| |
| |||||||
Log-Analyse und Auswertung: PC-Performer lässt sich nicht mehr deinstallierenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
28.11.2013, 11:10
| #1 |
| |  PC-Performer lässt sich nicht mehr deinstallieren Hallo, Windows Vista: Der PC-Performer lässt sich nicht mehr deinstallieren. Habe ihn wohl versehentlich irgendwo heruntergeladen. FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-11-2013 01
Ran by Lolle (administrator) on LOLLE-STUDIUM on 28-11-2013 10:59:46
Running from C:\Users\Lolle\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(mst software GmbH, Germany) C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Memeo) C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\Lolle\Downloads\Defogger(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [200704 2008-09-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\System32\WLTRAY.EXE [3810304 2008-12-22] (Dell Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2008-05-07] (Intel Corporation)
HKLM\...\Run: [Dell Webcam Central] - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [446635 2008-06-03] (Creative Technology Ltd.)
HKLM\...\Run: [Dell DataSafe Online] - C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] ()
HKLM\...\Run: [dellsupportcenter] - "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-28] (AVAST Software)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-21] (Microsoft Corporation)
MountPoints2: {2610a33a-82e9-11e1-91a3-0023ae294ca2} - D:\zdata\cobi.exe
MountPoints2: {3dd25867-bb02-11e2-8533-0023ae294ca2} - D:\SETUP.EXE
MountPoints2: {736b972e-5374-11de-897a-0023ae294ca2} - D:\Menu.exe
MountPoints2: {74420c6b-6576-11df-8ce5-806e6f6e6963} - D:\LaunchU3.exe -a
AppInit_DLLs: [ ] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Lolle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Suche
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKLM - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
URLSearchHook: HKLM - appbarioDE Toolbar - {525ba996-1ce4-4677-91c5-9fc4ead2d245} - C:\Program Files\appbarioDE\prxtbappb.dll (Conduit Ltd.)
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
URLSearchHook: HKCU - appbarioDE Toolbar - {525ba996-1ce4-4677-91c5-9fc4ead2d245} - C:\Program Files\appbarioDE\prxtbappb.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {FE1D2B2E-AE25-4049-990E-42658E76CE5D} URL =
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020
SearchScopes: HKCU - DefaultScope {FE1D2B2E-AE25-4049-990E-42658E76CE5D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312331&CUI=UN31702828685991262&UM=2
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=463E00242C1AFDB2&affID=120524&tl=gbn193047&tsp=5037
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=2d60bbf8-15e1-4519-9f56-8123c82adad4&apn_sauid=5E59BD4D-F009-44BB-8881-B3B0CCB3846D&
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {FE1D2B2E-AE25-4049-990E-42658E76CE5D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312331&CUI=UN31702828685991262&UM=2
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} - C:\Program Files\Feven 1.5\Feven 1.5-bho.dll (Feven)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: appbarioDE Toolbar - {525ba996-1ce4-4677-91c5-9fc4ead2d245} - C:\Program Files\appbarioDE\prxtbappb.dll (Conduit Ltd.)
