| |
| |||||||
Log-Analyse und Auswertung: Windows 7 findet "einige" VirenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.01.2014, 18:07
| #1 |
 |  Windows 7 findet "einige" Viren Hey, habe gerade Avast Suchlauf gestartet, nichts gefunden. Stattdessen dann MBAM (Defogger war disabled): Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.03.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Vinc :: BLUE-VINC [Administrator] 03.01.2014 17:55:06 MBAM-log-2014-01-03 (17-59-29).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 301322 Laufzeit: 3 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 7 HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Keine Aktion durchgeführt. HKCU\Software\diamondata (PUP.Optional.diamondata.A) -> Keine Aktion durchgeführt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 12 C:\Program Files (x86)\RegClean Pro (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1 (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 100 C:\Windows\Tasks\RegClean Pro_UPDATES.job (PUP.Optional.RegCleanerPro.J) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\eng_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\French_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\German_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\install_left_image.bmp (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\isxdl.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\RegCleanPro.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\systweakasp.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\unins000.dat (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\unins000.exe (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\unins000.msg (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\RegClean Pro\xmllite.dll (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Windows\Tasks\RegClean Pro_DEFAULT.job (PUP.Optional.RegCleanPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-01-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_03-20-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_04-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_05-24-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-20-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_09-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000005.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000005.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000006.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000006.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000007.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000007.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000008.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000008.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000009.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Admin\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000009.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-28-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_07-29-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_09-10-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-01-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-17-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Gast1\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-03-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_04-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-19-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_10-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc2\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-01-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_01-03-2014.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-26-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-27-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-29-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_12-31-2013.log (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\rcpupdate.ini (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000001.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000002.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000003.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rmx (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. C:\Users\Vinc\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\Partial Backups\00000004.rxb (PUP.Optional.RegCleanerPro.A) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter OTL logfile created on: 1/3/2014 6:00:02 PM - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programme\OTL 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.65 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 43.06% Memory free 7.30 Gb Paging File | 4.79 Gb Available in Paging File | 65.54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150.00 Gb Total Space | 79.17 Gb Free Space | 52.78% Space Free | Partition Type: NTFS Drive D: | 150.00 Gb Total Space | 141.71 Gb Free Space | 94.47% Space Free | Partition Type: NTFS Drive E: | 200.00 Gb Total Space | 133.24 Gb Free Space | 66.62% Space Free | Partition Type: NTFS Drive F: | 431.51 Gb Total Space | 288.66 Gb Free Space | 66.90% Space Free | Partition Type: NTFS Computer Name: BLUE-VINC | User Name: Vinc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/12/30 17:56:48 | 003,764,024 | ---- | M] (AVAST Software) -- D:\Programme\Avast\AvastUI.exe PRC - [2013/12/30 17:56:48 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Programme\Avast\AvastSvc.exe