| |
| |||||||
Log-Analyse und Auswertung: Windows Vista: BKA Virus sperrt BildschirmWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
31.03.2014, 13:05
| #1 |
| |  Windows Vista: BKA Virus sperrt Bildschirm Hallo, habe seit ein paar Tagen den BKA Virus. Nach dem Hochfahren des Rechners sperrt er direkt meinen Bildschirm und ich kann nichts mehr machen... Habe mir OTL-CD gebootet und den Scan ausgeführt. Hoffe es kann jemand helfen. OTL.txt: Code:
ATTFilter OTL logfile created on: 3/31/2014 2:26:31 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 79.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.74 Gb Total Space | 1.24 Gb Free Space | 1.27% Space Free | Partition Type: NTFS
Drive I: | 191.56 Gb Total Space | 179.08 Gb Free Space | 93.49% Space Free | Partition Type: NTFS
Drive J: | 963.70 Mb Total Space | 712.72 Mb Free Space | 73.96% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2014/03/24 06:53:10 | 000,348,448 | ---- | M] () [Auto] -- C:\Program Files\Mega Browse\updateMegaBrowse.exe -- (Update Mega Browse)
SRV - [2014/03/24 06:51:17 | 000,151,552 | ---- | M] () [Auto] -- C:\ProgramData\a4lwg7jr.gsa -- (Winmgmt)
SRV - [2014/03/24 06:22:43 | 000,348,448 | ---- | M] () [Auto] -- C:\Program Files\Mega Browse\bin\utilMegaBrowse.exe -- (Util Mega Browse)
SRV - [2014/03/18 12:00:57 | 001,005,056 | ---- | M] () [Auto] -- C:\Users\Lukas\AppData\Roaming\BupSystem\bup.exe -- (bupService)
SRV - [2014/03/17 10:35:04 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2014/03/16 12:38:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/16 12:34:25 | 000,496,640 | ---- | M] (Cherished Technololgy LIMITED) [Auto] -- C:\ProgramData\WPM\wprotectmanager.exe -- (Wpm)
SRV - [2014/03/16 12:31:31 | 000,195,072 | ---- | M] () [Auto] -- C:\Program Files\Re-markit-soft\Re-markit157.exe -- (Re-markit)
SRV - [2014/03/10 10:39:48 | 000,011,776 | ---- | M] () [Auto] -- C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe -- (NewPlayerUpdaterService)
SRV - [2014/03/03 09:32:36 | 002,454,816 | ---- | M] (Conduit) [Auto] -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2014/02/26 10:31:52 | 000,209,408 | ---- | M] () [Auto] -- C:\Program Files\V-bates\ExtensionUpdaterService.exe -- (V-bates Updater)
SRV - [2014/02/26 02:44:20 | 000,508,016 | ---- | M] (Cherished Technololgy LIMITED) [Auto] -- C:\ProgramData\IePluginService\PluginService.exe -- (IePluginService)
SRV - [2014/02/18 09:47:06 | 000,036,392 | ---- | M] (Just Develop It) [Auto] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack) Computer Backup (MyPC Backup)
SRV - [2014/02/18 06:40:11 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/02/18 06:39:59 | 001,017,424 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2014/02/18 06:39:54 | 000,440,400 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/02/17 06:24:32 | 002,919,232 | R--- | M] (Iminent) [Auto] -- C:\Program Files\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2014/02/17 06:24:32 | 000,425,792 | R--- | M] () [Auto] -- C:\Program Files\Iminent\WinkHandler.exe -- (WinkHandler)
SRV - [2014/02/10 19:33:12 | 000,055,440 | ---- | M] (GenTechnologies Apps, LLC) [Auto] -- C:\ProgramData\MovieMode\MovieModeService.exe -- (MovieMode)
SRV - [2014/01/27 16:45:12 | 000,546,112 | ---- | M] () [Auto] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe -- (Level Quality Watcher)
SRV - [2014/01/25 22:57:28 | 000,084,328 | ---- | M] (SafeApp Software, LLC) [Auto] -- C:\Program Files\Registry Helper\RegistryHelperService.exe -- (Registry Helper Service)
SRV - [2014/01/15 20:39:44 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/08/30 04:51:16 | 001,740,600 | ---- | M] (TuneUp Software) [Auto] -- C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/08/14 09:19:22 | 000,039,056 | ---- | M] () [Auto] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/23 13:19:32 | 001,858,048 | ---- | M] (MAGIX AG) [Auto] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011/12/11 18:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2011/04/26 08:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010/09/06 03:16:58 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)
SRV - [2010/09/06 03:11:32 | 000,217,088 | ---- | M] (Teruten) [Auto] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/05/14 11:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/05/04 07:16:49 | 000,009,728 | ---- | M] (Deutsche Telekom AG) [Auto] -- C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe -- (Netzmanager Service)
SRV - [2009/02/25 08:28:39 | 000,408,696 | ---- | M] (Norman ASA) [Auto] -- C:\Program Files\Norman\Npm\Bin\Zanda.exe -- (Norman ZANDA)
SRV - [2009/01/20 03:24:01 | 000,126,008 | ---- | M] (Norman ASA) [Auto] -- C:\Program Files\Norman\npm\bin\nvoy.exe -- (NVOY)
SRV - [2008/05/13 05:49:00 | 000,203,896 | ---- | M] (Norman ASA) [On_Demand] -- C:\Program Files\Norman\Npm\bin\NJEEVES.EXE -- (Norman NJeeves)
SRV - [2008/04/25 09:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/21 06:17:02 | 000,017,408 | ---- | M] () [Auto] -- C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE -- (HerculesDJControlMP3)
SRV - [2007/11/21 04:59:54 | 000,150,584 | ---- | M] (Norman ASA) [Auto] -- C:\Program Files\Norman\Npm\Bin\Elogsvc.exe -- (eLoggerSvc6)
SRV - [2007/09/18 06:41:18 | 000,154,680 | ---- | M] (Norman ASA) [On_Demand] -- C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE -- (NVCScheduler)
SRV - [2007/06/05 08:20:32 | 000,177,704 | ---- | M] () [Auto] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/12/19 12:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/07/24 06:02:12 | 000,086,016 | ---- | M] (Olivetti) [Auto] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (RTL8187B)
DRV - File not found [Kernel | On_Demand] -- -- (PDNSp50)
DRV - File not found [Kernel | On_Demand] -- -- (PDNMp50)
DRV - File not found [Kernel | On_Demand] -- -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | System] -- -- (netfilter)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2014/03/24 06:53:08 | 000,055,232 | ---- | M] (StdLib) [Kernel | System] -- C:\Windows\System32\drivers\tStLib.sys -- (tStLib)
DRV - [2013/12/17 08:14:07 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/12/17 08:14:07 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/10/01 09:35:36 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/08/21 14:53:42 | 000,012,320 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2013/07/29 15:13:31 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/09/06 03:16:58 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/09/06 03:11:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/10/02 04:32:10 | 000,124,416 | ---- | M] (© Guillemot R&D, 2009. All rights reserved.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HDJMidi.sys -- (HDJMidi)
DRV - [2009/10/02 04:32:06 | 000,127,488 | ---- | M] (© Guillemot R&D, 2009. All rights reserved.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HDJBulk.sys -- (Bulk)
DRV - [2008/11/03 15:51:10 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2008/07/18 03:09:52 | 000,148,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/06/24 16:53:32 | 003,844,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/05/29 09:44:52 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/05/27 07:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008/05/02 07:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/03 08:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007/10/11 21:40:14 | 000,010,632 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2006/06/29 19:42:59 | 001,965,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289&q={searchTerms}
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289&q={searchTerms}
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {66b103a7-d772-4fcd-ace4-16f79a9056e0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - File not found
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Laura_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289
IE - HKU\Laura_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Laura_ON_C\Software\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\Laura_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\Laura_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.iminent.com/?appId=FD270491-55E2-4573-9DA1-BD69265FE522
IE - HKU\Laura_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Laura_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\Laura_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKU\Laura_ON_C\..\URLSearchHook: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files\SearchMe Toolbar\IE\8.9\searchmeToolbarIE.dll (Spigot, Inc.)
IE - HKU\Laura_ON_C\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - File not found
IE - HKU\Laura_ON_C\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKU\Laura_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Laura_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Laura_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:13828
IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Lukas_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\Lukas_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\Lukas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN74140414544174294&UM=2&ctid=CT3312329&UP=SP54CA924A-95F7-4B4A-B788-69FA3792F4F8&SSPV=
IE - HKU\Lukas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Lukas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Lukas_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 27 E0 4A 82 F3 CE 01 [binary data]
IE - HKU\Lukas_ON_C\..\URLSearchHook: {66b103a7-d772-4fcd-ace4-16f79a9056e0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
IE - HKU\Lukas_ON_C\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKU\Lukas_ON_C\..\URLSearchHook: {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files\SearchMe Toolbar\IE\8.9\searchmeToolbarIE.dll (Spigot, Inc.)
IE - HKU\Lukas_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\Lukas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Lukas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:13828
IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 19:01:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/09 09:54:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/28 15:24:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\freegames135@ZulaGames: C:\Users\Lukas\AppData\Roaming\Mozilla\Extensions\freegames135@ZulaGames [2013/12/09 08:14:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/28 15:24:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}: C:\Program Files\V-bates\Firefox [2014/03/16 13:56:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{c7c6f4e1-dfd0-4d7e-ba9f-0c51055de5e1}: C:\Program Files\Re-markit-soft\157.xpi [2014/03/16 12:31:33 | 000,011,556 | ---- | M] ()
[2014/02/18 07:10:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Zapp) - {03b42da4-e052-423f-b1f4-98a5faae8111} - C:\Program Files\Zapp\IE\Zapp.dll (Simply Tech LTD.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (IEOptimizer) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files\SavingsBull\IEOptimizer.dll ()
O2 - BHO: (media enhance) - {11111111-1111-1111-1111-110411411150} - C:\Program Files\media enhance\media enhance-bho.dll (freeven)
O2 - BHO: (HQTotalS) - {11111111-1111-1111-1111-110511311172} - C:\Program Files\HQTotalS\HQTotalS-bho.dll (HQplustotalS)
O2 - BHO: (iminent Helper Object) - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files\IminentToolbar\1.8.28.3\bh\iminent.dll (Iminent)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (V-bates) - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension32.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (Mega Browse) - {4e6cd411-ce62-4584-97ff-6afbcf6900af} - C:\Program Files\Mega Browse\MegaBrowseBHO.dll (Mega Browse)
O2 - BHO: (appbarioDE 1 Toolbar) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (XTTBPos00 Class) - {7914D9F0-DD27-4260-9BC1-AE01834B77CA} - C:\Program Files\T-Online\T-Online_Toolbar_2\T-Online_Toolbar_2.0.dll (Deutsche Telekom AG)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - File not found
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files\SearchMe Toolbar\IE\8.9\searchmeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - File not found
O2 - BHO: (Free Games 135) - {C07DBF44-A0EE-4A65-A273-2E7E1ABFBEF4} - C:\Program Files\Free Games 135\ScriptHost.dll (Zula Games)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - File not found
O3 - HKLM\..\Toolbar: (Zapp) - {03b42da4-e052-423f-b1f4-98a5faae8111} - C:\Program Files\Zapp\IE\Zapp.dll (Simply Tech LTD.)
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Iminent Toolbar) - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files\IminentToolbar\1.8.28.3\iminentTlbr.dll (Iminent)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (T-Online Toolbar 2.0) - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - C:\Program Files\T-Online\T-Online_Toolbar_2\T-Online_Toolbar_2.0.dll (Deutsche Telekom AG)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (appbarioDE 1 Toolbar) - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - File not found
O3 - HKLM\..\Toolbar: (SearchMe Toolbar) - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files\SearchMe Toolbar\IE\8.9\searchmeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - File not found
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Laura_ON_C\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\Laura_ON_C\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\Laura_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Laura_ON_C\..\Toolbar\WebBrowser: (T-Online Toolbar 2.0) - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - C:\Program Files\T-Online\T-Online_Toolbar_2\T-Online_Toolbar_2.0.dll (Deutsche Telekom AG)
O3 - HKU\Laura_ON_C\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - File not found
O3 - HKU\Laura_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\Laura_ON_C\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
O3 - HKU\Lukas_ON_C\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\Lukas_ON_C\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKU\Lukas_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Lukas_ON_C\..\Toolbar\WebBrowser: (T-Online Toolbar 2.0) - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - C:\Program Files\T-Online\T-Online_Toolbar_2\T-Online_Toolbar_2.0.dll (Deutsche Telekom AG)
O3 - HKU\Lukas_ON_C\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKU\Lukas_ON_C\..\Toolbar\WebBrowser: (appbarioDE 1 Toolbar) - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
O3 - HKU\Lukas_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKU\Lukas_ON_C\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Babylon Client] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®)
O4 - HKLM..\Run: [Iminent] File not found
O4 - HKLM..\Run: [IminentMessenger] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Norman ZANDA] C:\Program Files\Norman\Npm\Bin\ZLH.EXE (Norman ASA)
O4 - HKLM..\Run: [NPCTray] File not found
O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinampAgent] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [fsc-reg] File not found
O4 - HKU\Laura_ON_C..\Run: [EA Core] File not found
O4 - HKU\Laura_ON_C..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\Laura_ON_C..\Run: [ICQ] File not found
O4 - HKU\Laura_ON_C..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\Laura_ON_C..\Run: [Laura] File not found
O4 - HKU\Laura_ON_C..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMLauncher.exe (Smart PC Solutions)
O4 - HKU\Laura_ON_C..\Run: [recinfo] File not found
O4 - HKU\Laura_ON_C..\Run: [RGSC] File not found
O4 - HKU\Laura_ON_C..\Run: [SearchProtect] File not found
O4 - HKU\Laura_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Laura_ON_C..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Lukas_ON_C..\Run: [APISupport] C:\Users\Lukas\AppData\Local\Conduit\APISupport\APISupport.dll (Conduit Ltd.)