BHO: Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
Toolbar: HKLM - appbarioDE Toolbar - {525ba996-1ce4-4677-91c5-9fc4ead2d245} - C:\Program Files\appbarioDE\prxtbappb.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Ashampoo DE Toolbar - {5786D022-540E-4699-B350-B4BE0AE94B79} - C:\Program Files\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No File
Toolbar: HKCU - appbarioDE Toolbar - {525BA996-1CE4-4677-91C5-9FC4EAD2D245} - C:\Program Files\appbarioDE\prxtbappb.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.62.1 0.0.0.0
FireFox:
========
FF ProfilePath: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default
FF user.js: detected! => C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\user.js
FF NewTab: hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=463E00242C1AFDB2&affID=120524&tl=gbn193047&tsp=5037
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\appbariode-customized-web-search.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\searchplugins\webde-suche.xml
FF Extension: Feven 1.5 - C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d(108).com
FF Extension: Feven 1.5 - C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com
FF Extension: appbarioDE - C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\Extensions\{525ba996-1ce4-4677-91c5-9fc4ead2d245}(109)
FF Extension: newtabgoogle - C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\Extensions\newtabgoogle@graememcc.co.uk.xpi
FF Extension: toolbar - C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\Extensions\toolbar@web.de.xpi
FF Extension: defaults - C:\Users\Lolle\AppData\Roaming\Mozilla\Firefox\Profiles\db4nqf2i.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR Extension: (Feven 1.5) - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\baodmgdpdoelldjmkhknbolcldnfjegg\1.25.39_0
CHR Extension: (Babylon Translator) - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0
CHR Extension: () - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.6
CHR Extension: (avast! WebRep) - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0
CHR Extension: (SweetIM for Facebook) - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0
CHR Extension: (Skype Click to Call) - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Yontoo) - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0
CHR Extension: (NCH DE) - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommhmgednjnodcljhlljkaiidghdmikk\10.14.40.128_0
CHR HKLM\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files\Movie2KDownloader.com\Movie2KDownloader10.crx
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Lolle\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\Lolle\AppData\Roaming\zulagames\zulagames.crx
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
CHR HKLM\...\Chrome\Extension: [kdneagjiboclldmglpjofpeipkbollcf] - C:\Users\Lolle\AppData\Local\CRE\kdneagjiboclldmglpjofpeipkbollcf.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Lolle\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx
CHR HKLM\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\Lolle\AppData\Local\CRE\ommhmgednjnodcljhlljkaiidghdmikk.crx
========================== Services (Whitelisted) =================
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.exe [81920 2008-12-15] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-28] (AVAST Software)
R2 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe [406016 2009-08-24] (mst software GmbH, Germany)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2010-01-11] (Stardock Corporation)