PRC - [2013/12/11 20:40:36 | 001,823,656 | ---- | M] (Valve Corporation) -- D:\Programme\Steam\Steam.exe PRC - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013/10/18 23:26:10 | 000,906,536 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe PRC - [2013/10/18 23:24:08 | 001,795,880 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe PRC - [2013/10/18 23:21:20 | 000,555,304 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe PRC - [2013/07/03 09:32:44 | 001,228,504 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe PRC - [2013/07/03 09:32:44 | 000,660,184 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2013/07/03 09:32:42 | 000,563,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/04/29 01:56:32 | 000,101,888 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe PRC - [2013/03/20 09:36:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Programme\OTL\OTL.exe PRC - [2012/11/17 17:37:54 | 007,755,704 | ---- | M] (Systweak Inc) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe PRC - [2012/11/13 13:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDUpdate.exe PRC - [2012/11/13 13:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDTray.exe PRC - [2012/11/13 13:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDWSCSvc.exe PRC - [2012/11/13 13:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDUpdSvc.exe PRC - [2012/11/13 13:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDFSSvc.exe PRC - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/05/31 11:37:17 | 003,491,792 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2012/04/27 21:25:04 | 001,173,680 | ---- | M] (Acronis) -- D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe PRC - [2012/04/27 21:23:54 | 005,924,008 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe PRC - [2012/04/27 21:22:54 | 000,403,656 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2012/04/27 21:22:12 | 005,993,136 | ---- | M] (Acronis) -- D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe PRC - [2010/01/18 13:41:44 | 000,116,088 | ---- | M] (Sysinternals - www.sysinternals.com) -- D:\Programme\Microsofts Desktops\Desktops.exe PRC - [2009/09/05 16:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe PRC - [2009/02/19 13:46:26 | 000,341,264 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe ========== Modules (No Company Name) ========== MOD - [2013/12/11 20:40:38 | 001,135,016 | ---- | M] () -- D:\Programme\Steam\bin\chromehtml.dll MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll MOD - [2013/12/04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll MOD - [2013/12/04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll MOD - [2013/11/21 13:45:24 | 019,336,120 | ---- | M] () -- D:\Programme\Avast\libcef.dll MOD - [2013/11/06 22:48:12 | 020,625,832 | ---- | M] () -- D:\Programme\Steam\bin\libcef.dll MOD - [2013/11/06 22:48:10 | 000,691,200 | ---- | M] () -- D:\Programme\Steam\SDL2.dll MOD - [2013/10/18 23:16:44 | 000,902,952 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll MOD - [2013/07/10 17:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL MOD - [2013/06/15 00:49:12 | 001,100,800 | ---- | M] () -- D:\Programme\Steam\bin\avcodec-53.dll MOD - [2013/06/15 00:49:12 | 000,192,000 | ---- | M] () -- D:\Programme\Steam\bin\avformat-53.dll MOD - [2013/06/15 00:49:12 | 000,124,416 | ---- | M] () -- D:\Programme\Steam\bin\avutil-51.dll MOD - [2012/11/13 13:06:32 | 000,158,624 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\snlFileFormats150.bpl MOD - [2012/11/13 13:06:30 | 000,108,960 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\snlThirdParty150.bpl MOD - [2012/11/13 13:06:28 | 000,554,400 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\VirtualTreesDXE150.bpl MOD - [2012/11/13 13:06:28 | 000,528,288 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\JSDialogPack150.bpl MOD - [2012/11/13 13:06:28 | 000,416,160 | ---- | M] () -- D:\Programme\Spybot - Search & Destroy\DEC150.bpl MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2012/04/27 21:21:52 | 013,005,104 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/12/04 17:35:57 | 000,621,336 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro) SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013/12/30 17:56:48 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Programme\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/12/11 20:33:42 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/12/11 19:59:25 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/10/18 23:26:10 | 000,906,536 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe -- (hshld) SRV - [2013/10/18 23:21:20 | 000,555,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd) SRV - [2013/10/16 02:46:36 | 000,078,512 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService) SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/07/03 09:32:44 | 001,228,504 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2013/07/03 09:32:44 | 000,660,184 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/04/29 01:56:32 | 000,101,888 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver) SRV - [2012/10/02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/05/31 11:37:17 | 003,491,792 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2012/04/27 21:23:54 | 005,924,008 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv) SRV - [2012/04/27 21:23:22 | 001,133,360 