O4 - HKU\Lukas_ON_C..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\Lukas_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\Lukas_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Lukas_ON_C..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SpUninstallDeleteDir] File not found
O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\meine software.lnk = C:\Program Files\T-Home\Meine Software\meine software.exe (Deutsche Telekom AG)
O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
O4 - Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\Laura_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Laura_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{d82377b9-7160-11df-a7cd-8b974e5617ee}\Shell\AutoRun\command - "" = F:\ContentManager\ContentManagerStarter.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2014/03/27 18:15:42 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014/03/24 07:41:39 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/03/24 06:53:08 | 000,055,232 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\tStLib.sys
[2014/03/24 06:42:32 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\Der Herr der Ringe - 2
[2014/03/24 06:31:20 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\The Best of The Irish Folk Festival Vol.2
[2014/03/24 06:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\SearchMe Toolbar
[2014/03/24 06:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2014/03/18 13:10:04 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\Der Herr der Ringe - 3
[2014/03/18 12:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
[2014/03/18 12:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Audiograbber
[2014/03/18 12:01:42 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\SimplyTech
[2014/03/18 12:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\Zapp
[2014/03/18 12:01:28 | 000,000,000 | ---D | C] -- C:\temp
[2014/03/18 12:01:22 | 000,000,000 | ---D | C] -- C:\Program Files\SavingsBull
[2014/03/18 12:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\Level Quality Watcher
[2014/03/18 12:01:00 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\BupSystem
[2014/03/18 12:00:55 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Security System 2
[2014/03/18 11:41:51 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\Der Herr der Ringe - 1
[2014/03/18 11:31:36 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\Album
[2014/03/18 11:24:02 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\MovieMode
[2014/03/16 13:58:27 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\MovieMode
[2014/03/16 13:56:55 | 000,000,000 | ---D | C] -- C:\ProgramData\MovieMode
[2014/03/16 13:56:32 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\mysearchdial
[2014/03/16 13:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mysearchdial
[2014/03/16 13:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\V-bates
[2014/03/16 13:02:50 | 000,000,000 | ---D | C] -- C:\Users\Laura\Documents\PC Speed Maximizer
[2014/03/16 13:02:36 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\PC Speed Maximizer
[2014/03/16 13:00:59 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\Tuguu_SL
[2014/03/16 13:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
[2014/03/16 12:58:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry Helper
[2014/03/16 12:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Helper
[2014/03/16 12:58:40 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Helper
[2014/03/16 12:57:59 | 000,000,000 | ---D | C] -- C:\Program Files\BringStar
[2014/03/16 12:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\Mega Browse
[2014/03/16 12:57:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
[2014/03/16 12:57:06 | 000,954,784 | ---- | C] (AnyProtect.com) -- C:\Users\Laura\AppData\Local\AnyProtectScannerSetup.exe
[2014/03/16 12:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\PC Speed Maximizer
[2014/03/16 12:38:59 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
[2014/03/16 12:38:54 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/03/16 12:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\AnyProtectEx
[2014/03/16 12:36:21 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\VOPackage
[2014/03/16 12:36:21 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[2014/03/16 12:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014/03/16 12:34:30 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\SupTab
[2014/03/16 12:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab
[2014/03/16 12:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014/03/16 12:34:22 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\newplayer
[2014/03/16 12:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
[2014/03/16 12:33:42 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\awesomehp
[2014/03/16 12:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\NewPlayer
[2014/03/16 12:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2014/03/16 12:32:45 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Uniblue
[2014/03/16 12:32:45 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2014/03/16 12:32:25 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/03/16 12:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2014/03/16 12:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\media enhance
[2014/03/16 12:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\HQTotalS
[2014/03/16 12:31:33 | 000,000,000 | ---D | C] -- C:\Program Files\Re-markit-soft
[2014/03/16 12:20:50 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\TuneUp Software
[2014/03/07 11:32:18 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\Filme
[2014/03/06 12:09:12 | 000,000,000 | ---D | C] -- C:\output
[2014/03/06 12:08:48 | 000,000,000 | ---D | C] -- C:\WAV To MP3
[2014/03/06 12:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WAV To MP3
[2014/03/05 13:09:47 | 000,036,664 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2014/03/05 13:09:43 | 000,025,400 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2014/03/05 13:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
[2014/03/05 13:09:11 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\TuneUp Software
[2014/03/05 13:07:14 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2014
[2014/03/05 13:06:20 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2014/03/05 13:05:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014/03/05 13:05:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/03/05 13:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2014/03/05 13:02:46 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\OpenCandy
[2014/03/05 13:02:46 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\DVDVideoSoft
[2014/03/05 13:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011/12/07 15:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[4 C:\Users\Laura\Documents\*.tmp files -> C:\Users\Laura\Documents\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Users\Laura\AppData\Local\*.tmp files -> C:\Users\Laura\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/03/27 14:00:22 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job
[2014/03/27 13:59:34 | 000,003,068 | ---- | M] () -- C:\Windows\tasks\HQTotalS-chromeinstaller.job
[2014/03/27 13:59:34 | 000,002,502 | ---- | M] () -- C:\Windows\tasks\HQTotalS-firefoxinstaller.job
[2014/03/27 13:59:32 | 000,001,478 | ---- | M] () -- C:\Windows\tasks\HQTotalS-updater.job
[2014/03/27 13:59:32 | 000,001,426 | ---- | M] () -- C:\Windows\tasks\media enhance-enabler.job
[2014/03/27 13:59:32 | 000,001,340 | ---- | M] () -- C:\Windows\tasks\HQTotalS-enabler.job
[2014/03/27 13:58:31 | 095,027,928 | ---- | M] () -- C:\ProgramData\rj7gwl4a.bbr
[2014/03/27 13:58:15 | 000,001,564 | ---- | M] () -- C:\Windows\tasks\media enhance-updater.job
[2014/03/27 13:58:14 | 000,003,088 | ---- | M] () -- C:\Windows\tasks\media enhance-chromeinstaller.job
[2014/03/27 13:58:13 | 000,002,342 | ---- | M] () -- C:\Windows\tasks\media enhance-firefoxinstaller.job
[2014/03/27 13:58:05 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/27 13:58:03 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job
[2014/03/27 13:58:02 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Re-markit_wd.job
[2014/03/27 13:58:01 | 000,001,526 | ---- | M] () -- C:\Windows\tasks\media enhance-codedownloader.job
[2014/03/27 13:58:01 | 000,001,440 | ---- | M] () -- C:\Windows\tasks\HQTotalS-codedownloader.job
[2014/03/27 13:58:01 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\Re-markit Update.job
[2014/03/27 13:58:01 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
[2014/03/27 13:57:48 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/27 13:57:48 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/27 13:57:46 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2014/03/27 13:57:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/24 10:58:23 | 002,074,525 | -H-- | M] () -- C:\Users\Lukas\AppData\Local\IconCache.db
[2014/03/24 09:46:32 | 004,527,821 | -H-- | M] () -- C:\Users\Laura\AppData\Local\IconCache.db
[2014/03/24 09:35:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/24 07:04:51 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/24 07:02:54 | 000,000,876 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk
[2014/03/24 06:53:08 | 000,055,232 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\tStLib.sys
[2014/03/24 06:51:38 | 000,000,876 | ---- | M] () -- C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk
[2014/03/24 06:51:17 | 000,151,552 | ---- | M] () -- C:\ProgramData\a4lwg7jr.gsa
[2014/03/24 06:50:26 | 001,572,690 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2014/03/24 06:50:26 | 000,676,338 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2014/03/24 06:50:26 | 000,636,064 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/24 06:50:26 | 000,146,104 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2014/03/24 06:50:26 | 000,120,146 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/18 12:02:11 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2014/03/18 12:02:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
[2014/03/18 11:21:03 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/03/18 11:21:03 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/03/18 11:21:03 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/03/16 13:58:03 | 000,000,848 | ---- | M] () -- C:\Users\Laura\Desktop\AnyProtect.lnk
[2014/03/16 13:56:07 | 000,000,045 | ---- | M] () -- C:\user.js
[2014/03/16 13:28:45 | 005,168,012 | ---- | M] () -- C:\Users\Lukas\Desktop\Martin Garrix & Jay Hardway - Wizard (Official Video HD).mp3
[2014/03/16 13:18:16 | 004,439,509 | ---- | M] () -- C:\Users\Lukas\Desktop\David Guetta - Shot Me Down Ft. skylar Grey Trap Remix (Dustin Que).mp3
[2014/03/16 13:13:23 | 007,319,666 | ---- | M] () -- C:\Users\Lukas\Desktop\ENVY - Am I Wrong (Official Video).mp3
[2014/03/16 13:10:49 | 004,638,249 | ---- | M] () -- C:\Users\Lukas\Desktop\Sam Smith - Money On My Mind (Lyric Video).mp3
[2014/03/16 13:09:07 | 005,514,082 | ---- | M] () -- C:\Users\Lukas\Desktop\Rather Be - Clean Bandit feat Jess Glynne Lyrics.mp3
[2014/03/16 12:58:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Helper
[2014/03/16 12:57:08 | 000,000,920 | ---- | M] () -- C:\Users\Laura\Desktop\PC Speed Maximizer.lnk
[2014/03/16 12:57:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
[2014/03/16 12:42:07 | 000,001,442 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\aps.scan.results
[2014/03/16 12:42:07 | 000,000,610 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\aps.scan.quick.results
[2014/03/16 12:42:07 | 000,000,161 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\aps.uninstall.scan.results
[2014/03/16 12:38:54 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/03/16 12:38:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/03/16 12:33:53 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\NewPlayer.lnk
[2014/03/16 12:33:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
[2014/03/16 12:33:14 | 000,001,135 | ---- | M] () -- C:\Users\Laura\Desktop\Internet Explorer.lnk
[2014/03/16 12:32:52 | 000,000,988 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2014/03/16 12:32:51 | 000,002,211 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/03/16 12:32:51 | 000,001,159 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/03/16 12:32:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2014/03/16 12:32:50 | 000,001,760 | ---- | M] () -- C:\Users\Laura\Desktop\Sync Folder.lnk
[2014/03/16 12:32:25 | 000,000,900 | ---- | M] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/03/16 12:32:25 | 000,000,890 | ---- | M] () -- C:\Users\Laura\Desktop\MyPC Backup.lnk
[2014/03/16 12:31:35 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/16 12:30:40 | 000,000,000 | ---- | M] () -- C:\END
[2014/03/16 12:29:43 | 003,300,988 | ---- | M] () -- C:\Users\Lukas\Desktop\AVICII - Addicted To You (Original) Full Version.mp3
[2014/03/14 18:27:21 | 023,648,998 | ---- | M] () -- C:\Users\Lukas\Desktop\Joseph Capriati - Solar System (Original Mix).mp3
[2014/03/14 18:27:21 | 022,550,596 | ---- | M] () -- C:\Users\Lukas\Desktop\Adam Beyer And Alan Fitzpatrick - Human Reason (Len Faki Remix).mp3
[2014/03/13 11:24:16 | 000,954,784 | ---- | M] (AnyProtect.com) -- C:\Users\Laura\AppData\Local\AnyProtectScannerSetup.exe
[2014/03/08 14:12:04 | 005,210,017 | ---- | M] () -- C:\Users\Lukas\Desktop\[Official Lyrics Video] Dark Horse- Katy Perry ft. Juicy J.mp3
[2014/03/08 14:09:04 | 000,017,408 | ---- | M] () -- C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/03/07 12:00:48 | 002,578,651 | ---- | M] () -- C:\Users\Lukas\Desktop\Kate Nash - Do-Wah-Doo.mp3
[2014/03/06 12:09:41 | 011,359,535 | ---- | M] () -- C:\Users\Lukas\Desktop\kalkbrenner unknown.mp3
[2014/03/06 12:08:49 | 000,000,550 | ---- | M] () -- C:\Users\Public\Desktop\WAV To MP3.lnk
[2014/03/06 12:08:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WAV To MP3
[2014/03/06 12:07:24 | 006,853,850 | ---- | M] () -- C:\Users\Lukas\Desktop\Paul Kalkbrenner - Unreleased Mayday 2003.mp3
[2014/03/05 13:09:35 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
[2014/03/05 13:09:34 | 000,001,895 | ---- | M] () -- C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2014.lnk
[2014/03/05 13:09:34 | 000,001,883 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
[2014/03/05 13:09:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
[2014/03/05 13:06:52 | 095,771,535 | ---- | M] () -- C:\Users\Lukas\Desktop\Paul Kalkbrenner @ Click Hamburg 08.03.2003.mp3
[2014/03/05 13:03:11 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2014/03/05 13:03:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2014/03/05 12:28:28 | 010,048,103 | ---- | M] () -- C:\Users\Lukas\Desktop\DC123 - Alan Fitzpatrick - 1992 (Official Video) - Drumcode.mp3
[2014/03/05 12:19:17 | 011,333,328 | ---- | M] () -- C:\Users\Lukas\Desktop\Harvey McKay - Lost (Original Mix) [DRUMCODE].mp3
[2014/03/05 12:16:44 | 011,185,370 | ---- | M] () -- C:\Users\Lukas\Desktop\Harvey McKay - Silk Road - Drumcode - DC124.mp3
[2014/03/05 12:12:57 | 010,345,272 | ---- | M] () -- C:\Users\Lukas\Desktop\Ant Brooks, Matt Sassari - Airglow (Original Mix).mp3
[4 C:\Users\Laura\Documents\*.tmp files -> C:\Users\Laura\Documents\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Users\Laura\AppData\Local\*.tmp files -> C:\Users\Laura\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/03/24 07:02:54 | 000,000,876 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk
[2014/03/24 06:51:38 | 000,000,876 | ---- | C] () -- C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk
[2014/03/24 06:51:27 | 095,027,928 | ---- | C] () -- C:\ProgramData\rj7gwl4a.bbr
[2014/03/24 06:51:17 | 000,151,552 | ---- | C] () -- C:\ProgramData\a4lwg7jr.gsa
[2014/03/18 12:02:11 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2014/03/18 12:01:42 | 000,033,864 | ---- | C] () -- C:\Windows\Launcher.exe
[2014/03/18 11:33:46 | 007,319,666 | ---- | C] () -- C:\Users\Lukas\Desktop\ENVY - Am I Wrong (Official Video).mp3
[2014/03/18 11:33:17 | 005,514,082 | ---- | C] () -- C:\Users\Lukas\Desktop\Rather Be - Clean Bandit feat Jess Glynne Lyrics.mp3
[2014/03/18 11:33:10 | 003,300,988 | ---- | C] () -- C:\Users\Lukas\Desktop\AVICII - Addicted To You (Original) Full Version.mp3
[2014/03/18 11:33:09 | 005,168,012 | ---- | C] () -- C:\Users\Lukas\Desktop\Martin Garrix & Jay Hardway - Wizard (Official Video HD).mp3
[2014/03/18 11:32:09 | 004,638,249 | ---- | C] () -- C:\Users\Lukas\Desktop\Sam Smith - Money On My Mind (Lyric Video).mp3
[2014/03/18 11:31:56 | 004,439,509 | ---- | C] () -- C:\Users\Lukas\Desktop\David Guetta - Shot Me Down Ft. skylar Grey Trap Remix (Dustin Que).mp3
[2014/03/16 13:59:47 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/03/16 13:59:44 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/03/16 13:59:41 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/03/16 13:56:09 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
[2014/03/16 13:56:07 | 000,000,045 | ---- | C] () -- C:\user.js
[2014/03/16 12:57:08 | 000,000,920 | ---- | C] () -- C:\Users\Laura\Desktop\PC Speed Maximizer.lnk
[2014/03/16 12:42:07 | 000,001,442 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\aps.scan.results
[2014/03/16 12:39:07 | 000,000,610 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\aps.scan.quick.results
[2014/03/16 12:39:07 | 000,000,161 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\aps.uninstall.scan.results