S2 gupdate1ca4263f6343810; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-01] (Google Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe [25824 2011-09-28] (Memeo)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.exe [241746 2008-12-15] (IDT, Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2809856 2008-12-22] (Dell Inc.)
R2 yksvc; RUNDLL32.EXE ykx32coinst,serviceStartProc [x]
==================== Drivers (Whitelisted) ====================
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [35656 2013-11-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-11-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2013-11-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-11-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-11-28] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-11-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-11-28] ()
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-12-22] (Broadcom Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-05-12] (DT Soft Ltd)
R3 OA009Ufd; C:\Windows\System32\DRIVERS\OA009Ufd.sys [144672 2008-09-03] (Creative Technology Ltd.)
R3 OA009Vid; C:\Windows\System32\DRIVERS\OA009Vid.sys [269216 2008-09-03] (Creative Technology Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-28 10:59 - 2013-11-28 10:59 - 01091827 _____ (Farbar) C:\Users\Lolle\Downloads\FRST.exe
2013-11-28 10:57 - 2013-11-28 10:57 - 00050477 _____ C:\Users\Lolle\Downloads\Defogger(1).exe
2013-11-28 10:53 - 2013-11-28 10:53 - 00000000 _____ C:\Windows\setuperr.log
2013-11-28 10:53 - 2013-11-28 10:53 - 00000000 _____ C:\Windows\setupact.log
2013-11-28 10:52 - 2013-11-28 10:52 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\AVAST Software
2013-11-28 10:39 - 2013-11-28 10:43 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-28 10:39 - 2013-11-28 10:43 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-27 17:52 - 2013-11-27 17:52 - 399966611 _____ C:\Windows\MEMORY.DMP
2013-11-27 17:52 - 2013-11-27 17:52 - 00143704 _____ C:\Windows\Minidump\Mini112713-01.dmp
2013-11-27 17:52 - 2013-11-27 17:52 - 00000000 ____D C:\Windows\Minidump
2013-11-27 17:41 - 2013-11-27 17:41 - 00377856 _____ C:\Users\Lolle\Downloads\gmer_2.1.19163.exe
2013-11-27 17:36 - 2013-11-27 17:38 - 00029675 _____ C:\Users\Lolle\Downloads\Addition.txt
2013-11-27 17:35 - 2013-11-28 10:59 - 00024429 _____ C:\Users\Lolle\Downloads\FRST.txt
2013-11-27 17:35 - 2013-11-27 17:35 - 00000000 ____D C:\FRST
2013-11-27 17:32 - 2013-11-28 10:58 - 00000472 _____ C:\Users\Lolle\Downloads\defogger_disable.log
2013-11-27 17:32 - 2013-11-27 17:32 - 00000156 _____ C:\Users\Lolle\defogger_reenable
2013-11-27 17:31 - 2013-11-27 17:31 - 00050477 _____ C:\Users\Lolle\Downloads\Defogger.exe
2013-11-27 17:23 - 2013-11-27 20:33 - 00000209 _____ C:\Users\Lolle\daemonprocess.txt
2013-11-27 17:23 - 2013-11-27 20:33 - 00000000 ____D C:\Users\Lolle\AppData\Local\Mobogenie
2013-11-27 17:23 - 2013-11-27 17:40 - 00000000 ____D C:\Users\Lolle\AppData\Local\cache
2013-11-27 17:23 - 2013-11-27 17:23 - 00000000 ____D C:\Users\wangzhisong\AppData\Local\Mobogenie
2013-11-27 17:23 - 2013-11-27 17:23 - 00000000 ____D C:\Users\wangzhisong
2013-11-27 17:23 - 2013-11-27 17:23 - 00000000 ____D C:\Users\Lolle\Documents\Mobogenie
2013-11-27 17:22 - 2013-11-27 20:39 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-27 17:22 - 2013-11-27 17:22 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\0D0S1L2Z1P1B
2013-11-27 17:19 - 2013-11-27 17:19 - 00680560 _____ C:\Users\Lolle\Downloads\ZipExtractorSetup(1).exe
2013-11-27 17:18 - 2013-11-27 17:18 - 00680560 _____ C:\Users\Lolle\Downloads\ZipExtractorSetup.exe