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/08/19 13:34:04 | 000,034,816 | ---- | M] (Fujitsu Technology Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Fujitsu\DeskViewBasic\DeskViewBasicService.exe -- (DeskViewBasicService) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/02/19 13:46:26 | 000,341,264 | ---- | M] (Fujitsu Technology Solutions) [Auto | Running] -- C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/12/30 17:57:27 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm) DRV:64bit: - [2013/12/30 17:56:50 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013/12/30 17:56:50 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013/12/30 17:56:50 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013/12/30 17:56:50 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013/11/21 13:45:25 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013/11/21 13:45:25 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013/11/12 01:16:03 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter) DRV:64bit: - [2013/11/12 01:16:03 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter) DRV:64bit: - [2013/11/12 01:16:02 | 000,014,136 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf) DRV:64bit: - [2013/10/16 02:44:42 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6) DRV:64bit: - [2013/10/16 02:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6) DRV:64bit: - [2013/07/03 09:32:42 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI) DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/05/31 11:37:18 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp) DRV:64bit: - [2012/05/31 11:37:13 | 001,294,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman) DRV:64bit: - [2012/05/31 11:37:11 | 000,994,912 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:64bit: - [2012/05/31 11:37:02 | 000,211,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr) DRV:64bit: - [2012/05/31 11:37:00 | 000,146,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt67.sys -- (vidsflt67) DRV:64bit: - [2012/05/31 11:36:56 | 000,320,096 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman) DRV:64bit: - [2012/05/31 11:36:52 | 000,137,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv) DRV:64bit: - [2012/05/02 14:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012/04/27 09:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012/04/24 23:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/11 18:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:64bit: - [2009/09/22 23:00:00 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009/07/10 05:45:00 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV:64bit: - [2009/06/23 12:28:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV - [2010/07/01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- D:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {951CC197-18C5-4940-B16B-38C50F803073} IE:64bit: - HKLM\..\SearchScopes\{951CC197-18C5-4940-B16B-38C50F803073}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSB IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068} IE - HKLM\..\SearchScopes\{81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://bluevinc.jimdo.com/hxxp:// [Binary data over 200 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068} IE - HKCU\..\SearchScopes\{81DF0A95-0BF9-4A6B-AFD4-A9D45B6DE068}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.13 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: D:\Programme\VLC\npvlc.dll (VideoLAN) FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: D:\Programme\Avast\WebRep\FF [2013/12/30 17:56:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: D:\Programme\Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: D:\Programme\Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/12/11 20:33:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/12/11 20:33:37 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010/07/25 14:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Extensions [2010/07/25 14:43:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013/05/09 16:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Firefox\Profiles\extensions [2013/12/15 13:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\Firefox\Profiles\xme43mgw.default\extensions [2013/04/08 18:11:52 | 000,199,379 | ---- | M] () (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\firefox\profiles\extensions\m2k@m2kdownloader.com.xpi [2013/12/15 13:40:05 | 000,287,503 | ---- | M] () (No name found) -- C:\Users\Vinc\AppData\Roaming\mozilla\firefox\profiles\xme43mgw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012/12/13 15:45:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: iTunes Application Detector (Enabled) = D:\Programme\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: Click&Clean = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\ CHR - Extension: AdBlock = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\ CHR - Extension: Google Wallet = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ CHR - Extension: Click&Clean App = C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\ O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer-Networking Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AcronisTimounterMonitor] D:\Programme\Acronis True Image\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AvastUI.exe] D:\Programme\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [SDTray] D:\Programme\Spybot - Search & Destroy\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Programme\Acronis True Image\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [DS3 Tool] D:\Programme\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com) O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKCU..\Run: [Spybot-S&D Cleaning] D:\Programme\Spybot - Search & Destroy\SDCleaner.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [Steam] D:\Programme\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\Run: [Sysinternals Desktops] D:\Programme\Microsofts Desktops\Desktops.exe (Sysinternals - www.sysinternals.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer-Networking Ltd.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA44982D-5625-444B-926F-A42C4142DB57}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014/01/03 15:24:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Registry [2013/12/31 17:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins [2013/12/31 17:05:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett [2013/12/31 17:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins [2013/12/31 17:05:44 | 000,015,160 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys [2013/12/31 17:05:43 | 000,090,424 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wachidrouter.sys [2013/12/31 17:05:35 | 001,945,880 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wacom_Tablet.dll [2013/12/31 17:05:35 | 001,938,712 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wacom_Touch_Tablet.dll [2013/12/31 17:05:35 | 001,808,152 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll [2013/12/31 17:05:35 | 001,805,080 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\WacomMT.dll [2013/12/31 17:05:35 | 001,604,376 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wacom_Tablet.dll [2013/12/31 17:05:35 | 001,596,696 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wacom_Touch_Tablet.dll [2013/12/31 17:05:35 | 001,483,032 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll [2013/12/31 17:05:35 | 001,479,960 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\WacomMT.dll [2013/12/31 16:36:55 | 000,000,000 | ---D | C] -- C:\Users\Vinc\.android [2013/12/31 16:02:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Hotspot Shield [2013/12/31 15:19:22 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Local\Paint.NET [2013/12/31 02:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield [2013/12/31 02:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield [2013/12/31 02:23:53 | 000,044,744 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys [2013/12/31 02:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield [2013/12/31 02:23:24 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Roaming\Hotspot Shield [2013/12/30 17:57:14 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys [2013/12/15 13:26:32 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Roaming\RoboForm [2013/12/15 13:23:00 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm [2013/12/15 13:22:50 | 000,000,000 | ---D | C] -- F:\Eigene Dateien\Eigene Dokumente\My RoboForm Data [2013/12/15 13:17:54 | 000,000,000 | ---D | C] -- C:\Users\Vinc\AppData\Local\Mozilla [2013/12/11 20:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013/12/08 18:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock ========== Files - Modified Within 30 Days ========== [2014/01/03 18:02:29 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RegClean Prosch.job [2014/01/03 17:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/01/03 17:54:48 | 000,000,000 | ---- | M] () -- C:\Users\Vinc\defogger_reenable [2014/01/03 17:51:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/01/03 17:38:40 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/01/03 17:38:39 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/01/03 17:27:06 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/01/03 17:26:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/01/03 17:26:50 | 2941,440,000 | -HS- | M] () -- C:\hiberfil.sys [2014/01/03 17:19:58 | 005,036,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/01/03 15:45:28 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014/01/01 22:55:08 | 000,001,074 | ---- | M] () -- C:\Users\Vinc\Desktop\RegClean Pro.lnk [2014/01/01 22:55:01 | 000,013,449 | ---- | M] () -- C:\Users\Vinc\Desktop\Recuva.lnk [2014/01/01 22:54:33 | 000,000,743 | ---- | M] () -- C:\Users\Vinc\Desktop\CDBurnerXP.lnk [2014/01/01 22:54:24 | 000,000,619 | ---- | M] () -- C:\Users\Vinc\Desktop\VLC media player.lnk [2014/01/01 22:54:17 | 000,001,547 | ---- | M] () -- C:\Users\Vinc\Desktop\iTunes.lnk [2014/01/01 22:54:02 | 000,001,931 | ---- | M] () -- C:\Users\Vinc\Desktop\Driver DVD.lnk [2014/01/01 22:53:45 | 000,001,030 | ---- | M] () -- C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk [2014/01/01 21:18:32 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job [2014/01/01 15:01:27 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job [2013/12/30 17:57:27 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys [2013/12/30 17:56:50 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013/12/30 17:56:50 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013/12/30 17:56:50 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013/12/30 17:56:50 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013/12/30 17:56:50 