[2014/03/16 12:38:59 | 000,000,848 | ---- | C] () -- C:\Users\Laura\Desktop\AnyProtect.lnk
[2014/03/16 12:38:55 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/16 12:34:29 | 000,001,564 | ---- | C] () -- C:\Windows\tasks\media enhance-updater.job
[2014/03/16 12:34:29 | 000,001,478 | ---- | C] () -- C:\Windows\tasks\HQTotalS-updater.job
[2014/03/16 12:33:57 | 000,001,426 | ---- | C] () -- C:\Windows\tasks\media enhance-enabler.job
[2014/03/16 12:33:57 | 000,001,340 | ---- | C] () -- C:\Windows\tasks\HQTotalS-enabler.job
[2014/03/16 12:33:53 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\NewPlayer.lnk
[2014/03/16 12:33:48 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC Maintenance.job
[2014/03/16 12:33:29 | 000,001,526 | ---- | C] () -- C:\Windows\tasks\media enhance-codedownloader.job
[2014/03/16 12:33:27 | 000,000,260 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC Startup.job
[2014/03/16 12:33:07 | 000,001,440 | ---- | C] () -- C:\Windows\tasks\HQTotalS-codedownloader.job
[2014/03/16 12:32:52 | 000,002,342 | ---- | C] () -- C:\Windows\tasks\media enhance-firefoxinstaller.job
[2014/03/16 12:32:52 | 000,000,988 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2014/03/16 12:32:50 | 000,001,760 | ---- | C] () -- C:\Users\Laura\Desktop\Sync Folder.lnk
[2014/03/16 12:32:42 | 000,002,502 | ---- | C] () -- C:\Windows\tasks\HQTotalS-firefoxinstaller.job
[2014/03/16 12:32:25 | 000,000,900 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2014/03/16 12:32:25 | 000,000,890 | ---- | C] () -- C:\Users\Laura\Desktop\MyPC Backup.lnk
[2014/03/16 12:32:24 | 000,003,088 | ---- | C] () -- C:\Windows\tasks\media enhance-chromeinstaller.job
[2014/03/16 12:32:02 | 000,003,068 | ---- | C] () -- C:\Windows\tasks\HQTotalS-chromeinstaller.job
[2014/03/16 12:31:47 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\Re-markit Update.job
[2014/03/16 12:31:37 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\Re-markit_wd.job
[2014/03/14 07:10:23 | 022,550,596 | ---- | C] () -- C:\Users\Lukas\Desktop\Adam Beyer And Alan Fitzpatrick - Human Reason (Len Faki Remix).mp3
[2014/03/14 07:08:21 | 023,648,998 | ---- | C] () -- C:\Users\Lukas\Desktop\Joseph Capriati - Solar System (Original Mix).mp3
[2014/03/08 14:11:56 | 005,210,017 | ---- | C] () -- C:\Users\Lukas\Desktop\[Official Lyrics Video] Dark Horse- Katy Perry ft. Juicy J.mp3
[2014/03/07 12:00:36 | 002,578,651 | ---- | C] () -- C:\Users\Lukas\Desktop\Kate Nash - Do-Wah-Doo.mp3
[2014/03/06 12:09:13 | 011,359,535 | ---- | C] () -- C:\Users\Lukas\Desktop\kalkbrenner unknown.mp3
[2014/03/06 12:08:49 | 000,000,550 | ---- | C] () -- C:\Users\Public\Desktop\WAV To MP3.lnk
[2014/03/06 12:07:15 | 006,853,850 | ---- | C] () -- C:\Users\Lukas\Desktop\Paul Kalkbrenner - Unreleased Mayday 2003.mp3
[2014/03/05 13:09:35 | 000,001,871 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
[2014/03/05 13:09:34 | 000,001,895 | ---- | C] () -- C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2014.lnk
[2014/03/05 13:09:34 | 000,001,883 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
[2014/03/05 13:04:30 | 095,771,535 | ---- | C] () -- C:\Users\Lukas\Desktop\Paul Kalkbrenner @ Click Hamburg 08.03.2003.mp3
[2014/03/05 13:03:11 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2014/03/05 12:28:08 | 010,048,103 | ---- | C] () -- C:\Users\Lukas\Desktop\DC123 - Alan Fitzpatrick - 1992 (Official Video) - Drumcode.mp3
[2014/03/05 12:18:58 | 011,333,328 | ---- | C] () -- C:\Users\Lukas\Desktop\Harvey McKay - Lost (Original Mix) [DRUMCODE].mp3
[2014/03/05 12:16:27 | 011,185,370 | ---- | C] () -- C:\Users\Lukas\Desktop\Harvey McKay - Silk Road - Drumcode - DC124.mp3
[2014/03/05 12:12:35 | 010,345,272 | ---- | C] () -- C:\Users\Lukas\Desktop\Ant Brooks, Matt Sassari - Airglow (Original Mix).mp3
[2014/02/10 19:32:54 | 001,152,656 | ---- | C] () -- C:\Windows\System32\MovieMode.48CA2AEFA22D.dll
[2013/09/28 15:43:34 | 002,074,525 | -H-- | C] () -- C:\Users\Lukas\AppData\Local\IconCache.db
[2013/09/01 18:23:50 | 000,039,904 | ---- | C] () -- C:\Windows\System32\DiscHandler.exe
[2013/08/29 23:54:26 | 003,915,776 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2013/08/29 23:53:34 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013/08/29 23:51:58 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2013/08/29 23:51:54 | 000,157,184 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2013/08/29 23:51:50 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2013/08/29 23:51:48 | 001,525,760 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2013/08/29 23:51:48 | 000,211,968 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2013/08/29 23:51:48 | 000,114,688 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2013/08/29 23:51:40 | 000,271,360 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2013/08/29 23:51:40 | 000,136,704 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2013/07/26 09:24:22 | 006,275,760 | ---- | C] () -- C:\Windows\System32\avcodec-lav-55.dll
[2013/07/26 09:24:22 | 001,239,216 | ---- | C] () -- C:\Windows\System32\avformat-lav-55.dll
[2013/07/26 09:24:22 | 000,394,416 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
[2013/07/26 09:24:22 | 000,288,944 | ---- | C] () -- C:\Windows\System32\avutil-lav-52.dll
[2013/07/26 09:24:22 | 000,235,184 | ---- | C] () -- C:\Windows\System32\avfilter-lav-3.dll
[2013/07/26 09:24:22 | 000,190,640 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2013/07/26 09:24:22 | 000,150,192 | ---- | C] () -- C:\Windows\System32\avresample-lav-1.dll
[2013/04/14 06:00:06 | 000,150,016 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2013/04/14 06:00:02 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2013/04/14 05:59:54 | 000,143,872 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2013/04/14 05:59:48 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2013/04/14 05:59:36 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2013/04/14 05:59:32 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll
[2013/04/14 05:59:28 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2013/04/14 05:59:12 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2013/04/14 05:59:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2013/04/14 05:59:06 | 000,357,376 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2013/04/14 05:59:06 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2013/04/14 05:58:12 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2013/04/14 05:58:12 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2013/02/01 17:31:59 | 000,017,408 | ---- | C] () -- C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/01 17:25:32 | 000,000,093 | ---- | C] () -- C:\Users\Lukas\AppData\Local\fusioncache.dat
[2013/02/01 17:25:22 | 000,122,448 | ---- | C] () -- C:\Users\Lukas\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/09/29 18:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\System32\Formats.ini
[2012/07/02 16:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\System32\theowl.dll
[2012/02/02 23:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\System32\TCPClient.dll
[2011/11/06 09:24:59 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/09/03 09:55:47 | 000,000,164 | ---- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2011/06/30 06:20:36 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/06/23 23:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/06/23 23:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/06/15 07:37:00 | 001,108,992 | ---- | C] () -- C:\Windows\System32\phidget21.dll
[2011/05/08 09:55:34 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/03/10 09:43:13 | 000,000,141 | ---- | C] () -- C:\Windows\disney.ini
[2011/03/10 09:43:02 | 000,000,185 | ---- | C] () -- C:\Windows\disneysy.ini
[2011/02/11 06:26:20 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OptimFROG.dll
[2010/10/09 04:35:59 | 000,479,744 | ---- | C] () -- C:\Users\Laura\AppData\Local\hhizaaa.exe
[2010/09/06 03:19:40 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2010/09/06 03:19:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2010/09/06 03:19:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2010/09/06 03:19:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010/08/27 16:18:51 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/08/27 14:24:12 | 000,002,243 | ---- | C] () -- C:\Users\Laura\AppData\Local\dydsp_navps.dat
[2010/08/27 14:24:05 | 000,248,725 | ---- | C] () -- C:\Users\Laura\AppData\Local\dydsp_nav.dat
[2010/08/27 14:24:04 | 000,003,226 | ---- | C] () -- C:\Users\Laura\AppData\Local\dydsp.dat
[2010/08/26 19:34:36 | 000,038,912 | ---- | C] () -- C:\Windows\System32\libvout_wrapper_plugin.dll
[2010/08/26 19:34:36 | 000,034,816 | ---- | C] () -- C:\Windows\System32\libvmem_plugin.dll
[2010/08/26 19:34:34 | 000,243,200 | ---- | C] () -- C:\Windows\System32\libswscale_plugin.dll
[2010/08/26 19:34:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\libstream_out_transcode_plugin.dll
[2010/08/26 19:34:32 | 000,035,840 | ---- | C] () -- C:\Windows\System32\libstream_out_smem_plugin.dll
[2010/08/26 19:34:30 | 000,051,200 | ---- | C] () -- C:\Windows\System32\libps_plugin.dll
[2010/08/26 19:34:30 | 000,040,448 | ---- | C] () -- C:\Windows\System32\libpacketizer_mpegvideo_plugin.dll
[2010/08/26 19:34:30 | 000,037,888 | ---- | C] () -- C:\Windows\System32\libmpeg_audio_plugin.dll
[2010/08/26 19:34:30 | 000,033,280 | ---- | C] () -- C:\Windows\System32\libmux_wav_plugin.dll
[2010/08/26 19:34:30 | 000,031,232 | ---- | C] () -- C:\Windows\System32\libmpgv_plugin.dll
[2010/08/26 19:34:28 | 000,039,424 | ---- | C] () -- C:\Windows\System32\libfilesystem_plugin.dll
[2010/08/26 19:34:28 | 000,035,328 | ---- | C] () -- C:\Windows\System32\libmjpeg_plugin.dll
[2010/08/26 19:34:28 | 000,033,280 | ---- | C] () -- C:\Windows\System32\libmemcpymmx_plugin.dll
[2010/08/26 19:34:22 | 007,124,992 | ---- | C] () -- C:\Windows\System32\libavcodec_plugin.dll
[2010/08/26 19:34:22 | 002,263,552 | ---- | C] () -- C:\Windows\System32\libvlccore.dll
[2010/08/26 19:34:22 | 000,101,376 | ---- | C] () -- C:\Windows\System32\libvlc.dll
[2010/08/26 19:34:22 | 000,088,064 | ---- | C] () -- C:\Windows\System32\libaccess_http_plugin.dll
[2010/08/26 19:34:22 | 000,032,256 | ---- | C] () -- C:\Windows\System32\libau_plugin.dll
[2010/06/07 15:42:02 | 000,000,374 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/05/20 09:28:54 | 000,434,176 | ---- | C] () -- C:\Users\Laura\AppData\Local\hanit.exe
[2010/05/09 12:33:42 | 000,000,000 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\chrtmp
[2010/05/02 09:55:43 | 004,527,821 | -H-- | C] () -- C:\Users\Laura\AppData\Local\IconCache.db
[2010/04/05 20:05:48 | 000,781,312 | ---- | C] () -- C:\Windows\System32\highgui210.dll
[2010/04/05 20:05:16 | 002,085,888 | ---- | C] () -- C:\Windows\System32\cv210.dll
[2010/04/05 20:04:06 | 002,201,088 | ---- | C] () -- C:\Windows\System32\cxcore210.dll
[2010/03/24 07:15:10 | 000,047,104 | ---- | C] () -- C:\Windows\System32\bass_tak.dll
[2010/02/20 02:24:16 | 000,000,088 | ---- | C] () -- C:\Users\Laura\AppData\Local\demcd.bat
[2010/02/18 14:17:58 | 000,002,996 | ---- | C] () -- C:\Users\Laura\AppData\Local\hxqba_navps.dat
[2010/02/18 14:17:57 | 000,248,100 | ---- | C] () -- C:\Users\Laura\AppData\Local\hxqba_nav.dat
[2010/02/18 14:17:57 | 000,003,333 | ---- | C] () -- C:\Users\Laura\AppData\Local\hxqba.dat
[2010/02/04 08:22:11 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/02/04 08:22:11 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/02/01 08:00:28 | 000,000,093 | ---- | C] () -- C:\Users\Laura\AppData\Local\fusioncache.dat
[2009/12/29 08:16:52 | 000,000,025 | ---- | C] () -- C:\Windows\CDEC46Euro.ini
[2009/11/15 07:10:36 | 000,000,088 | ---- | C] () -- C:\Users\Laura\AppData\Local\xikbmof.bat
[2009/11/09 14:45:14 | 000,000,614 | ---- | C] () -- C:\Windows\System32\ppa_service.dat
[2009/11/09 14:45:12 | 000,128,000 | ---- | C] () -- C:\Windows\System32\ppa_service.exe
[2009/11/09 14:45:12 | 000,043,008 | ---- | C] () -- C:\Windows\System32\ppa_service.dll
[2009/11/09 07:44:08 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2009/09/18 06:57:39 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009/09/18 06:57:09 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/06/14 10:02:46 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2009/05/30 00:42:00 | 000,309,248 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2009/04/13 11:08:35 | 000,000,824 | ---- | C] () -- C:\Windows\eReg.dat
[2009/03/12 12:33:33 | 000,000,680 | ---- | C] () -- C:\Users\Laura\AppData\Local\d3d9caps.dat
[2009/03/11 21:01:00 | 000,023,552 | ---- | C] () -- C:\Windows\System32\DirectCOM.dll
[2009/01/27 19:06:16 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/01/27 19:06:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/27 12:11:10 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\81095FE524.sys
[2009/01/27 11:34:00 | 000,002,516 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/01/20 08:57:38 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/01/20 08:57:32 | 000,000,035 | ---- | C] () -- C:\Windows\vbaddin.ini
[2008/12/15 19:30:36 | 000,001,008 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\wklnhst.dat
[2008/11/03 14:49:57 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LXF3PMON.DLL
[2008/11/03 14:49:57 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXF3FXPU.DLL
[2008/11/03 14:49:37 | 000,053,248 | ---- | C] () -- C:\Windows\System32\lxf3oem.dll
[2008/11/03 14:49:37 | 000,012,288 | ---- | C] () -- C:\Windows\System32\LXF3PMRC.DLL
[2008/11/02 16:25:24 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/11/02 16:22:16 | 000,059,392 | ---- | C] () -- C:\Users\Laura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/02 15:30:27 | 000,122,448 | ---- | C] () -- C:\Users\Laura\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/11/02 15:29:42 | 000,000,342 | ---- | C] () -- C:\Windows\{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}_WiseFW.ini
[2008/10/22 00:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008/09/18 11:25:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/09/18 11:10:56 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/09/18 11:10:56 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/09/18 11:10:56 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/09/18 11:10:56 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/09/18 11:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008/09/18 11:10:56 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008/04/25 09:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008/01/21 03:16:22 | 001,572,690 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2008/01/21 03:15:58 | 000,676,338 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 03:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 03:15:58 | 000,146,104 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 03:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/01/20 22:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2008/01/20 22:24:29 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2007/10/25 12:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/06/05 08:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,413,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:37:35 | 000,030,808 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 08:37:35 | 000,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 08:37:35 | 000,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:35 | 000,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:34:41 | 000,197,632 | ---- | C] () -- C:\Windows\System32\ir32_32.dll
[2006/11/02 06:33:01 | 000,636,064 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,120,146 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2006/11/02 06:23:31 | 000,000,269 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 06:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:10:37 | 000,053,536 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2006/11/02 03:10:02 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe
[2006/11/02 03:10:00 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe
[2006/11/02 03:09:59 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com
[2006/11/02 03:09:59 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM
[2006/11/02 03:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe
[2006/11/02 03:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe
[2006/11/02 03:09:57 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM
[2006/11/02 03:09:56 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe
[2006/11/02 03:09:55 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe
[2006/11/02 03:09:55 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM
[2006/11/02 03:09:53 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe
[2006/11/02 03:09:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe
[2006/11/02 03:09:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe
[2006/11/02 03:09:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe
[2006/11/02 03:09:49 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM
[2006/11/02 03:09:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe
[2006/11/02 03:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys
[2006/11/02 03:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 03:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 03:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS
[2006/11/02 03:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 03:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 03:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 03:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 03:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 03:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 03:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 03:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 03:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 03:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS
[2006/11/02 03:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 02:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
[1997/06/14 07:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
========== LOP Check ==========
[2010/05/02 07:34:50 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\AnvSoft
[2009/06/14 13:03:58 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Audacity
[2014/03/16 12:33:43 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\awesomehp
[2010/05/13 19:16:19 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Azureus
[2013/02/01 17:10:38 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Babylon
[2008/11/17 16:26:23 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Cornelsen
[2011/09/03 09:54:33 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Degener
[2011/03/10 10:34:04 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Desperate Housewives
[2009/11/09 08:50:29 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\DriverCure
[2011/12/05 10:17:52 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\DVDVideoSoft
[2011/04/08 00:20:37 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/09/05 14:38:57 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Epson
[2009/11/08 17:33:25 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\FileZilla
[2010/03/06 14:08:51 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\FreeFLVConverter
[2010/11/14 09:23:26 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\GetRightToGo
[2009/05/06 13:06:02 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\gtk-2.0
[2009/08/11 07:59:34 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\KeyProducer
[2008/11/03 15:04:39 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Lexmark Productivity Studio
[2014/03/16 13:56:32 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\mysearchdial
[2013/06/05 18:48:43 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Origin
[2014/03/16 13:02:36 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\PC Speed Maximizer
[2010/02/04 08:27:59 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\PC Suite
[2011/10/13 05:52:53 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Samsung
[2010/05/13 16:40:21 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\SecondLife
[2014/02/20 12:33:16 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\simplitec
[2014/03/16 12:17:32 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\StarOffice8
[2014/03/16 12:34:30 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\SupTab
[2010/02/01 07:55:35 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\T-Online
[2008/12/15 19:30:37 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Template
[2011/10/10 07:07:48 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\thriXXX
[2014/03/16 12:20:50 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\TuneUp Software
[2014/03/16 12:32:45 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Uniblue
[2010/05/10 08:59:27 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\UseNeXT
[2011/10/16 10:17:15 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Utherverse
[2010/06/08 07:53:17 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\uTorrent
[2010/05/09 12:27:22 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\Verimount
[2014/03/16 12:36:21 | 000,000,000 | ---D | M] -- C:\Users\Laura\AppData\Roaming\VOPackage
[2014/02/18 07:21:35 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Ableton
[2014/03/08 13:56:39 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Audacity
[2013/03/07 12:31:28 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Babylon
[2014/03/18 12:01:18 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\BupSystem
[2014/03/18 11:56:40 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\DVDVideoSoft
[2013/05/04 07:25:49 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Epson
[2013/12/06 18:05:33 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\FlowStone
[2013/12/09 08:14:39 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\freegames135
[2013/06/11 17:31:09 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Image-Line
[2014/02/18 07:10:18 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\IminentToolbar
[2013/03/27 21:27:57 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Lexmark Productivity Studio
[2014/01/30 19:52:43 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\MAGIX
[2014/03/05 13:02:46 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\OpenCandy
[2013/12/06 18:30:18 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Origin
[2013/10/04 13:15:31 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Samsung
[2014/03/18 12:01:11 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Security System 2
[2014/01/30 19:54:53 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\simplitec
[2014/03/18 12:01:42 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\SimplyTech
[2014/03/05 13:09:11 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\TuneUp Software
[2013/12/09 08:12:26 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Windows Net Data
[2014/02/18 07:21:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Ableton
[2008/11/02 15:22:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/03/25 11:19:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Azureus
[2013/06/07 15:48:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2011/06/30 06:20:19 | 000,000,000 | ---D | M] -- C:\ProgramData\BVRP Software
[2014/03/05 13:05:46 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2013/12/09 08:13:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Conduit
[2011/09/04 07:26:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Degener
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/11/02 15:22:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009/11/15 14:28:15 | 000,000,000 | ---D | M] -- C:\ProgramData\DriverCure
[2012/02/13 17:41:14 | 000,000,000 | -HSD | M] -- C:\ProgramData\DSS
[2011/06/29 07:12:15 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core
[2013/06/06 09:58:08 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Logs
[2013/06/05 18:42:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2011/06/30 06:16:45 | 000,000,000 | ---D | M] -- C:\ProgramData\eMule
[2013/05/03 11:55:53 | 000,000,000 | ---D | M] -- C:\ProgramData\EPSON
[2008/11/02 15:22:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/01/27 05:32:45 | 000,000,000 | ---D | M] -- C:\ProgramData\fsc
[2010/11/09 14:47:13 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2014/03/16 12:34:39 | 000,000,000 | ---D | M] -- C:\ProgramData\IePluginService
[2009/01/27 06:24:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexmark 2600 Series
[2014/01/30 19:52:43 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2014/03/16 13:57:05 | 000,000,000 | ---D | M] -- C:\ProgramData\MovieMode
[2010/02/20 11:22:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Netzmanager
[2013/12/23 15:27:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2013/12/06 18:30:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin
[2009/11/09 08:46:30 | 000,000,000 | ---D | M] -- C:\ProgramData\ParetoLogic
[2010/02/04 08:28:00 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2014/03/18 11:25:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Registry Helper
[2011/07/01 12:18:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2014/01/30 19:54:53 | 000,000,000 | ---D | M] -- C:\ProgramData\simplitec
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/11/02 15:22:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2010/02/03 07:47:26 | 000,000,000 | ---D | M] -- C:\ProgramData\T-Home
[2010/02/01 07:54:11 | 000,000,000 | ---D | M] -- C:\ProgramData\T-Online
[2013/02/01 17:08:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Tarma Installer
[2014/03/16 13:55:02 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/07/05 12:17:27 | 000,000,000 | ---D | M] -- C:\ProgramData\ThumbnailCache4R
[2014/03/08 13:09:59 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2013/05/03 10:54:32 | 000,000,000 | ---D | M] -- C:\ProgramData\UDL
[2008/11/02 15:22:00 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/11/16 16:51:21 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2014/03/16 12:34:29 | 000,000,000 | ---D | M] -- C:\ProgramData\WPM
[2008/11/02 15:30:00 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2010/02/01 09:44:55 | 000,000,000 | -H-D | M] -- C:\ProgramData\{B2EE6530-D038-4C90-9039-001247EB238A}
[2014/03/05 13:05:47 | 000,000,000 | -HSD | M] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014/03/18 11:21:03 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\APSnotifierPP1.job
[2014/03/18 11:21:03 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\APSnotifierPP2.job
[2014/03/18 11:21:03 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\APSnotifierPP3.job
[2014/03/27 13:58:01 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
[2014/03/27 13:59:34 | 000,003,068 | ---- | M] () -- C:\Windows\Tasks\HQTotalS-chromeinstaller.job
[2014/03/27 13:58:01 | 000,001,440 | ---- | M] () -- C:\Windows\Tasks\HQTotalS-codedownloader.job
[2014/03/27 13:59:32 | 000,001,340 | ---- | M] () -- C:\Windows\Tasks\HQTotalS-enabler.job
[2014/03/27 13:59:34 | 000,002,502 | ---- | M] () -- C:\Windows\Tasks\HQTotalS-firefoxinstaller.job
[2014/03/27 13:59:32 | 000,001,478 | ---- | M] () -- C:\Windows\Tasks\HQTotalS-updater.job
[2014/03/27 13:58:14 | 000,003,088 | ---- | M] () -- C:\Windows\Tasks\media enhance-chromeinstaller.job
[2014/03/27 13:58:01 | 000,001,526 | ---- | M] () -- C:\Windows\Tasks\media enhance-codedownloader.job
[2014/03/27 13:59:32 | 000,001,426 | ---- | M] () -- C:\Windows\Tasks\media enhance-enabler.job
[2014/03/27 13:58:13 | 000,002,342 | ---- | M] () -- C:\Windows\Tasks\media enhance-firefoxinstaller.job
[2014/03/27 13:58:15 | 000,001,564 | ---- | M] () -- C:\Windows\Tasks\media enhance-updater.job
[2014/03/27 13:58:01 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\Re-markit Update.job
[2014/03/27 13:58:02 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\Re-markit_wd.job
[2014/03/24 10:58:30 | 000,032,516 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/03/27 14:00:22 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
[2014/03/27 13:58:03 | 000,000,260 | ---- | M] () -- C:\Windows\Tasks\SpeedUpMyPC Startup.job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013/09/28 14:06:23 | 098,442,955 | ---- | M] ()(C:\Windows\System32\????) -- C:\Windows\System32\⬹᭄—
[2013/09/28 14:06:23 | 098,442,955 | ---- | C] ()(C:\Windows\System32\????) -- C:\Windows\System32\⬹᭄—
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:AD022376
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:C25C9263
< End of report >
|
|
31.03.2014, 13:25
| #2 |
| /// the machine /// TB-Ausbilder    | Windows Vista: BKA Virus sperrt Bildschirm Hi,
__________________geht einer der Safe Modes?
__________________ |
|
31.03.2014, 13:56
| #3 |
| | Windows Vista: BKA Virus sperrt Bildschirm Nein.
__________________Egal in welchem Modus ich starte es kommt immer nach ein paar Sekunden der Sperrbildschirm... |
|
01.04.2014, 12:02
| #4 |
| /// the machine /// TB-Ausbilder | Windows Vista: BKA Virus sperrt BildschirmFixen mit OTL
Code:
ATTFilter :OTL
O4 - Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
[2014/03/27 13:58:31 | 095,027,928 | ---- | M] () -- C:\ProgramData\rj7gwl4a.bbr
[2014/03/24 07:02:54 | 000,000,876 | ---- | C] () -- C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk
[2014/03/24 06:51:38 | 000,000,876 | ---- | C] () -- C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk
[2014/03/24 06:51:27 | 095,027,928 | ---- | C] () -- C:\ProgramData\rj7gwl4a.bbr
[2014/03/24 06:51:17 | 000,151,552 | ---- | C] () -- C:\ProgramData\a4lwg7jr.gsa
:Commands
[emptytemp]
Rechner normal starten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.04.2014, 09:48
| #5 |
| | Windows Vista: BKA Virus sperrt BildschirmCode:
ATTFilter ========== OTL ==========
C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk moved successfully.
File move failed. X:\I386\SYSTEM32\RUNDLL32.EXE scheduled to be moved on reboot.
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk moved successfully.
File move failed. X:\I386\SYSTEM32\RUNDLL32.EXE scheduled to be moved on reboot.
C:\ProgramData\rj7gwl4a.bbr moved successfully.
File C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk not found.
File C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rj7gwl4a.lnk not found.
File C:\ProgramData\rj7gwl4a.bbr not found.
C:\ProgramData\a4lwg7jr.gsa moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 150634 bytes
->Flash cache emptied: 41620 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Laura
->Temp folder emptied: 411979168 bytes
->Temporary Internet Files folder emptied: 204217208 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 6851865 bytes
->Apple Safari cache emptied: 42852352 bytes
->Flash cache emptied: 42148 bytes
User: Lukas
->Temp folder emptied: 1563922741 bytes
->Temporary Internet Files folder emptied: 128579820 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 29798178 bytes
->Flash cache emptied: 43578 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 749568 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 551075962 bytes
Total Files Cleaned = 2,804.00 mb
OTLPE by OldTimer - Version 3.1.48.0 log created on 04022014_132335
|
|
03.04.2014, 08:23
| #6 |
| /// the machine /// TB-Ausbilder | Windows Vista: BKA Virus sperrt Bildschirm Startet der Rechner normal?
__________________ --> Windows Vista: BKA Virus sperrt Bildschirm |
|
03.04.2014, 11:38
| #7 |
| | Windows Vista: BKA Virus sperrt Bildschirm Ja der Rechner startet jetzt wieder ganz normal :-) |
|
04.04.2014, 09:25
| #8 |
| /// the machine /// TB-Ausbilder | Windows Vista: BKA Virus sperrt Bildschirm Ab jetzt im normalen Modus: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.04.2014, 10:28
| #9 |
| | Windows Vista: BKA Virus sperrt Bildschirm FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Lukas (administrator) on LAURA-PC on 04-04-2014 11:20:17
Running from C:\Users\Lukas\Downloads
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Elogsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Zanda.exe
(Norman ASA) C:\Program Files\Norman\npm\bin\nvoy.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Spigot, Inc.) C:\Program Files\Application Updater\ApplicationUpdater.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
() C:\Users\Lukas\AppData\Roaming\BupSystem\bup.exe
(Devguru Co., Ltd.) C:\Windows\system32\dgdersvc.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
() C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe
(GenTechnologies Apps, LLC) C:\ProgramData\MovieMode\MovieModeService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe
(Olivetti) C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
() C:\Windows\system32\PSIService.exe
() C:\Program Files\Re-markit-soft\Re-markit157.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(SafeApp Software, LLC) C:\Program Files\Registry Helper\RegistryHelperService.exe
(Iminent) C:\Program Files\Common Files\Umbrella\Umbrella.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
() C:\Program Files\Mega Browse\updateMegaBrowse.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
() C:\Program Files\Iminent\WinkHandler.exe
(Conduit) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(Norman ASA) C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE
(Norman ASA) C:\Program Files\Norman\Npm\bin\NJEEVES.EXE
() C:\Program Files\Iminent\WinkHandler.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
() C:\Program Files\Zapp\WConnectorDirect.exe
(GenTechnologies Apps, LLC) C:\ProgramData\MovieMode\MovieMode.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Zlh.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Google Inc.) C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
(Olivetti) C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Spigot, Inc.) C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(simplitec) C:\Program Files\simplitec\simplicheck\simplicheck.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avrestart.exe
() C:\Program Files\Mega Browse\bin\utilMegaBrowse.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
() C:\Program Files\V-bates\NMHClient.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Conduit Ltd.) C:\Users\Lukas\AppData\Local\NativeMessaging\CT3312329\1_0_0_10\TBMessagingHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Norman ZANDA] - C:\Program Files\Norman\Npm\Bin\ZLH.EXE [187504 2009-02-11] (Norman ASA)
HKLM\...\Run: [NPCTray] - C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD
HKLM\...\Run: [Google EULA Launcher] - c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [20480 2008-05-28] ( )
HKLM\...\Run: [FaxCenterServer] - C:\Program Files\Lexmark Fax Solutions\fm3032.exe [320168 2008-03-27] ()
HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe [707376 2006-06-30] (Microsoft Corporation)
HKLM\...\Run: [Google Quick Search Box] - C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [122368 2009-08-08] (Google Inc.)