2013-11-27 14:27 - 2013-11-27 14:27 - 00000000 __HDC C:\ProgramData\{81CD4D13-C212-4D68-94F5-D7EE9A54EA90}
2013-11-27 14:26 - 2013-11-27 14:26 - 00000000 ____D C:\Users\Lolle\AppData\Local\PackageAware
2013-11-27 14:24 - 2013-11-27 14:25 - 13240880 _____ (Stardock Corporation ) C:\Users\Lolle\Downloads\DellDock16a_setup_GER.exe
2013-11-27 10:55 - 2013-11-28 10:46 - 00034632 _____ C:\Windows\PFRO.log
2013-11-27 10:44 - 2013-11-27 10:55 - 00001656 _____ C:\Windows\system32\ASOROSet.bin
2013-11-27 10:44 - 2013-11-27 10:48 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-11-27 10:35 - 2013-11-27 10:35 - 00084890 _____ C:\Users\Lolle\Documents\cc_20131127_103520.reg
2013-11-25 18:32 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-25 18:32 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-25 18:32 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-25 18:32 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 18:32 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-25 18:32 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-25 18:32 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-25 18:32 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-25 18:32 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-25 18:32 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-25 18:32 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-25 18:32 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-25 18:32 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-25 18:32 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-25 18:32 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-25 18:32 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-25 16:04 - 2013-11-25 16:04 - 00821760 _____ (Browser Opt-out) C:\Users\Lolle\Downloads\uninstall.exe
2013-11-25 13:49 - 2013-11-25 13:49 - 00000000 ____D C:\Users\Lolle\Documents\PC Speed Maximizer
2013-11-25 13:45 - 2013-11-25 13:45 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-11-25 13:45 - 2013-11-25 13:45 - 00000000 ____D C:\Program Files\GPLGS
2013-11-25 13:44 - 2013-11-27 11:27 - 00000000 ____D C:\Program Files\PC Speed Maximizer
2013-11-25 13:44 - 2013-11-25 13:44 - 00000000 ____D C:\Program Files\PDFCreator
2013-11-25 13:44 - 2011-10-04 22:42 - 00086016 _____ C:\Windows\system32\custmon32i.dll
2013-11-25 13:43 - 2013-11-25 13:43 - 01311200 _____ C:\Users\Lolle\Downloads\PDFCreatorSetup.exe
2013-11-25 13:10 - 2013-11-25 13:10 - 00001000 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-11-25 13:09 - 2013-11-25 13:10 - 00000000 ____D C:\Program Files\Advanced System Protector
2013-11-25 13:09 - 2013-11-25 13:09 - 00000000 ____D C:\ProgramData\Systweak
2013-11-25 13:09 - 2012-07-25 12:03 - 00017136 _____ C:\Windows\system32\sasnative32.exe
2013-11-25 13:08 - 2013-11-27 12:19 - 00000000 ____D C:\Program Files\BonanzaDealsLive
2013-11-25 13:08 - 2013-11-27 12:19 - 00000000 ____D C:\Program Files\BonanzaDeals
2013-11-25 13:08 - 2013-11-27 11:23 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\Systweak
2013-11-25 13:08 - 2013-11-25 13:08 - 23288584 _____ (Mozilla) C:\Users\Lolle\Downloads\Firefox_Setup [1].exe
2013-11-25 13:08 - 2013-11-25 13:08 - 00000000 ____D C:\Users\Lolle\AppData\Local\BonanzaDealsLive
2013-11-25 13:08 - 2013-11-25 13:08 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-25 12:01 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-25 12:01 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-25 12:00 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-25 12:00 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-25 12:00 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-20 17:59 - 2013-11-20 18:00 - 00000000 ____D C:\Users\Lolle\Desktop\Fotos