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013/12/30 17:56:50 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013/12/21 14:43:56 | 000,000,651 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk [2013/12/21 11:33:53 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/12/21 11:33:53 | 000,653,968 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/12/21 11:33:53 | 000,615,850 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/12/21 11:33:53 | 000,129,840 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/12/21 11:33:53 | 000,106,230 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/12/15 13:17:42 | 000,000,729 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/12/08 18:22:48 | 000,000,719 | ---- | M] () -- C:\Users\Vinc\Desktop\Free Alarm Clock.lnk [2013/12/05 13:49:31 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk ========== Files Created - No Company Name ========== [2014/01/03 17:54:48 | 000,000,000 | ---- | C] () -- C:\Users\Vinc\defogger_reenable [2014/01/03 17:19:45 | 005,036,216 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/01/03 15:45:28 | 000,000,677 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014/01/01 22:55:08 | 000,001,074 | ---- | C] () -- C:\Users\Vinc\Desktop\RegClean Pro.lnk [2014/01/01 22:55:01 | 000,013,449 | ---- | C] () -- C:\Users\Vinc\Desktop\Recuva.lnk [2014/01/01 22:54:33 | 000,000,743 | ---- | C] () -- C:\Users\Vinc\Desktop\CDBurnerXP.lnk [2014/01/01 22:54:24 | 000,000,619 | ---- | C] () -- C:\Users\Vinc\Desktop\VLC media player.lnk [2014/01/01 22:54:17 | 000,001,547 | ---- | C] () -- C:\Users\Vinc\Desktop\iTunes.lnk [2014/01/01 22:54:02 | 000,001,931 | ---- | C] () -- C:\Users\Vinc\Desktop\Driver DVD.lnk [2014/01/01 22:53:45 | 000,001,030 | ---- | C] () -- C:\Users\Vinc\Desktop\ Malwarebytes Anti-Malware .lnk [2013/12/15 13:17:42 | 000,000,729 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/12/15 13:17:42 | 000,000,729 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/12/08 18:22:48 | 000,000,719 | ---- | C] () -- C:\Users\Vinc\Desktop\Free Alarm Clock.lnk [2013/05/04 12:37:55 | 000,000,132 | ---- | C] () -- C:\Users\Vinc\AppData\Roaming\Adobe PNG Format CS6 Prefs [2013/04/21 16:01:57 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys [2013/03/12 17:15:53 | 000,000,214 | ---- | C] () -- C:\Users\Vinc\.swfinfo [2012/11/19 08:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll [2012/11/19 08:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll [2012/09/25 12:28:24 | 000,007,605 | ---- | C] () -- C:\Users\Vinc\AppData\Local\Resmon.ResmonCfg [2012/05/27 11:25:53 | 000,003,584 | ---- | C] () -- C:\Users\Vinc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/04/24 18:37:27 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Acreon [2012/05/31 11:39:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Acronis [2012/09/13 14:20:48 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Audacity [2013/11/21 16:32:44 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\AVAST Software [2012/09/28 19:42:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\avidemux [2013/04/19 15:02:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\BANDISOFT [2013/04/20 08:56:21 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Blender Foundation [2013/04/04 22:44:41 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Canneverbe Limited [2012/09/16 16:16:19 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/09/28 20:25:02 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\DVDVideoSoft [2013/09/04 11:46:26 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\GoforFiles [2013/12/31 02:23:24 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Hotspot Shield [2012/09/09 21:07:06 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\KompoZer [2013/03/02 13:51:02 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\LolClient [2013/04/21 16:19:00 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\MotioninJoy [2013/12/28 17:54:12 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Mp3tag [2013/04/19 22:08:15 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\OBS [2012/09/12 15:28:51 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Opera [2013/05/11 15:33:47 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Origin [2012/09/16 17:11:26 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\PDAppFlex [2012/09/13 18:13:27 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\RaimaRadioPro [2013/12/31 16:43:40 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\RoboForm [2013/08/19 12:56:06 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Screaming Bee [2012/09/16 17:22:23 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Sony [2013/08/14 09:41:58 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Systweak [2010/07/25 15:17:39 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\TeamViewer [2014/01/03 15:57:08 | 000,000,000 | ---D | M] -- C:\Users\Vinc\AppData\Roaming\Thunderbird ========== Purity Check ========== < End of report > |
| Themen zu Windows 7 findet "einige" Viren |
| adblock, antivirus, avg, avira, browser, defender, firefox, flash player, google, helper, hotspot, install.exe, logfile, mozilla, object, plug-in, pup.optional.babylon.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.diamondata.a, pup.optional.regcleanerpro.a, pup.optional.regcleanerpro.j, pup.optional.regcleanpro.a, realtek, secunia psi, security, senden, tablet, viren, windows |
Baum-Darstellung