HKLM\...\Run: [OlStatusMon] - C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe [106496 2006-07-26] (Olivetti)
HKLM\...\Run: [WinampAgent] - "D:\Program Files\Winamp\winampa.exe"
HKLM\...\Run: [Babylon Client] - C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Hercules DJ Series] - C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [509224 2009-10-23] (Hercules®)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [295512 2013-09-28] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Iminent] - C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
HKLM\...\Run: [IminentMessenger] - C:\Program Files\Iminent\Iminent.Messengers.exe
HKLM\...\Run: [] - [X]
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1393984 2014-03-17] (Spigot, Inc.)
HKLM\...\RunOnce: [SPUpdSentinel] - "C:\Program Files\Common Files\Umbrella\Umbrella_bkp.exe" -SERVICEARGS=c [2919232 2014-02-17] (Iminent)
HKU\.DEFAULT\...\Run: [fsc-reg] - c:\fsc-reg\fscreg.exe
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-08] (Google Inc.)
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [APISupport] - "C:\Windows\system32\Rundll32.exe" "C:\Users\Lukas\AppData\Local\Conduit\APISupport\APISupport.dll",DLLRunAPISupport <===== ATTENTION
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-03-03] (Conduit)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\meine software.lnk
ShortcutTarget: meine software.lnk -> C:\Program Files\T-Home\Meine Software\meine software.exe (Deutsche Telekom AG)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk
ShortcutTarget: StarOffice 8.lnk -> C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.iminent.com/?appId=FD270491-55E2-4573-9DA1-BD69265FE522
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2127E04A82F3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289&q={searchTerms}
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll No File
URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
URLSearchHook: HKLM - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
URLSearchHook: HKLM - appbarioDE 1 Toolbar - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
URLSearchHook: HKCU - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files\SearchMe Toolbar\IE\8.9\searchmeToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKCU - appbarioDE 1 Toolbar - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1394987567&from=tugs&uid=WDCXWD3200AAJS-07B4A0_WD-WMAT1159928999289&q={searchTerms}
SearchScopes: HKCU - DefaultScope {D6C1F3B0-F4A0-4A18-BA12-BB5F79FA8BF5} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312329&CUI=UN74140414544174294&UM=2
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=FD270491-55E2-4573-9DA1-BD69265FE522&ref=toolbox&q={searchTerms}
BHO: Zapp - {03b42da4-e052-423f-b1f4-98a5faae8111} - C:\Program Files\Zapp\IE\Zapp.dll (Simply Tech LTD.)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO: IEOptimizer - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files\SavingsBull\IEOptimizer.dll ()
BHO: media enhance - {11111111-1111-1111-1111-110411411150} - C:\Program Files\media enhance\media enhance-bho.dll (freeven)
BHO: HQTotalS - {11111111-1111-1111-1111-110511311172} - C:\Program Files\HQTotalS\HQTotalS-bho.dll (HQplustotalS)
BHO: iminent Helper Object - {112BA211-334C-4A90-90EC-2AD1CDAB287C} - C:\Program Files\IminentToolbar\1.8.28.3\bh\iminent.dll (Iminent)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: V-bates - {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} - C:\Program Files\V-bates\Extension32.dll ()
BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Mega Browse - {4e6cd411-ce62-4584-97ff-6afbcf6900af} - C:\Program Files\Mega Browse\MegaBrowsebho.dll (Mega Browse)
BHO: appbarioDE 1 Toolbar - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: XTTBPos00 Class - {7914D9F0-DD27-4260-9BC1-AE01834B77CA} - C:\Program Files\T-Online\T-Online_Toolbar_2\T-Online_Toolbar_2.0.dll (Deutsche Telekom AG)
BHO: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll No File
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files\SearchMe Toolbar\IE\8.9\searchmeToolbarIE.dll (Spigot, Inc.)
BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll No File
BHO: Free Games 135 - {C07DBF44-A0EE-4A65-A273-2E7E1ABFBEF4} - C:\Program Files\Free Games 135\ScriptHost.dll (Zula Games)
BHO: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll No File
Toolbar: HKLM - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - T-Online Toolbar 2.0 - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - C:\Program Files\T-Online\T-Online_Toolbar_2\T-Online_Toolbar_2.0.dll (Deutsche Telekom AG)
Toolbar: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuze.dll No File
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
Toolbar: HKLM - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
Toolbar: HKLM - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll No File
Toolbar: HKLM - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - appbarioDE 1 Toolbar - {66b103a7-d772-4fcd-ace4-16f79a9056e0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Iminent Toolbar - {1FAFD711-ABF9-4F6A-8130-5166C7371427} - C:\Program Files\IminentToolbar\1.8.28.3\iminentTlbr.dll (Iminent)
Toolbar: HKLM - Zapp - {03b42da4-e052-423f-b1f4-98a5faae8111} - C:\Program Files\Zapp\IE\Zapp.dll (Simply Tech LTD.)
Toolbar: HKLM - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files\SearchMe Toolbar\IE\8.9\searchmeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU - T-Online Toolbar 2.0 - {25F97EB4-1C02-45BA-BA0C-E67AACE64D4A} - C:\Program Files\T-Online\T-Online_Toolbar_2\T-Online_Toolbar_2.0.dll (Deutsche Telekom AG)
Toolbar: HKCU - DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
Toolbar: HKCU - softonic-de3 Toolbar - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKCU - appbarioDE 1 Toolbar - {66B103A7-D772-4FCD-ACE4-16F79A9056E0} - C:\Program Files\appbarioDE_1\prxtbappb.dll (Conduit Ltd.)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://start.iminent.com/?appId=FD270491-55E2-4573-9DA1-BD69265FE522
CHR DefaultSearchKeyword: start.iminent.com
CHR DefaultSearchProvider: StartWeb
CHR DefaultSearchURL: hxxp://start.iminent.com/?appId=FD270491-55E2-4573-9DA1-BD69265FE522&ref=toolbox&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Zapp) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdhkblnbddfcjjpkknjgjhhecciokdi [2014-03-24]
CHR Extension: (McAfee Security Scan+) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-05]
CHR Extension: (Protegere) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-03-18]
CHR Extension: (HQTotalS) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-03-18]
CHR Extension: (Free Games 135) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmoekfjgeamfnpnebcgikdbhlebgbaej [2013-12-09]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2013-12-09]
CHR Extension: (Domain Error Assistant) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2013-12-09]
CHR Extension: (RealDownloader) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-10-01]
CHR Extension: (media enhance) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-18]
CHR Extension: (V-bates) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-03-16]
CHR Extension: (Slick Savings) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2013-12-09]
CHR Extension: (SavingsBull) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb [2014-03-18]
CHR Extension: (Google Wallet) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-17]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-02-01]
CHR Extension: (Quick Start) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-03-18]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp [2013-12-09]
CHR Extension: (appbarioDE 1) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pickdmmkcajdddggmoaommkkoafandof [2013-12-09]
CHR HKLM\...\Chrome\Extension: [${CHROME_KEY}] - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibar.crx [2013-12-09]
CHR HKLM\...\Chrome\Extension: [ahdhkblnbddfcjjpkknjgjhhecciokdi] - C:\Program Files\Zapp\chrome\Zapp.crx [2014-03-18]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2014-03-18]
CHR HKLM\...\Chrome\Extension: [fmoekfjgeamfnpnebcgikdbhlebgbaej] - C:\Users\Lukas\AppData\Roaming\freegames135\freegames135.crx [2013-10-31]
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files\Iminent\Iminent.crx" [2013-08-14]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-16]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
CHR HKLM\...\Chrome\Extension: [pickdmmkcajdddggmoaommkkoafandof] - C:\Users\Lukas\AppData\Local\CRE\pickdmmkcajdddggmoaommkkoafandof.crx [2013-11-22]
CHR HKCU\...\Chrome\Extension: [pickdmmkcajdddggmoaommkkoafandof] - C:\Users\Lukas\AppData\Local\CRE\pickdmmkcajdddggmoaommkkoafandof.crx [2013-11-22]
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2014-03-17] (Spigot, Inc.)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-02-18] (Just Develop It)
R2 bupService; C:\Users\Lukas\AppData\Roaming\BupSystem\bup.exe [1005056 2014-03-18] ()
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] (Conduit)
R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [95568 2010-09-06] (Devguru Co., Ltd.)
R2 eLoggerSvc6; C:\Program Files\Norman\Npm\Bin\Elogsvc.exe [150584 2007-11-21] (Norman ASA)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [17408 2007-11-21] ()
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-02-26] (Cherished Technololgy LIMITED)
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe [546112 2014-01-27] ()
R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 MovieMode; C:\ProgramData\MovieMode\MovieMode.exe [151184 2014-02-11] (GenTechnologies Apps, LLC)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [9728 2009-05-04] (Deutsche Telekom AG)
R2 NewPlayerUpdaterService; C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-03-10] ()
R3 Norman NJeeves; C:\Program Files\Norman\Npm\bin\NJEEVES.EXE [203896 2008-05-13] (Norman ASA)
R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [408696 2009-02-25] (Norman ASA)
R3 NVCScheduler; C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE [154680 2007-09-18] (Norman ASA)
R2 NVOY; C:\Program Files\Norman\npm\bin\nvoy.exe [126008 2009-01-20] (Norman ASA)
R2 olMntrService; C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe [86016 2006-07-24] (Olivetti)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 Re-markit; C:\Program Files\Re-markit-soft\Re-markit157.exe [195072 2014-03-16] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Registry Helper Service; C:\Program Files\Registry Helper\RegistryHelperService.exe [84328 2014-01-26] (SafeApp Software, LLC)
R2 SProtection; C:\Program Files\Common Files\Umbrella\Umbrella.exe [2919232 2014-02-17] (Iminent)
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1740600 2013-08-30] (TuneUp Software)
R2 Update Mega Browse; C:\Program Files\Mega Browse\updateMegaBrowse.exe [348448 2014-03-24] ()
R2 Util Mega Browse; C:\Program Files\Mega Browse\bin\utilMegaBrowse.exe [350496 2014-04-04] ()
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [209408 2014-02-26] ()
R2 WinkHandler; C:\Program Files\Iminent\WinkHandler.exe [425792 2014-02-17] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-03-16] (Cherished Technololgy LIMITED)
S2 Winmgmt; C:\PROGRA~2\a4lwg7jr.gsa [X]
==================== Drivers (Whitelisted) ====================
S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [127488 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-09-06] ()
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [124416 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [148192 2008-07-18] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-07-29] (Avira GmbH)
R1 tStLib; C:\Windows\System32\drivers\tStLib.sys [55232 2014-03-24] (StdLib)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S3 usbsermpt; C:\Windows\System32\DRIVERS\usbsermpt.sys [22768 2008-11-03] (Microsoft Corporation)
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1965872 2006-06-30] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 PDNMp50; \??\C:\Windows\system32\drivers\PDNMp50.sys [X]
S3 PDNSp50; \??\C:\Windows\system32\drivers\PDNSp50.sys [X]
S3 RTL8187B; system32\DRIVERS\wg111v3.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-04 11:10 - 2014-04-04 11:16 - 00000310 _____ () C:\Users\Lukas\Downloads\Addition.txt
2014-04-04 11:09 - 2014-04-04 11:20 - 00035180 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-04-04 11:09 - 2014-04-04 11:09 - 00000000 ___DC () C:\FRST
2014-04-04 11:08 - 2014-04-04 11:08 - 01145856 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-04-04 10:52 - 2014-04-04 10:52 - 00442368 _____ () C:\Users\Lukas\Downloads\Java.exe
2014-04-02 19:23 - 2014-04-02 19:23 - 00000000 ___DC () C:\_OTL
2014-04-02 19:23 - 2011-07-13 04:55 - 02237440 ___RC (OldTimer Tools) C:\OTLPE.exe
2014-03-28 02:21 - 2014-03-31 20:28 - 00206594 ____C () C:\OTL.Txt
2014-03-28 02:21 - 2014-03-31 20:28 - 00041420 ____C () C:\Extras.Txt
2014-03-24 13:41 - 2014-03-24 13:41 - 00000000 __SHD () C:\found.000
2014-03-24 12:53 - 2014-03-24 12:53 - 00055232 _____ (StdLib) C:\Windows\system32\Drivers\tStLib.sys
2014-03-24 12:42 - 2014-03-24 12:46 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 2
2014-03-24 12:31 - 2014-03-24 12:37 - 00000000 ____D () C:\Users\Lukas\Desktop\The Best of The Irish Folk Festival Vol.2
2014-03-24 12:23 - 2014-03-24 12:23 - 00000000 ____D () C:\Program Files\SearchMe Toolbar
2014-03-24 12:23 - 2014-03-24 12:23 - 00000000 ____D () C:\Program Files\Application Updater
2014-03-18 19:10 - 2014-03-18 19:15 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 3
2014-03-18 18:02 - 2014-03-18 18:02 - 00000926 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-03-18 18:02 - 2014-03-18 18:02 - 00000000 ____D () C:\Program Files\Audiograbber
2014-03-18 18:01 - 2014-03-18 18:02 - 00000000 ____D () C:\Program Files\SavingsBull
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\SimplyTech
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\BupSystem
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\Zapp
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-03-18 18:01 - 2014-02-04 07:36 - 00033864 _____ () C:\Windows\Launcher.exe
2014-03-18 18:00 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Security System 2
2014-03-18 18:00 - 2014-03-18 18:00 - 00504616 _____ () C:\Users\Lukas\Downloads\ag_setup183se.exe
2014-03-18 17:55 - 2014-03-18 17:55 - 29401464 _____ (DVDVideoSoft Ltd. ) C:\Users\Lukas\Downloads\FreeAudioCDToMP3Converter1.3.12.1228.exe
2014-03-18 17:41 - 2014-03-18 18:12 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 1