2013-11-19 15:59 - 2013-11-19 16:10 - 00023679 _____ C:\Users\Lolle\Documents\Leukokorie und Amblyopie.odt
2013-11-19 15:51 - 2013-11-19 17:37 - 01247744 _____ C:\Users\Lolle\Documents\Leukokorie (2).ppt
2013-11-19 15:29 - 2013-11-19 15:29 - 00000000 ____D C:\ProgramData\Oracle
2013-11-19 15:28 - 2013-11-19 15:28 - 00000000 ____D C:\Program Files\Common Files\Java(7)
2013-11-19 14:58 - 2013-11-25 11:17 - 00000000 ____D C:\Program Files\Common Files\Adobe(6)
2013-11-19 14:35 - 2013-11-19 14:35 - 00377856 _____ C:\Users\Lolle\Downloads\Leukokorie.ppt
2013-11-11 18:13 - 2013-11-11 19:19 - 888847409 _____ C:\Users\Lolle\Downloads\Schlawiener.zip
2013-11-06 14:22 - 2013-11-19 13:25 - 00000000 ____D C:\Program Files\Mozilla Firefox(23)
2013-11-04 21:22 - 2013-11-27 18:01 - 00152576 _____ C:\Users\Lolle\Desktop\Leonie.xls
==================== One Month Modified Files and Folders =======
2013-11-28 11:00 - 2013-11-27 17:35 - 00024429 _____ C:\Users\Lolle\Downloads\FRST.txt
2013-11-28 10:59 - 2013-11-28 10:59 - 01091827 _____ (Farbar) C:\Users\Lolle\Downloads\FRST.exe
2013-11-28 10:58 - 2013-11-27 17:32 - 00000472 _____ C:\Users\Lolle\Downloads\defogger_disable.log
2013-11-28 10:57 - 2013-11-28 10:57 - 00050477 _____ C:\Users\Lolle\Downloads\Defogger(1).exe
2013-11-28 10:54 - 2011-06-04 19:39 - 01600434 _____ C:\Windows\WindowsUpdate.log
2013-11-28 10:53 - 2013-11-28 10:53 - 00000000 _____ C:\Windows\setuperr.log
2013-11-28 10:53 - 2013-11-28 10:53 - 00000000 _____ C:\Windows\setupact.log
2013-11-28 10:52 - 2013-11-28 10:52 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\AVAST Software
2013-11-28 10:51 - 2011-08-27 13:37 - 00000443 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-11-28 10:47 - 2013-10-16 14:39 - 00001272 _____ C:\Windows\Tasks\Feven 1.5-updater.job
2013-11-28 10:47 - 2013-10-16 14:39 - 00001074 _____ C:\Windows\Tasks\Feven 1.5-enabler.job
2013-11-28 10:47 - 2013-10-16 14:38 - 00001174 _____ C:\Windows\Tasks\Feven 1.5-codedownloader.job
2013-11-28 10:47 - 2013-10-16 14:37 - 00001790 _____ C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job
2013-11-28 10:47 - 2013-10-16 14:36 - 00001866 _____ C:\Windows\Tasks\Feven 1.5-chromeinstaller.job
2013-11-28 10:47 - 2009-10-01 08:06 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-28 10:47 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-28 10:47 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-28 10:47 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-28 10:46 - 2013-11-27 10:55 - 00034632 _____ C:\Windows\PFRO.log
2013-11-28 10:45 - 2006-11-02 14:01 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-28 10:44 - 2012-02-18 10:24 - 00001875 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-28 10:43 - 2013-11-28 10:39 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-28 10:43 - 2013-11-28 10:39 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-28 10:43 - 2012-02-18 10:24 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-28 10:43 - 2012-02-18 10:24 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-28 10:43 - 2012-02-18 10:24 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-28 10:43 - 2012-02-18 10:24 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-28 10:43 - 2012-02-18 10:24 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-11-28 10:43 - 2012-02-18 10:24 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-28 10:43 - 2012-02-18 10:23 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-28 10:43 - 2012-02-18 10:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-28 10:40 - 2012-02-18 10:22 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-28 10:39 - 2006-11-02 11:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-11-28 10:21 - 2011-05-30 21:06 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\SoftGrid Client
