12:30 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\system32\ar-SA
2013-11-01 12:30 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-01 12:28 - 2013-11-01 12:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2013-11-01 12:22 - 2013-11-01 12:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-11-01 12:22 - 2013-11-01 12:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-01 12:22 - 2013-11-01 12:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-01 12:21 - 2013-11-01 12:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-01 12:16 - 2009-10-14 12:24 - 01606224 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-01 12:05 - 2013-11-01 12:03 - 00009141 _____ C:\Windows\system32\lvcoinst.log
2013-11-01 12:04 - 2009-09-22 21:27 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2013-11-01 11:19 - 2013-11-01 11:19 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{ECDC1088-901B-444C-9A34-67ED243FD902}
2013-11-01 11:13 - 2009-02-04 20:50 - 00032821 _____ C:\ProgramData\nvModes.001
2013-11-01 11:01 - 2013-11-01 11:01 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\{03032F73-6BE2-4B18-BABD-59A967F49698}
2013-11-01 08:52 - 2013-11-01 08:50 - 230365032 _____ (Microsoft Corporation) C:\Users\Desk 1 - office\Downloads\wlsetup-all.exe
2013-10-30 23:22 - 2013-10-30 23:22 - 00000980 ____N C:\Users\Desk 1 - office\Desktop\FUJIdirekt Bestellsoftware.lnk
2013-10-30 23:20 - 2013-05-28 13:30 - 00000000 ____D C:\Users\Desk 1 - office\Documents\F O T O B U C H
2013-10-30 21:35 - 2013-10-30 21:35 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf
2013-10-30 20:25 - 2013-10-30 20:25 - 00001043 _____ C:\Users\Public\Desktop\LG PC Suite.lnk
2013-10-30 20:20 - 2013-10-30 20:20 - 00000000 ____D C:\Users\Desk 1 - office\AppData\Local\LG Electronics
2013-10-30 20:20 - 2013-10-30 20:18 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2013-10-30 20:16 - 2013-10-30 20:12 - 216317856 _____ (LG Electronics) C:\Users\Desk 1 - office\Downloads\LGPCSuite_Setup.exe
2013-10-30 04:16 - 2013-11-14 22:57 - 00233472 _____ (Teruten) C:\Windows\SysWOW64\FsUsbExService.Exe
2013-10-30 04:16 - 2013-11-14 22:57 - 00037344 _____ C:\Windows\SysWOW64\FsUsbExDisk.Sys
2013-10-30 04:16 - 2013-11-14 22:57 - 00037344 _____ C:\Windows\SysWOW64\FsUsbExDisk.Sy_
2013-10-29 20:40 - 2013-10-29 20:36 - 938891219 _____ C:\Users\Desk 1 - office\Downloads\iPhone3,1_6.1.3_10B329_Restore(1).ipsw
2013-10-29 20:36 - 2013-10-29 20:32 - 938891219 _____ C:\Users\Desk 1 - office\Downloads\iPhone3,1_6.1.3_10B329_Restore.ipsw
2013-10-29 18:50 - 2013-05-02 14:50 - 00208896 ____N C:\Users\Desk 1 - office\Desktop\U-Zeit - K I D S 2 0 1 3 - 02.05.13.xls
2013-10-29 16:49 - 2013-10-29 16:49 - 00125443 _____ C:\Users\Desk 1 - office\Downloads\130729-Gebuehrenrechner-V-1.0.xlsx
2013-10-29 16:44 - 2013-03-15 08:43 - 00000000 ____D C:\Users\Desk 1 - office\Documents\I M M O B I L I E N - I N F O
2013-10-23 09:12 - 2013-05-22 11:45 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-10-23 09:12 - 2009-09-16 19:43 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-23 08:29 - 2013-09-29 07:56 - 00000995 _____ C:\Users\Desk 1 - office\Desktop\CopyTransManager - Verknüpfung.lnk

Files to move or delete:
====================
C:\Users\Desk 1 - office\AppData\Roaming\desktop.ini
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT


Some content of TEMP:
====================
C:\Users\Desk 1 - office\AppData\Local\Temp\MovieStudio.exe
C:\Users\Desk 1 - office\AppData\Local\Temp\MovieStudioPro.exe
C:\Users\Desk 1 - office\AppData\Local\Temp\Quarantine.exe
C:\Users\Desk 1 - office\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-18 14:58

==================== End Of Log ============================

zu 4) Gmer - Log lies sich mit Save-Button nicht auf Desktop speichern. Hab die Einträge kopiert und in eine Word-Datei abgelegt. Sehr umfangreich, deswegen hiere nicht beigefügt. Reiche ich gerne auf Anfrage nach.

zu 5) Malwarebytes Anti Malware

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.18.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Desk 1 - office :: DESK1-OFFICE [Administrator]

18.11.2013 15:08:05
mbam-log-2013-11-18 (15-08-05).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 297227
Laufzeit: 8 Minute(n), 24 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\BONANZADEALS (PUP.Optional.BonanzaDeals.A) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Daten: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\BonanzaDeals|ChromeCrxPath (PUP.Optional.BonanzaDeals.A) -> Daten: C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 7
C:\Users\Desk 1 - office\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.24.6 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\AppData\Local\Temp\ct2481020 (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\AppData\Local\Temp\ct2481020\xpi (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\AppData\Local\Temp\ct2481020\xpi\defaults (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\AppData\Local\Temp\ct2481020\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Keine Aktion durchgeführt.