2014-03-18 17:31 - 2014-03-18 17:31 - 00000000 ____D () C:\Users\Lukas\Desktop\Album
2014-03-18 17:24 - 2014-04-04 11:19 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MovieMode
2014-03-16 19:59 - 2014-03-18 17:21 - 00000368 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-16 19:59 - 2014-03-18 17:21 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-16 19:59 - 2014-03-18 17:21 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-16 19:58 - 2014-03-16 19:58 - 00000000 ____D () C:\Users\Laura\AppData\Local\MovieMode
2014-03-16 19:56 - 2014-04-04 10:56 - 00000282 _____ () C:\Windows\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
2014-03-16 19:56 - 2014-03-16 19:57 - 00000000 ____D () C:\ProgramData\MovieMode
2014-03-16 19:56 - 2014-03-16 19:56 - 00000045 ____C () C:\user.js
2014-03-16 19:56 - 2014-03-16 19:56 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\mysearchdial
2014-03-16 19:56 - 2014-03-16 19:56 - 00000000 ____D () C:\Program Files\V-bates
2014-03-16 19:56 - 2014-03-16 19:56 - 00000000 ____D () C:\Program Files\Mysearchdial
2014-03-16 19:35 - 2014-03-16 20:01 - 00000000 ____D () C:\Users\Laura\Downloads\Album
2014-03-16 19:02 - 2014-03-16 19:02 - 00000000 ____D () C:\Users\Laura\Documents\PC Speed Maximizer
2014-03-16 19:02 - 2014-03-16 19:02 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\PC Speed Maximizer
2014-03-16 19:00 - 2014-03-16 19:00 - 00000000 ____D () C:\Users\Laura\AppData\Local\Tuguu_SL
2014-03-16 18:58 - 2014-03-18 17:25 - 00000000 ____D () C:\ProgramData\Registry Helper
2014-03-16 18:58 - 2014-03-16 18:58 - 00000000 ____D () C:\Program Files\Registry Helper
2014-03-16 18:57 - 2014-03-24 12:55 - 00000000 ____D () C:\Program Files\Mega Browse
2014-03-16 18:57 - 2014-03-16 18:58 - 00000000 ____D () C:\Program Files\BringStar
2014-03-16 18:57 - 2014-03-16 18:57 - 00000920 _____ () C:\Users\Laura\Desktop\PC Speed Maximizer.lnk
2014-03-16 18:57 - 2014-03-16 18:57 - 00000000 ____D () C:\Program Files\PC Speed Maximizer
2014-03-16 18:57 - 2014-03-13 17:24 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\AnyProtectScannerSetup.exe
2014-03-16 18:42 - 2014-03-16 18:42 - 00001442 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.results
2014-03-16 18:39 - 2014-03-16 18:42 - 00000610 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.quick.results
2014-03-16 18:39 - 2014-03-16 18:42 - 00000161 _____ () C:\Users\Laura\AppData\Roaming\aps.uninstall.scan.results
2014-03-16 18:38 - 2014-04-04 11:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 18:38 - 2014-03-16 19:58 - 00000848 _____ () C:\Users\Laura\Desktop\AnyProtect.lnk
2014-03-16 18:38 - 2014-03-16 18:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-16 18:38 - 2014-03-16 18:38 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-03-16 18:37 - 2014-03-16 19:56 - 00000000 ____D () C:\Program Files\AnyProtectEx
2014-03-16 18:37 - 2014-03-16 18:37 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\nsi841B.tmp
2014-03-16 18:36 - 2014-03-16 18:36 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\VOPackage
2014-03-16 18:36 - 2014-03-16 18:36 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-03-16 18:34 - 2014-04-04 10:44 - 00001564 _____ () C:\Windows\Tasks\media enhance-updater.job
2014-03-16 18:34 - 2014-04-04 10:44 - 00001478 _____ () C:\Windows\Tasks\HQTotalS-updater.job
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\SupTab
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\Users\Laura\AppData\Local\newplayer
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\ProgramData\WPM
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\Program Files\SupTab
2014-03-16 18:33 - 2014-04-04 11:00 - 00000266 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-03-16 18:33 - 2014-04-04 10:44 - 00001526 _____ () C:\Windows\Tasks\media enhance-codedownloader.job
2014-03-16 18:33 - 2014-04-04 10:44 - 00001440 _____ () C:\Windows\Tasks\HQTotalS-codedownloader.job
2014-03-16 18:33 - 2014-04-04 10:44 - 00001426 _____ () C:\Windows\Tasks\media enhance-enabler.job
2014-03-16 18:33 - 2014-04-04 10:44 - 00001340 _____ () C:\Windows\Tasks\HQTotalS-enabler.job
2014-03-16 18:33 - 2014-04-04 10:44 - 00000260 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-03-16 18:33 - 2014-03-16 18:33 - 00000904 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-03-16 18:33 - 2014-03-16 18:33 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\awesomehp
2014-03-16 18:33 - 2014-03-16 18:33 - 00000000 ____D () C:\Program Files\NewPlayer
2014-03-16 18:32 - 2014-04-04 10:44 - 00003088 _____ () C:\Windows\Tasks\media enhance-chromeinstaller.job
2014-03-16 18:32 - 2014-04-04 10:44 - 00003068 _____ () C:\Windows\Tasks\HQTotalS-chromeinstaller.job
2014-03-16 18:32 - 2014-04-04 10:44 - 00002502 _____ () C:\Windows\Tasks\HQTotalS-firefoxinstaller.job
2014-03-16 18:32 - 2014-04-04 10:44 - 00002342 _____ () C:\Windows\Tasks\media enhance-firefoxinstaller.job
2014-03-16 18:32 - 2014-03-24 12:18 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-03-16 18:32 - 2014-03-16 18:34 - 00000000 ____D () C:\Program Files\media enhance
2014-03-16 18:32 - 2014-03-16 18:32 - 00001760 _____ () C:\Users\Laura\Desktop\Sync Folder.lnk
2014-03-16 18:32 - 2014-03-16 18:32 - 00000890 _____ () C:\Users\Laura\Desktop\MyPC Backup.lnk
2014-03-16 18:32 - 2014-03-16 18:32 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Uniblue
2014-03-16 18:32 - 2014-03-16 18:32 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-16 18:32 - 2014-03-16 18:32 - 00000000 ____D () C:\Program Files\Uniblue
2014-03-16 18:31 - 2014-04-04 10:44 - 00000368 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-03-16 18:31 - 2014-04-04 10:44 - 00000366 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-03-16 18:31 - 2014-03-16 18:34 - 00000000 ____D () C:\Program Files\HQTotalS
2014-03-16 18:31 - 2014-03-16 18:31 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-16 18:29 - 2014-03-16 18:29 - 00388960 _____ () C:\Users\Laura\Downloads\Setup.exe
2014-03-16 18:20 - 2014-03-16 18:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TuneUp Software
2014-03-07 17:32 - 2014-03-07 17:32 - 00000000 ____D () C:\Users\Lukas\Desktop\Filme
2014-03-06 18:09 - 2014-03-06 18:10 - 00000000 ___DC () C:\output
2014-03-06 18:08 - 2014-03-06 18:08 - 03432683 _____ (WAV To MP3 ) C:\Users\Lukas\Downloads\wav2mp3v21.exe
2014-03-06 18:08 - 2014-03-06 18:08 - 03432683 _____ (WAV To MP3 ) C:\Users\Lukas\Downloads\wav2mp3v21 (1).exe
2014-03-06 18:08 - 2014-03-06 18:08 - 00000550 _____ () C:\Users\Public\Desktop\WAV To MP3.lnk
2014-03-06 18:08 - 2014-03-06 18:08 - 00000000 ___DC () C:\WAV To MP3
2014-03-06 18:07 - 2014-03-06 18:07 - 00391656 _____ () C:\Users\Lukas\Downloads\Setup.exe
2014-03-05 19:09 - 2014-03-05 19:09 - 00001871 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-03-05 19:09 - 2014-03-05 19:09 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-03-05 19:09 - 2013-08-30 10:51 - 00036664 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-03-05 19:09 - 2013-08-30 10:51 - 00025400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-03-05 19:07 - 2014-03-05 19:09 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-03-05 19:06 - 2014-03-08 19:09 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-05 19:05 - 2014-03-05 19:05 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-05 19:03 - 2014-03-05 19:03 - 00002113 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-03-05 19:02 - 2014-03-18 17:56 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DVDVideoSoft
2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\OpenCandy
2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-03-05 19:00 - 2014-03-05 19:01 - 34377032 _____ (DVDVideoSoft Ltd. ) C:\Users\Lukas\Downloads\FreeYouTubeToMP3Converter-3.12.29.304.exe
==================== One Month Modified Files and Folders =======
2014-04-04 11:20 - 2014-04-04 11:09 - 00035180 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-04-04 11:19 - 2014-03-18 17:24 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MovieMode
2014-04-04 11:16 - 2014-04-04 11:10 - 00000310 _____ () C:\Users\Lukas\Downloads\Addition.txt
2014-04-04 11:16 - 2008-11-02 21:15 - 01793295 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 11:09 - 2014-04-04 11:09 - 00000000 ___DC () C:\FRST
2014-04-04 11:08 - 2014-04-04 11:08 - 01145856 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-04-04 11:04 - 2014-03-16 18:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-04 11:00 - 2014-03-16 18:33 - 00000266 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-04-04 10:56 - 2014-03-16 19:56 - 00000282 _____ () C:\Windows\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
2014-04-04 10:52 - 2014-04-04 10:52 - 00442368 _____ () C:\Users\Lukas\Downloads\Java.exe
2014-04-04 10:46 - 2014-02-18 13:10 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2014-04-04 10:44 - 2014-03-16 18:34 - 00001564 _____ () C:\Windows\Tasks\media enhance-updater.job
2014-04-04 10:44 - 2014-03-16 18:34 - 00001478 _____ () C:\Windows\Tasks\HQTotalS-updater.job
2014-04-04 10:44 - 2014-03-16 18:33 - 00001526 _____ () C:\Windows\Tasks\media enhance-codedownloader.job
2014-04-04 10:44 - 2014-03-16 18:33 - 00001440 _____ () C:\Windows\Tasks\HQTotalS-codedownloader.job
2014-04-04 10:44 - 2014-03-16 18:33 - 00001426 _____ () C:\Windows\Tasks\media enhance-enabler.job
2014-04-04 10:44 - 2014-03-16 18:33 - 00001340 _____ () C:\Windows\Tasks\HQTotalS-enabler.job
2014-04-04 10:44 - 2014-03-16 18:33 - 00000260 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-04-04 10:44 - 2014-03-16 18:32 - 00003088 _____ () C:\Windows\Tasks\media enhance-chromeinstaller.job
2014-04-04 10:44 - 2014-03-16 18:32 - 00003068 _____ () C:\Windows\Tasks\HQTotalS-chromeinstaller.job
2014-04-04 10:44 - 2014-03-16 18:32 - 00002502 _____ () C:\Windows\Tasks\HQTotalS-firefoxinstaller.job
2014-04-04 10:44 - 2014-03-16 18:32 - 00002342 _____ () C:\Windows\Tasks\media enhance-firefoxinstaller.job
2014-04-04 10:44 - 2014-03-16 18:31 - 00000368 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-04 10:44 - 2014-03-16 18:31 - 00000366 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-04 10:44 - 2010-02-03 12:14 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-04 10:42 - 2008-11-02 21:27 - 00000000 ____D () C:\Program Files\Norman
2014-04-04 10:42 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-04 10:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-04 10:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 16:35 - 2010-02-03 12:14 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-03 13:21 - 2006-11-02 15:01 - 00032516 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-03 13:12 - 2013-02-01 23:31 - 00017408 _____ () C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-02 19:23 - 2014-04-02 19:23 - 00000000 ___DC () C:\_OTL
2014-03-31 20:28 - 2014-03-28 02:21 - 00206594 ____C () C:\OTL.Txt
2014-03-31 20:28 - 2014-03-28 02:21 - 00041420 ____C () C:\Extras.Txt
2014-03-28 02:12 - 2013-02-01 23:24 - 00000000 ____D () C:\Users\Lukas
2014-03-28 02:12 - 2008-11-02 21:29 - 00000000 ____D () C:\Users\Laura
2014-03-24 13:41 - 2014-03-24 13:41 - 00000000 __SHD () C:\found.000
2014-03-24 12:55 - 2014-03-16 18:57 - 00000000 ____D () C:\Program Files\Mega Browse
2014-03-24 12:55 - 2008-01-21 04:47 - 00086260 _____ () C:\Windows\PFRO.log
2014-03-24 12:53 - 2014-03-24 12:53 - 00055232 _____ (StdLib) C:\Windows\system32\Drivers\tStLib.sys
2014-03-24 12:50 - 2008-01-21 09:16 - 01572690 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-24 12:46 - 2014-03-24 12:42 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 2
2014-03-24 12:37 - 2014-03-24 12:31 - 00000000 ____D () C:\Users\Lukas\Desktop\The Best of The Irish Folk Festival Vol.2
2014-03-24 12:23 - 2014-03-24 12:23 - 00000000 ____D () C:\Program Files\SearchMe Toolbar
2014-03-24 12:23 - 2014-03-24 12:23 - 00000000 ____D () C:\Program Files\Application Updater
2014-03-24 12:23 - 2013-12-09 14:12 - 00000000 ____D () C:\Program Files\Common Files\Spigot
2014-03-24 12:18 - 2014-03-16 18:32 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-03-18 19:15 - 2014-03-18 19:10 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 3
2014-03-18 18:12 - 2014-03-18 17:41 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 1
2014-03-18 18:02 - 2014-03-18 18:02 - 00000926 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-03-18 18:02 - 2014-03-18 18:02 - 00000000 ____D () C:\Program Files\Audiograbber
2014-03-18 18:02 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\SavingsBull
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\SimplyTech
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\BupSystem
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\Zapp
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\Level Quality Watcher
2014-03-18 18:01 - 2014-03-18 18:00 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Security System 2
2014-03-18 18:00 - 2014-03-18 18:00 - 00504616 _____ () C:\Users\Lukas\Downloads\ag_setup183se.exe
2014-03-18 17:56 - 2014-03-05 19:02 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DVDVideoSoft
2014-03-18 17:55 - 2014-03-18 17:55 - 29401464 _____ (DVDVideoSoft Ltd. ) C:\Users\Lukas\Downloads\FreeAudioCDToMP3Converter1.3.12.1228.exe
2014-03-18 17:31 - 2014-03-18 17:31 - 00000000 ____D () C:\Users\Lukas\Desktop\Album
2014-03-18 17:25 - 2014-03-16 18:58 - 00000000 ____D () C:\ProgramData\Registry Helper
2014-03-18 17:21 - 2014-03-16 19:59 - 00000368 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-18 17:21 - 2014-03-16 19:59 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-18 17:21 - 2014-03-16 19:59 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-16 20:01 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Laura\Downloads\Album
2014-03-16 19:58 - 2014-03-16 19:58 - 00000000 ____D () C:\Users\Laura\AppData\Local\MovieMode
2014-03-16 19:58 - 2014-03-16 18:38 - 00000848 _____ () C:\Users\Laura\Desktop\AnyProtect.lnk
2014-03-16 19:57 - 2014-03-16 19:56 - 00000000 ____D () C:\ProgramData\MovieMode
2014-03-16 19:56 - 2014-03-16 19:56 - 00000045 ____C () C:\user.js
2014-03-16 19:56 - 2014-03-16 19:56 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\mysearchdial
2014-03-16 19:56 - 2014-03-16 19:56 - 00000000 ____D () C:\Program Files\V-bates
2014-03-16 19:56 - 2014-03-16 19:56 - 00000000 ____D () C:\Program Files\Mysearchdial
2014-03-16 19:56 - 2014-03-16 18:37 - 00000000 ____D () C:\Program Files\AnyProtectEx
2014-03-16 19:02 - 2014-03-16 19:02 - 00000000 ____D () C:\Users\Laura\Documents\PC Speed Maximizer