2013-11-28 10:05 - 2009-10-01 08:06 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 20:39 - 2013-11-27 17:22 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-27 20:33 - 2013-11-27 17:23 - 00000209 _____ C:\Users\Lolle\daemonprocess.txt
2013-11-27 20:33 - 2013-11-27 17:23 - 00000000 ____D C:\Users\Lolle\AppData\Local\Mobogenie
2013-11-27 18:01 - 2013-11-04 21:22 - 00152576 _____ C:\Users\Lolle\Desktop\Leonie.xls
2013-11-27 17:52 - 2013-11-27 17:52 - 399966611 _____ C:\Windows\MEMORY.DMP
2013-11-27 17:52 - 2013-11-27 17:52 - 00143704 _____ C:\Windows\Minidump\Mini112713-01.dmp
2013-11-27 17:52 - 2013-11-27 17:52 - 00000000 ____D C:\Windows\Minidump
2013-11-27 17:41 - 2013-11-27 17:41 - 00377856 _____ C:\Users\Lolle\Downloads\gmer_2.1.19163.exe
2013-11-27 17:40 - 2013-11-27 17:23 - 00000000 ____D C:\Users\Lolle\AppData\Local\cache
2013-11-27 17:38 - 2013-11-27 17:36 - 00029675 _____ C:\Users\Lolle\Downloads\Addition.txt
2013-11-27 17:35 - 2013-11-27 17:35 - 00000000 ____D C:\FRST
2013-11-27 17:32 - 2013-11-27 17:32 - 00000156 _____ C:\Users\Lolle\defogger_reenable
2013-11-27 17:32 - 2009-04-17 18:01 - 00000000 ____D C:\Users\Lolle
2013-11-27 17:31 - 2013-11-27 17:31 - 00050477 _____ C:\Users\Lolle\Downloads\Defogger.exe
2013-11-27 17:23 - 2013-11-27 17:23 - 00000000 ____D C:\Users\wangzhisong\AppData\Local\Mobogenie
2013-11-27 17:23 - 2013-11-27 17:23 - 00000000 ____D C:\Users\wangzhisong
2013-11-27 17:23 - 2013-11-27 17:23 - 00000000 ____D C:\Users\Lolle\Documents\Mobogenie
2013-11-27 17:22 - 2013-11-27 17:22 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\0D0S1L2Z1P1B
2013-11-27 17:19 - 2013-11-27 17:19 - 00680560 _____ C:\Users\Lolle\Downloads\ZipExtractorSetup(1).exe
2013-11-27 17:18 - 2013-11-27 17:18 - 00680560 _____ C:\Users\Lolle\Downloads\ZipExtractorSetup.exe
2013-11-27 16:21 - 2013-10-17 09:39 - 00000264 _____ C:\Windows\Tasks\PC Performer_DEFAULT.job
2013-11-27 14:27 - 2013-11-27 14:27 - 00000000 __HDC C:\ProgramData\{81CD4D13-C212-4D68-94F5-D7EE9A54EA90}
2013-11-27 14:26 - 2013-11-27 14:26 - 00000000 ____D C:\Users\Lolle\AppData\Local\PackageAware
2013-11-27 14:25 - 2013-11-27 14:24 - 13240880 _____ (Stardock Corporation ) C:\Users\Lolle\Downloads\DellDock16a_setup_GER.exe
2013-11-27 13:47 - 2008-01-21 08:16 - 01692942 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-27 13:38 - 2012-09-26 10:26 - 00000000 ____D C:\ProgramData\NCH Software
2013-11-27 13:38 - 2012-09-26 10:25 - 00000000 ____D C:\Program Files\NCH Software
2013-11-27 13:37 - 2012-12-14 16:39 - 00000000 ____D C:\ProgramData\SweetIM
2013-11-27 13:37 - 2012-12-14 16:39 - 00000000 ____D C:\Program Files\SweetIM
2013-11-27 13:35 - 2011-11-28 22:53 - 00000000 ____D C:\Users\Lolle\AppData\Local\Conduit
2013-11-27 13:13 - 2012-11-17 17:41 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\Spotify
2013-11-27 12:23 - 2010-04-04 21:53 - 00000000 ____D C:\ProgramData\DivX
2013-11-27 12:22 - 2009-10-01 07:53 - 00000000 ____D C:\Program Files\DivX
2013-11-27 12:19 - 2013-11-25 13:08 - 00000000 ____D C:\Program Files\BonanzaDealsLive
2013-11-27 12:19 - 2013-11-25 13:08 - 00000000 ____D C:\Program Files\BonanzaDeals
2013-11-27 12:18 - 2010-01-07 15:09 - 00000000 ____D C:\Program Files\ALDI Süd Foto Service
2013-11-27 12:17 - 2010-01-07 15:08 - 00000000 ____D C:\Program Files\Aldi Sued Fotoservice