Infizierte Dateien: 12
C:\Users\Desk 1 - office\AppData\Local\Temp\is1590112554\7533898_stp\bd.exe (PUP.Optional.BonanzaDeals.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Documents\PCSUUpdate.exe (PUP.Optional.PCSpeedUp.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\FreeVideoDub2.0.21.827 (1).exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\FreeVideoDub2.0.21.827.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\FreeYouTubeDownload.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\FreeYouTubeToMP3Converter.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\Pinnacle_TVCenter_6.4.3 (1).exe (PUP.Optional.Bandoo.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\Pinnacle_TVCenter_6.4.3.exe (PUP.Optional.Bandoo.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\SoftonicDownloader_fuer_ikea-home-planer.exe (PUP.Optional.Softonic.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\SoftonicDownloader_fuer_sweet-home-3d.exe (PUP.Optional.Softonic.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\SoftonicDownloader_fuer_switch-audio-file-converter.exe (PUP.Optional.Softonic.A) -> Keine Aktion durchgeführt.
C:\Users\Desk 1 - office\Downloads\ZipExtractorSetup.exe (PUP.Optional.JumpyApps.A) -> Keine Aktion durchgeführt.

(Ende)

zu 6) Eset Online Scan

C:\Users\Desk 1 - office\Downloads\Pinnacle_TVCenter_6.4.3 (1).exe Win32/Adware.1ClickDownload.K Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\Users\Desk 1 - office\Downloads\Pinnacle_TVCenter_6.4.3.exe Win32/Adware.1ClickDownload.K Anwendung Gesäubert durch Löschen - in Quarantäne kopiert


Nun das wars vorerst. Freu mich auf Eure Antwort.

Schöne Grüße

Chris

Alt 19.11.2013, 06:54   #2
schrauber
/// the machine
/// TB-Ausbilder
 

wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos - Standard

wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Alt 19.11.2013, 10:43   #3
sambasonic
 
wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos - Standard

wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos



Hallo Schrauber,

ist ja nett ... Danke für die schnelle Antwort.

Zunächst: Nur die Gmer-Logdatei ist sehr lange (schon als .docx Datei ca 136 kb). Soll ich sie so wie von Dir beschrieben schicken ? Was ist ein Editor und wo ? Sorry ... :-(

Die von Dir vorgeschlagene Software lade ich mal eben runter und schick Dir den Log

LG Chris

Hallo Schrauber,

1) ... hab den Editor inzwischen als Zubehör von Windows ermittelt :-) und die GMER Log Datei hier rein kopiert (Größe 1.534 kB ... also als .txt noch größer als .docx). Deine Anweisungen hierzu waren nicht auszuführen. Soll ich Dir die als Anhang schicken ?

2) ... Junkware Removal Tool ausgeführt (Rechtsklick d.h. als Administrator ausführen ging nicht)... anbei die Log-Datei:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Desk 1 - office on 19.11.2013 at 8:12:27,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bonanzadeals
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bonanzadeals