2014-03-16 19:02 - 2014-03-16 19:02 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\PC Speed Maximizer
2014-03-16 19:00 - 2014-03-16 19:00 - 00000000 ____D () C:\Users\Laura\AppData\Local\Tuguu_SL
2014-03-16 18:58 - 2014-03-16 18:58 - 00000000 ____D () C:\Program Files\Registry Helper
2014-03-16 18:58 - 2014-03-16 18:57 - 00000000 ____D () C:\Program Files\BringStar
2014-03-16 18:57 - 2014-03-16 18:57 - 00000920 _____ () C:\Users\Laura\Desktop\PC Speed Maximizer.lnk
2014-03-16 18:57 - 2014-03-16 18:57 - 00000000 ____D () C:\Program Files\PC Speed Maximizer
2014-03-16 18:42 - 2014-03-16 18:42 - 00001442 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.results
2014-03-16 18:42 - 2014-03-16 18:39 - 00000610 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.quick.results
2014-03-16 18:42 - 2014-03-16 18:39 - 00000161 _____ () C:\Users\Laura\AppData\Roaming\aps.uninstall.scan.results
2014-03-16 18:38 - 2014-03-16 18:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-16 18:38 - 2014-03-16 18:38 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-03-16 18:38 - 2011-11-06 16:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-16 18:37 - 2014-03-16 18:37 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\nsi841B.tmp
2014-03-16 18:36 - 2014-03-16 18:36 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\VOPackage
2014-03-16 18:36 - 2014-03-16 18:36 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\SupTab
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\Users\Laura\AppData\Local\newplayer
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\ProgramData\WPM
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-16 18:34 - 2014-03-16 18:34 - 00000000 ____D () C:\Program Files\SupTab
2014-03-16 18:34 - 2014-03-16 18:32 - 00000000 ____D () C:\Program Files\media enhance
2014-03-16 18:34 - 2014-03-16 18:31 - 00000000 ____D () C:\Program Files\HQTotalS
2014-03-16 18:33 - 2014-03-16 18:33 - 00000904 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-03-16 18:33 - 2014-03-16 18:33 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\awesomehp
2014-03-16 18:33 - 2014-03-16 18:33 - 00000000 ____D () C:\Program Files\NewPlayer
2014-03-16 18:33 - 2009-01-27 13:46 - 00001135 _____ () C:\Users\Laura\Desktop\Internet Explorer.lnk
2014-03-16 18:33 - 2008-11-02 21:30 - 00001165 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 18:32 - 2014-03-16 18:32 - 00001760 _____ () C:\Users\Laura\Desktop\Sync Folder.lnk
2014-03-16 18:32 - 2014-03-16 18:32 - 00000890 _____ () C:\Users\Laura\Desktop\MyPC Backup.lnk
2014-03-16 18:32 - 2014-03-16 18:32 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Uniblue
2014-03-16 18:32 - 2014-03-16 18:32 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-16 18:32 - 2014-03-16 18:32 - 00000000 ____D () C:\Program Files\Uniblue
2014-03-16 18:31 - 2014-03-16 18:31 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-16 18:31 - 2011-06-30 12:20 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-16 18:30 - 2013-12-09 14:12 - 00000000 ____C () C:\END
2014-03-16 18:29 - 2014-03-16 18:29 - 00388960 _____ () C:\Users\Laura\Downloads\Setup.exe
2014-03-16 18:23 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-03-16 18:20 - 2014-03-16 18:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TuneUp Software
2014-03-16 18:17 - 2009-01-27 12:17 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\StarOffice8
2014-03-13 17:24 - 2014-03-16 18:57 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\AnyProtectScannerSetup.exe
2014-03-08 19:56 - 2014-01-11 20:26 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Audacity
2014-03-08 19:09 - 2014-03-05 19:06 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-07 17:32 - 2014-03-07 17:32 - 00000000 ____D () C:\Users\Lukas\Desktop\Filme
2014-03-06 18:10 - 2014-03-06 18:09 - 00000000 ___DC () C:\output
2014-03-06 18:08 - 2014-03-06 18:08 - 03432683 _____ (WAV To MP3 ) C:\Users\Lukas\Downloads\wav2mp3v21.exe
2014-03-06 18:08 - 2014-03-06 18:08 - 03432683 _____ (WAV To MP3 ) C:\Users\Lukas\Downloads\wav2mp3v21 (1).exe
2014-03-06 18:08 - 2014-03-06 18:08 - 00000550 _____ () C:\Users\Public\Desktop\WAV To MP3.lnk
2014-03-06 18:08 - 2014-03-06 18:08 - 00000000 ___DC () C:\WAV To MP3
2014-03-06 18:07 - 2014-03-06 18:07 - 00391656 _____ () C:\Users\Lukas\Downloads\Setup.exe
2014-03-05 19:09 - 2014-03-05 19:09 - 00001871 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-03-05 19:09 - 2014-03-05 19:09 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-03-05 19:09 - 2014-03-05 19:07 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-03-05 19:05 - 2014-03-05 19:05 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-03-05 19:03 - 2014-03-05 19:03 - 00002113 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-03-05 19:03 - 2013-12-09 14:13 - 00000000 ____D () C:\Program Files\SearchProtect
2014-03-05 19:03 - 2009-03-23 23:17 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\OpenCandy
2014-03-05 19:02 - 2014-03-05 19:02 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-03-05 19:01 - 2014-03-05 19:00 - 34377032 _____ (DVDVideoSoft Ltd. ) C:\Users\Lukas\Downloads\FreeYouTubeToMP3Converter-3.12.29.304.exe
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-04 10:51
==================== End Of Log ============================
--- --- --- Additon Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Lukas at 2014-04-04 11:20:43
Running from C:\Users\Lukas\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\{41042E28-CCA1-4147-869F-9E928B38F04C}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe® Photoshop® Album Starter Edition 3.2 (HKLM\...\Adobe® Photoshop® Album Starter Edition 3.2) (Version: 3.2.0 - hxxp://www.adobe.de)
Adobe® Photoshop® Album Starter Edition 3.2 (Version: 3.2.0 - Adobe Systems, Inc.) Hidden
AnyProtect (HKLM\...\AnyProtect) (Version: 1.0.0.0 - CMI Limited)
appbarioDE 1 Toolbar for IE (HKLM\...\IECT3312329) (Version: 6.17.2.8 - appbarioDE 1)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArmA Uninstall (HKLM\...\ArmA) (Version: - )
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ATI Catalyst Install Manager (HKLM\...\{B259E169-7EA0-9EAA-3415-5BBD274E1835}) (Version: 3.0.682.0 - ATI Technologies, Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audiograbber 1.83 SE (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
awesomehp uninstaller (HKLM\...\awesomehp uninstaller) (Version: - awesomehp) <==== ATTENTION
Babylon (HKLM\...\Babylon) (Version: - Babylon)
Babylon toolbar on IE (HKLM\...\BabylonToolbar) (Version: - ) <==== ATTENTION
Benutzerhandbuch - Grundlagen EPSON XP-302 303 305 306 Series (HKLM\...\EPSON XP-302 303 305 306 Series Bog) (Version: - )
Benutzerhandbuch EPSON XP-302 303 305 306 Series (HKLM\...\EPSON XP-302 303 305 306 Series Useg) (Version: - )
Catalyst Control Center - Branding (HKLM\...\{CBC82AAC-FEEE-4EC4-B118-1454A5ADBFE2}) (Version: 1.00.0000 - ATI)
Catalyst Control Center Core Implementation (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0624.2148.37100 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0624.2148.37100 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0624.2148.37100 - ATI) Hidden
CCC Help Danish (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help Dutch (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help English (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help Finnish (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help French (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help German (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help Italian (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help Japanese (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help Spanish (Version: 2008.0624.2147.37100 - ATI) Hidden
CCC Help Swedish (Version: 2008.0624.2147.37100 - ATI) Hidden
ccc-core-static (Version: 2008.0624.2148.37100 - Ihr Firmenname) Hidden
ccc-utility (Version: 2008.0624.2148.37100 - ATI) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Conduit Engine (HKLM\...\conduitEngine) (Version: - Conduit Ltd.) <==== ATTENTION
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Die Sims - Hokus Pokus (HKLM\...\{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}) (Version: - )
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die*Sims*Mittelalter (HKLM\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.5 - DivX, LLC)
DMUninstaller (HKLM\...\DMUninstaller) (Version: - ) <==== ATTENTION
Download Navigator (HKLM\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Druckerdeinstallation für EPSON SX100 Series (HKLM\...\EPSON SX100 Series) (Version: - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON XP-302 303 305 306 Series (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation)
DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: 6.3.3.3 - )
Epson Easy Photo Print 2 (HKLM\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON PhotoQuicker3.5 (HKLM\...\{65F5B7AF-3363-11D7-BB6B-00018021113F}) (Version: - )
EPSON PRINT Image Framer Tool2.1 (HKLM\...\{23B59ED4-C360-11D7-875B-0090CC005647}) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Web-To-Page (HKLM\...\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}) (Version: - )
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESC46 Referenzhandbuch (HKLM\...\ESC46 Referenzhandbuch) (Version: - )
Euro Truck Simulator 1.1 (HKLM\...\Euro Truck Simulator) (Version: 1.1 - )
Favorit (HKLM\...\dydsp) (Version: - )
FIFA 13 (HKLM\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FL Studio 11 (HKLM\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version: - )
Free Games 135 (HKLM\...\Free Games 135) (Version: 1.0.0.0 - Zula Games) <==== ATTENTION
Free YouTube to MP3 Converter version 3.12.29.304 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.29.304 - DVDVideoSoft Ltd.)
FSCLounge (HKLM\...\{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}) (Version: 1.0.0 - Fujitsu Siemens Computers)
Golden Records Schallplattenkonverter (HKLM\...\Golden) (Version: 2.02 - NCH Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google-Schnellsuchfeld (HKLM\...\Quick Search Box) (Version: 1.2.1151.245 - Google, Inc.)
Hercules DJ Products Series drivers (HKLM\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 4.HDJS.2009 - Hercules)
HQTotalS (HKLM\...\HQTotalS) (Version: 1.34.3.6 - HQplustotalS)
IePluginService12.27.0.3326 (HKLM\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line)
Iminent (HKLM\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION
Iminent Toolbar on IE and Chrome (HKLM\...\iminent) (Version: 1.8.28.3 - IminentToolbar) <==== ATTENTION
Incredibar Toolbar on IE and Chrome (HKLM\...\incredibar) (Version: - ) <==== ATTENTION
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lexmark Fax-Lösungen (HKLM\...\Lexmark Fax Solutions) (Version: - )
Lexmark Symbolleiste (HKLM\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.13.37.0 - )
Lexmark Tools for Office (HKLM\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.24.0.0 - )
Live 8.2 (HKLM\...\Live 8.2) (Version: - )
MAGIX Content und Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM\...\MAGIX_{4554434F-61A1-4346-BEF8-60810064B089}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker Techno Edition 3 5.0.0.2 (D) (HKLM\...\MAGIX Music Maker Techno Edition 3 D) (Version: 5.0.0.2 - MAGIX AG)
MAGIX Music Maker Techno Edition 5 (HKLM\...\MAGIX_{83533189-F4F8-44DE-866C-23037D09C6D5}) (Version: 19.0.5.57 - MAGIX AG)
MAGIX Music Maker Techno Edition 5 (Version: 19.0.5.57 - MAGIX AG) Hidden
MAGIX Music Maker Techno Edition 5 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
MAGIX Xtreme Foto Designer 6 6.0.19.0 (D) (HKLM\...\MAGIX Xtreme Foto Designer 6 D) (Version: 6.0.19.0 - MAGIX AG)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
media enhance (HKLM\...\media enhance) (Version: 1.34.3.6 - freeven)
Media Player Codec Pack 4.2.9 (HKLM\...\Media Player - Codec Pack) (Version: 4.2.9 - Media Player Codec Pack)
Mega Browse (HKLM\...\Mega Browse) (Version: 2014.03.15.013120 - Mega Browse)
Meine Software (HKLM\...\{048DB452-C8B0-4A8D-89AF-84A6B149E1EE}) (Version: 2.0.0 - T-Home)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2416447) (HKLM\...\M2416447) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XML Parser (Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Microsoft XML Parser (Version: 8.70.1104.04 - Microsoft Corporation) Hidden
MixPad Audiodatei-Mixer (HKLM\...\MixPad) (Version: 3.37 - NCH Software)
Movie Mode (HKLM\...\MovieMode) (Version: 2.6.63 - GenTechnologies Apps, LLC)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MY_WAY Plus (HKLM\...\{54301D6C-5DD8-40DC-BA3B-02181DEEF7DF}) (Version: 1.00.0225 - Olivetti S.p.A.)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Nero 8 Essentials (HKLM\...\{96AFCF8B-3C53-49A2-8456-E637021B1031}) (Version: 8.10.368 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Netzmanager (HKLM\...\Netzmanager) (Version: - Deutsche Telekom AG)
Netzmanager (Version: 1.01 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Netzwerkhandbuch EPSON XP-302 303 305 306 Series (HKLM\...\EPSON XP-302 303 305 306 Series Netg) (Version: - )
NewPlayer (HKLM\...\NewPlayer) (Version: v2.1.1.2 - TUGUU SL) <==== ATTENTION
Norman Security Suite (HKLM\...\{A36B158D-8E9D-4BD3-8BDA-4B5EDC9C2E8C}) (Version: 7.00.0000 - Norman ASA)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PC Speed Maximizer v3.2 (HKLM\...\PC Speed Maximizer_is1) (Version: 3.2 - Smart PC Solutions)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Protegere (HKLM\...\Protegere) (Version: - )
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Registry Helper (HKLM\...\Registry Helper) (Version: - SafeApp Software, LLC) <==== ATTENTION
Re-markit (HKLM\...\dd1903ed-c792-40ac-bf09-4daa274cacb4) (Version: - Re-markit Software) <==== ATTENTION
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
SavingsBull (Version: 1.0.0.0 - SavingsBull) Hidden <==== ATTENTION
Schreibmaschinenkurs (HKLM\...\{88B36349-D79B-4276-8291-4E7F0DE1A000}) (Version: 3.40 - )
Search Protect (HKLM\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
SearchMe Toolbar v8.9 (HKLM\...\{C8631977-3690-40AF-9279-A8A92922D293}) (Version: 8.9 - Spigot, Inc.) <==== ATTENTION
simplitec simplicheck (HKLM\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skins (Version: 2008.0624.2148.37100 - ATI) Hidden
softonic-de3 Toolbar (HKLM\...\softonic-de3 Toolbar) (Version: 6.3.3.3 - softonic-de3) <==== ATTENTION
SpeedUpMyPC (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.2.0 - Uniblue Systems Limited)
SpotIM 1.7 (HKLM\...\SpotIM_is1) (Version: - Nsasoft LLC.)