2013-11-27 12:17 - 2010-01-07 15:06 - 00000000 ____D C:\Program Files\ALDI Sued Foto Service
2013-11-27 12:13 - 2013-10-11 13:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-27 11:29 - 2013-10-16 14:38 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-27 11:27 - 2013-11-25 13:44 - 00000000 ____D C:\Program Files\PC Speed Maximizer
2013-11-27 11:27 - 2009-04-09 06:11 - 00000000 ____D C:\Program Files\CyberLink
2013-11-27 11:27 - 2009-04-09 05:50 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-27 11:25 - 2013-02-23 12:31 - 00000000 ____D C:\Windows\pss
2013-11-27 11:23 - 2013-11-25 13:08 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\Systweak
2013-11-27 11:12 - 2012-06-04 12:59 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\Dropbox
2013-11-27 11:11 - 2012-06-04 13:03 - 00000000 ___RD C:\Users\Lolle\Dropbox
2013-11-27 10:55 - 2013-11-27 10:44 - 00001656 _____ C:\Windows\system32\ASOROSet.bin
2013-11-27 10:55 - 2006-11-02 11:22 - 62914560 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-11-27 10:55 - 2006-11-02 11:22 - 31457280 _____ C:\Windows\system32\config\SYSTEM.bak
2013-11-27 10:55 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-11-27 10:50 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-11-27 10:48 - 2013-11-27 10:44 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-11-27 10:41 - 2010-01-07 15:05 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services
2013-11-27 10:39 - 2013-10-17 09:39 - 00000272 _____ C:\Windows\Tasks\PC Performer_UPDATES.job
2013-11-27 10:35 - 2013-11-27 10:35 - 00084890 _____ C:\Users\Lolle\Documents\cc_20131127_103520.reg
2013-11-26 10:27 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-26 10:01 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-25 18:32 - 2009-04-09 06:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-25 18:26 - 2013-08-14 23:47 - 00000000 ____D C:\Windows\system32\MRT
2013-11-25 18:22 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-25 18:19 - 2013-03-06 21:28 - 00000000 ____D C:\Users\Lolle\Documents\Bewerbung PJ
2013-11-25 17:05 - 2011-06-21 15:57 - 00001965 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-25 16:04 - 2013-11-25 16:04 - 00821760 _____ (Browser Opt-out) C:\Users\Lolle\Downloads\uninstall.exe
2013-11-25 13:49 - 2013-11-25 13:49 - 00000000 ____D C:\Users\Lolle\Documents\PC Speed Maximizer
2013-11-25 13:45 - 2013-11-25 13:45 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
2013-11-25 13:45 - 2013-11-25 13:45 - 00000000 ____D C:\Program Files\GPLGS
2013-11-25 13:44 - 2013-11-25 13:44 - 00000000 ____D C:\Program Files\PDFCreator
2013-11-25 13:43 - 2013-11-25 13:43 - 01311200 _____ C:\Users\Lolle\Downloads\PDFCreatorSetup.exe
2013-11-25 13:22 - 2012-05-10 11:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-25 13:10 - 2013-11-25 13:10 - 00001000 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-11-25 13:10 - 2013-11-25 13:09 - 00000000 ____D C:\Program Files\Advanced System Protector
2013-11-25 13:09 - 2013-11-25 13:09 - 00000000 ____D C:\ProgramData\Systweak
2013-11-25 13:08 - 2013-11-25 13:08 - 23288584 _____ (Mozilla) C:\Users\Lolle\Downloads\Firefox_Setup [1].exe
2013-11-25 13:08 - 2013-11-25 13:08 - 00000000 ____D C:\Users\Lolle\AppData\Local\BonanzaDealsLive
2013-11-25 13:08 - 2013-11-25 13:08 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-25 13:00 - 2013-06-02 18:36 - 00001921 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-25 13:00 - 2013-06-02 18:36 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-25 11:42 - 2012-11-17 17:41 - 00000000 ____D C:\Users\Lolle\AppData\Local\Spotify