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{010717F9-45D1-401C-9113-978A1B238F1C}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{03032F73-6BE2-4B18-BABD-59A967F49698}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{0AFC0C1D-02AB-498E-8E00-447BF490BF73}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{1669CBD7-32AC-4E5C-81F1-FB9D7B45DDFA}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{44CA7F89-B357-4E77-B263-DF5C8D8BEB45}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{4842F1D8-1FB0-486A-AE51-17500AA93FDF}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{5A0C277D-8809-452E-86EF-AA840C90B220}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{5B88296B-8CFE-4D40-826A-48505BC41E28}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{814CF359-A4B2-4579-8F55-38EC19C52CE7}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{910B1744-DBC4-49B8-8434-CF74BE8D7B92}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{931C2D1F-FC7C-4CC3-9AA7-6D16B4CA97E7}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{9CF14ECE-4EAB-404E-BFBE-E376B05EBA1C}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{BD504810-F67F-4300-864B-0BFA11C47435}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{D813AAEA-2103-4530-8636-74782353F0E0}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{DD54ED7C-9363-405A-87AD-8DDCE3A61029}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{ECDC1088-901B-444C-9A34-67ED243FD902}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{F64CEF81-1BE7-49E3-8D17-3838223528EB}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{F9C6A41C-77AC-4E59-97C6-054A3911C85C}
Successfully deleted: [Empty Folder] C:\Users\Desk 1 - office\appdata\local\{FD0B60F3-1B1E-4962-8DE4-B335F91A7ECE}



~~~ FireFox

Emptied folder: C:\Users\Desk 1 - office\AppData\Roaming\mozilla\firefox\profiles\o55cqaq1.default\minidumps [31 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.11.2013 at 8:26:06,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Na denn, hoffe ich hab nicht all zu viel Verwirrung gestiftet ...ich fürchte Du hast es mit einem Anfänger zu tun :-(

Schöne Grüße

Chris

Hallo Schrauber,

habe inzwischen snap.do angeschrieben und um Hilfe gebeten ...die haben sich entschuldigt und mir einen Hinweis zur Deinstallation gegeben ...letztlich die ganz normale Deinstallationsroutine (die ja bisher nicht funktionierte) ....aber siehe da ... es ließ sich nun - nach dieser Kontaktaufnahme - problemlos deinstallieren..... anscheinend konnten sie die Widerhaken per Fernsteuerung einklappen ... oder wie ? Wundere mich ja immer wieder.

Jedenfalls vorerst kein Handlungsbedarf mehr ....Recht schönen Dank für Deine Mühe.

Schöne Grüße

Chris
__________________

Alt 19.11.2013, 13:38   #4
schrauber
/// the machine
/// TB-Ausbilder
 

wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos - Standard

wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos



Zitat:
habe inzwischen snap.do angeschrieben und um Hilfe gebeten ...die haben sich entschuldigt und mir einen Hinweis zur Deinstallation gegeben ...letztlich die ganz normale Deinstallationsroutine (die ja bisher nicht funktionierte) ....aber siehe da ... es ließ sich nun - nach dieser Kontaktaufnahme - problemlos deinstallieren..... anscheinend konnten sie die Widerhaken per Fernsteuerung einklappen ... oder wie ? Wundere mich ja immer wieder.


na dann. Schön wenn selbst die Autoren von Adware schnell und kompromisslos ihren Kunden helfen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos
adblock, becker, bonjour, downloader, dvdvideosoft ltd., farbar recovery scan tool, farbars recovery, flash player, google, homepage, iexplore.exe, installation, internet explorer, pup.optional.bandoo.a, pup.optional.bonanzadeals.a, pup.optional.conduit.a, pup.optional.delta.a, pup.optional.jumpyapps.a, pup.optional.opencandy, pup.optional.pcspeedup.a, pup.optional.softonic.a, refresh, registrierungsdatenbank, software, starmoney, symantec, tracker



Ähnliche Themen: wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos


  1. Möglicherweise "Startfenster"-Trojaner entdeckt - bisher keine Auffälligkeiten - Entfernung?
    Log-Analyse und Auswertung - 16.02.2015 (7)
  2. Windows 7: SM-Bus-Controller im Geräte-Manager mit "?" gekennzeichnet. Treiber Installation erfolglos!
    Netzwerk und Hardware - 06.02.2015 (17)
  3. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  4. "ads not from this site" NUR in Chrome - bisher half nix
    Plagegeister aller Art und deren Bekämpfung - 05.02.2014 (7)
  5. Snap.do trotz Deinstallation immernoch Startseite und "Web Search"
    Plagegeister aller Art und deren Bekämpfung - 10.01.2014 (6)
  6. avast "ungeschützt" ,danach Deinstallation unmöglich
    Antiviren-, Firewall- und andere Schutzprogramme - 02.01.2014 (2)
  7. VIRUS! Uninstall von "i livid Download Manager" erfolglos. SpyHunter findet Viren, Avira nicht - was tun?
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (12)
  8. "search.snap.do" als Startseite und "Snap.Do" auf Symbolleiste
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (37)
  9. Life Security Platinum - bisher erfolglos bekämpft
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (1)
  10. 0.13268268941784256.exe , "Bundespolizei", keine Verschlüsselung bisher
    Log-Analyse und Auswertung - 04.07.2012 (6)
  11. BKA Trojaner / Entschlüsselung privater Dateien bisher erfolglos
    Log-Analyse und Auswertung - 15.06.2012 (3)
  12. bka trojaner - kapersky 10 & otlpe bisher erfolglos
    Plagegeister aller Art und deren Bekämpfung - 19.08.2011 (3)
  13. Trojaner "BKA" - Antivir Rescue und Kaspersky erfolglos
    Plagegeister aller Art und deren Bekämpfung - 08.08.2011 (4)
  14. Whistler@mbr bisher erfolglos versucht zu löschen
    Plagegeister aller Art und deren Bekämpfung - 01.04.2011 (4)
  15. PC sehr langsam geworden.Scans bisher erfolglos!
    Log-Analyse und Auswertung - 01.01.2009 (1)
  16. PC sehr langsam geworden.Scans bisher erfolglos!
    Mülltonne - 01.01.2009 (0)
  17. Windows Startet nach Linux-"Deinstallation" nicht mehr
    Alles rund um Mac OSX & Linux - 03.04.2008 (1)

Zum Thema wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos - Hallo & recht schönen Dank an den/die Retter(in) , die sich meinem Problem annehmen wollen. Ich muss zugeben, daß ich doch nach Belieben Freeware runterlade, aber meist sehr genau auf - wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos...
Archiv
Du betrachtest: wie entferne ich " snap.Do " von meinem PC, Deinstallation bisher erfolglos auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.