2013-11-25 11:17 - 2013-11-19 14:58 - 00000000 ____D C:\Program Files\Common Files\Adobe(6)
2013-11-25 11:17 - 2013-10-17 09:38 - 00000000 ____D C:\Program Files\PC Performer
2013-11-25 11:17 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-11-25 11:16 - 2006-11-02 11:22 - 62914560 _____ C:\Windows\system32\config\software_previous
2013-11-25 11:16 - 2006-11-02 11:22 - 42729472 _____ C:\Windows\system32\config\components_previous
2013-11-25 11:16 - 2006-11-02 11:22 - 31457280 _____ C:\Windows\system32\config\system_previous
2013-11-25 11:16 - 2006-11-02 11:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2013-11-25 11:16 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-11-25 11:16 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-11-25 11:15 - 2013-10-17 09:39 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\PerformerSoft
2013-11-25 11:15 - 2013-06-02 18:37 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-25 11:15 - 2012-12-13 17:32 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-25 11:15 - 2010-05-31 16:31 - 00000000 ____D C:\Program Files\Java
2013-11-25 11:15 - 2010-02-12 16:07 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\vlc
2013-11-25 11:15 - 2009-04-09 05:54 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-25 11:15 - 2006-11-02 12:18 - 00000000 __RSD C:\Windows\Media
2013-11-25 11:15 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2013-11-25 11:15 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2013-11-20 18:00 - 2013-11-20 17:59 - 00000000 ____D C:\Users\Lolle\Desktop\Fotos
2013-11-19 17:37 - 2013-11-19 15:51 - 01247744 _____ C:\Users\Lolle\Documents\Leukokorie (2).ppt
2013-11-19 16:10 - 2013-11-19 15:59 - 00023679 _____ C:\Users\Lolle\Documents\Leukokorie und Amblyopie.odt
2013-11-19 15:29 - 2013-11-19 15:29 - 00000000 ____D C:\ProgramData\Oracle
2013-11-19 15:28 - 2013-11-19 15:28 - 00000000 ____D C:\Program Files\Common Files\Java(7)
2013-11-19 15:09 - 2009-04-09 05:54 - 00000000 ____D C:\ProgramData\Adobe
2013-11-19 15:02 - 2009-04-18 19:29 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\Adobe
2013-11-19 15:00 - 2009-04-19 22:37 - 00000000 ____D C:\Users\Lolle\AppData\Local\Adobe
2013-11-19 14:58 - 2009-04-09 05:54 - 00000000 ____D C:\Program Files\Adobe
2013-11-19 14:35 - 2013-11-19 14:35 - 00377856 _____ C:\Users\Lolle\Downloads\Leukokorie.ppt
2013-11-19 13:25 - 2013-11-06 14:22 - 00000000 ____D C:\Program Files\Mozilla Firefox(23)
2013-11-12 14:06 - 2010-11-08 10:40 - 00000000 ____D C:\Users\Lolle\AppData\Roaming\Canon
2013-11-11 19:19 - 2013-11-11 18:13 - 888847409 _____ C:\Users\Lolle\Downloads\Schlawiener.zip
2013-11-11 05:50 - 2009-10-16 16:14 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-04 18:53 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
Some content of TEMP:
====================
C:\Users\Lolle\AppData\Local\Temp\299.4671877299655_Update.exe
C:\Users\Lolle\AppData\Local\Temp\551.9146402945435_Update.exe
C:\Users\Lolle\AppData\Local\Temp\889.8174297791608_Update.exe
C:\Users\Lolle\AppData\Local\Temp\940.342559483654_Update.exe
C:\Users\Lolle\AppData\Local\Temp\pcspeedmaxsetup.exe
C:\Users\Lolle\AppData\Local\Temp\tbNCH_.dll
C:\Users\Lolle\AppData\Local\Temp\uninst1.exe
C:\Users\Lolle\AppData\Local\Temp\unwise.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-28 10:56
==================== End Of Log ============================
--- --- --- |
| Themen zu PC-Performer lässt sich nicht mehr deinstallieren |
| canon, chrome extension, chromium, deinstalliere, deinstallieren, minidump, mobogenie, msn deutschland, newtab, nicht mehr, pc-performer, plug-in, versehentlich, vista |
Baum-Darstellung