StarOffice 8 (HKLM\...\{4BC1CB2B-FDCE-4DB4-A557-BA8127569B0D}) (Version: 8.00.8945 - Sun Microsystems)
SupTab (HKLM\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
Switch Audiodatei-Konverter (HKLM\...\Switch) (Version: 4.53 - NCH Software)
SystemDiagnostics (HKLM\...\{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}) (Version: 2.01.0004 - Fujitsu Siemens Computers )
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
T-Online Toolbar 2.0 (HKLM\...\T-Online-Toolbar-2_is1) (Version: 2.0.6 (4) - Deutsche Telekom AG)
T-Online WLAN-Access Finder (HKLM\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version: - )
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities 2014) (Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B7873DF5-9E1C-45EE-8895-D29C6AE01202}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C20964A7-5181-45E5-9E82-72F5D400DEBF}) (Version: - Microsoft)
Update for Microsoft Office 2007 System (KB2539530) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{567103D1-96CD-4B76-93B9-2681A187DEFF}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 (KB980729) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
V-bates 2.0.0.438 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.438 - Wajamu) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Virtual DJ - Atomix Productions (HKLM\...\Virtual DJ - Atomix Productions) (Version: - )
Virtual DJ Home Edition - Atomix Productions (HKLM\...\Virtual DJ Home Edition - Atomix Productions) (Version: - )
VIS (HKLM\...\VIS) (Version: - ) <==== ATTENTION
VLC media player 0.9.6 (HKLM\...\VLC media player) (Version: 0.9.6 - VideoLAN Team)
VO Package (HKLM\...\VOPackage) (Version: 1.0.0.0 - )
WAV To MP3 V2 (HKLM\...\WAV To MP3_is1) (Version: - hxxp://www.WAVMP3.net)
WavePad Audio-Editor (HKLM\...\WavePad) (Version: 5.58 - NCH Software)
Windows-Treiberpaket - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0) (HKLM\...\E24870CB6AA1C3511635FF9020A3E9471287FBE7) (Version: 01/26/2008 2.6.0.0 - MobileTop)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WPM17.8.0.3442 (HKLM\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION
Zapp 5.7 (HKLM\...\{cee7b4eb-2ad9-4a83-9766-35fed9d982f8}_is1) (Version: 5.7 - SimplyTech LTD)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {034B8637-82C5-4DE7-BBF2-2856215B0288} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files\Zapp\WConnectorDirect.exe [2014-01-09] ()
Task: {0CDB67E9-80C0-453D-B6BF-11BEA5A3C5CA} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-02-19] (Uniblue Systems Limited)
Task: {150B67E4-819C-44BB-81A1-B6ED2FFA5859} - System32\Tasks\NCH Software\WavePadSevenDays => C:\Program Files\NCH Software\WavePad\WavePad.exe [2013-08-30] (NCH Software)
Task: {15296200-A3F1-47BE-82D2-123BDA280B37} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1760476117-1050406762-223748037-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {254A92BE-B1F1-448B-A058-CA38A43A777B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-03] (Google Inc.)
Task: {283A63DE-D7C1-4B16-917D-B6865B1DC4B7} - System32\Tasks\media enhance-chromeinstaller => C:\Program Files\media enhance\media enhance-chromeinstaller.exe [2014-03-16] (freeven)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3989AC32-9B20-4FAC-9247-F8055736216B} - System32\Tasks\media enhance-firefoxinstaller => C:\Program Files\media enhance\media enhance-firefoxinstaller.exe [2014-03-16] (freeven)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42854AE1-FF14-4E74-9D7A-C7847424FBE0} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-02-19] (Uniblue Systems Limited)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {48396D82-BBB0-4913-8F63-352EC306B68F} - System32\Tasks\APSnotifierPP3 => C:\Program Files\AnyProtectEx\AnyProtect.exe [2014-03-16] (AnyProtect by CMI) <==== ATTENTION
Task: {50E61175-F820-4F2A-B16A-F3D643415F31} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Laura => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-21] (Microsoft Corporation)
Task: {61027056-1DEF-4D4D-85EE-4F5351C35B5C} - System32\Tasks\HQTotalS-updater => C:\Program Files\HQTotalS\HQTotalS-updater.exe [2014-03-16] (HQplustotalS)
Task: {679EC3D0-98B0-47FD-9991-5B1A0400E6C8} - System32\Tasks\media enhance-enabler => C:\Program Files\media enhance\media enhance-enabler.exe [2014-03-16] (freeven) <==== ATTENTION
Task: {71338EE1-0E09-47C8-90AF-F5E105A4E2E5} - System32\Tasks\APSnotifierPP2 => C:\Program Files\AnyProtectEx\AnyProtect.exe [2014-03-16] (AnyProtect by CMI) <==== ATTENTION
Task: {72EC7E07-4FEB-4762-9E88-DEA22B740A01} - System32\Tasks\Re-markit_wd => C:\Program Files\Re-markit-soft\Re-markit_wd.exe [2014-03-16] () <==== ATTENTION
Task: {784B8AC1-617F-470F-8154-29C5B42ED80F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1760476117-1050406762-223748037-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {795434A3-48A3-4340-9924-FBD175710676} - System32\Tasks\Re-markit Update => C:\Program Files\Re-markit-soft\ReMar.exe [2014-03-16] () <==== ATTENTION
Task: {8406D315-05A1-4BE6-AE6A-DB9F7F9C8CA1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1760476117-1050406762-223748037-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {860ED50E-252D-4F4C-9CFB-8F509F56F49C} - System32\Tasks\APSnotifierPP1 => C:\Program Files\AnyProtectEx\AnyProtect.exe [2014-03-16] (AnyProtect by CMI) <==== ATTENTION
Task: {955D0035-EB1A-40AC-B887-2438369714D3} - System32\Tasks\media enhance-codedownloader => C:\Program Files\media enhance\media enhance-codedownloader.exe [2014-03-16] (freeven)
Task: {98E8D22D-7EF9-45B6-950E-D119111EC8B9} - System32\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9} => C:\Program Files\V-bates\PrefHelper.exe [2014-02-26] ()
Task: {A0C8EED0-5EAE-44A8-B49D-85FB13ADAD60} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1760476117-1050406762-223748037-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {A61C37B1-75C4-487E-B879-949869B04183} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-03] (Google Inc.)
Task: {AEDEDE35-0F1C-46F3-BDEA-4F260E0804C8} - System32\Tasks\NCH Software\GoldenSevenDays => C:\Program Files\NCH Software\Golden\Golden.exe [2013-09-21] (NCH Software)
Task: {B2BD5B52-0EBE-4A3A-87AE-C3E0C66BB5C9} - System32\Tasks\media enhance-updater => C:\Program Files\media enhance\media enhance-updater.exe [2014-03-16] (freeven)
Task: {BBD2959D-32E2-40DE-81B2-ACA394A45364} - System32\Tasks\HQTotalS-codedownloader => C:\Program Files\HQTotalS\HQTotalS-codedownloader.exe [2014-03-16] (HQplustotalS)
Task: {BCF683AD-3296-4E44-B041-0EE1E6AA1360} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16] (Adobe Systems Incorporated)
Task: {BE1D1C89-A4B4-4060-AE06-A818E3074BA2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1760476117-1050406762-223748037-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D140C43D-0379-42F2-8D82-7D6F9A53A32A} - System32\Tasks\HQTotalS-firefoxinstaller => C:\Program Files\HQTotalS\HQTotalS-firefoxinstaller.exe [2014-03-16] (HQplustotalS)
Task: {D42FDB3E-F8BE-4328-B1EC-718BA037FD5C} - System32\Tasks\NCH Software\SwitchSevenDays => C:\Program Files\NCH Software\Switch\Switch.exe [2013-09-27] (NCH Software)
Task: {DFFA74F8-E1FD-43C2-9B65-5744B70F8514} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1760476117-1050406762-223748037-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E0ED117A-7E79-4443-B312-F36E98301CA4} - System32\Tasks\HQTotalS-chromeinstaller => C:\Program Files\HQTotalS\HQTotalS-chromeinstaller.exe [2014-03-16] (HQplustotalS)
Task: {E3F341C7-0144-444F-BB30-227417E2171D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1760476117-1050406762-223748037-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E667B92C-21B5-4A52-BB0E-2AB491CC5706} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1760476117-1050406762-223748037-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E91E66D3-0CDD-4822-ABAA-93B35E9DFA2B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {F19D23D5-C262-4ED3-90CB-112469E80885} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: {F960FBE7-AEE4-4341-B39F-A5AB0852CF5D} - System32\Tasks\Browser Updater\Zapp Browser Updater => C:\Program Files\Zapp\tbupdater.exe
Task: {F9EA6063-307F-40CE-8316-AC2719602D66} - System32\Tasks\RNUpgradeHelperResumePrompt_Laura => C:\Users\Laura\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.00\rnupgagent.exe
Task: {FC949150-8B84-4A99-A77D-0BBFF3BA81CF} - System32\Tasks\HQTotalS-enabler => C:\Program Files\HQTotalS\HQTotalS-enabler.exe [2014-03-16] (HQplustotalS) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HQTotalS-chromeinstaller.job => C:\Program Files\HQTotalS\HQTotalS-chromeinstaller.exe
Task: C:\Windows\Tasks\HQTotalS-codedownloader.job => C:\Program Files\HQTotalS\HQTotalS-codedownloader.exe
Task: C:\Windows\Tasks\HQTotalS-enabler.job => C:\Program Files\HQTotalS\HQTotalS-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQTotalS-firefoxinstaller.job => C:\Program Files\HQTotalS\HQTotalS-firefoxinstaller.exe
Task: C:\Windows\Tasks\HQTotalS-updater.job => C:\Program Files\HQTotalS\HQTotalS-updater.exe
Task: C:\Windows\Tasks\media enhance-chromeinstaller.job => C:\Program Files\media enhance\media enhance-chromeinstaller.exe
Task: C:\Windows\Tasks\media enhance-codedownloader.job => C:\Program Files\media enhance\media enhance-codedownloader.exe
Task: C:\Windows\Tasks\media enhance-enabler.job => C:\Program Files\media enhance\media enhance-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\media enhance-firefoxinstaller.job => C:\Program Files\media enhance\media enhance-firefoxinstaller.exe
Task: C:\Windows\Tasks\media enhance-updater.job => C:\Program Files\media enhance\media enhance-updater.exe
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files\Re-markit-soft\ReMar.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files\Re-markit-soft\Re-markit_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe
==================== Loaded Modules (whitelisted) =============
2008-11-03 20:49 - 2007-11-01 16:29 - 00045056 _____ () C:\Windows\System32\LXF3PMON.DLL
2008-11-03 20:49 - 2007-08-27 19:44 - 00053248 _____ () C:\Windows\System32\LXF3OEM.DLL
2008-11-03 20:49 - 2007-11-01 16:24 - 00032768 _____ () C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
2008-11-03 20:49 - 2007-12-10 21:33 - 00012288 _____ () C:\Windows\System32\LXF3PMRC.DLL
2013-08-05 17:56 - 2013-07-29 21:13 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-02-18 15:32 - 2014-02-18 15:32 - 00904704 _____ () C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
2014-02-18 15:38 - 2014-02-18 15:38 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2014-03-18 18:01 - 2014-03-18 18:00 - 01005056 _____ () C:\Users\Lukas\AppData\Roaming\BupSystem\bup.exe
2014-03-18 18:01 - 2014-03-18 18:01 - 00374272 _____ () C:\Users\Lukas\AppData\Roaming\BupSystem\sub\default.dll
2013-06-06 08:05 - 2007-11-21 12:17 - 00017408 _____ () C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
2014-01-27 22:45 - 2014-01-27 22:45 - 00546112 _____ () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe
2014-03-10 16:39 - 2014-03-10 16:39 - 00011776 _____ () C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2014-03-16 18:31 - 2014-03-16 18:31 - 00195072 _____ () C:\Program Files\Re-markit-soft\Re-markit157.exe
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-08-30 10:51 - 2013-08-30 10:51 - 00501560 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2014-03-15 03:39 - 2014-03-24 12:53 - 00348448 _____ () C:\Program Files\Mega Browse\updateMegaBrowse.exe
2014-03-16 19:56 - 2014-02-26 16:31 - 00209408 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2014-02-18 13:10 - 2014-02-17 12:24 - 00425792 ____R () C:\Program Files\Iminent\WinkHandler.exe
2007-11-20 13:57 - 2007-11-20 13:57 - 00138368 _____ () C:\Program Files\Norman\npm\bin\NPTPIPX.DLL
2008-09-18 17:10 - 2008-06-24 22:13 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2014-03-18 18:01 - 2014-01-09 09:16 - 00034376 _____ () C:\Program Files\Zapp\WConnectorDirect.exe
2014-02-11 01:32 - 2014-02-11 01:32 - 01152656 _____ () C:\Windows\system32\MovieMode.48CA2AEFA22D.dll
2010-02-02 13:24 - 2011-12-05 14:59 - 00103424 _____ () C:\Program Files\Google\Quick Search Box\bin\1.2.1151.245\rlz.dll
2010-09-16 22:04 - 2011-07-29 01:08 - 01259376 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-03-16 19:58 - 2014-04-04 11:04 - 00350496 _____ () C:\Program Files\Mega Browse\bin\utilMegaBrowse.exe
2014-03-18 17:37 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-18 17:37 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-18 17:37 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-18 17:37 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-16 19:56 - 2014-02-26 16:32 - 00379392 _____ () C:\Program Files\V-bates\NMHClient.exe
2014-03-18 17:37 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\ProgramData\TEMP:C25C9263
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/04/2014 11:17:42 AM) (Source: Application Hang) (User: )
Description: Programm FRST.exe, Version 3.3.10.2 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: a58c
Anfangszeit: 01cf4fe67c9b33d5
Zeitpunkt der Beendigung: 6
Error: (04/04/2014 11:15:25 AM) (Source: Application Hang) (User: )
Description: Programm FRST.exe, Version 3.3.10.2 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: a334
Anfangszeit: 01cf4fe5807bd316
Zeitpunkt der Beendigung: 14
Error: (04/04/2014 11:13:18 AM) (Source: Application Hang) (User: )
Description: Programm McUicnt.exe, Version 5.9.2.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 98c
Anfangszeit: 01cf4fe24bc536a1
Zeitpunkt der Beendigung: 23
Error: (04/04/2014 10:51:08 AM) (Source: Application Hang) (User: )
Description: Programm ipmGui.exe, Version 14.0.2.220 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 1e44
Anfangszeit: 01cf4fe2660c0fa3
Zeitpunkt der Beendigung: 10942
Error: (04/04/2014 10:50:15 AM) (Source: NormanNPT) (User: )
Description: Norman Message [2014/04/04 10:50:13]
--------------------------------------------------------
Application: Norman Internet Update
Node address: 192.168.178.23
--------------------------------------------------------
Error message: Running scheduled - shall not start LicWiz
Error: (04/04/2014 10:42:48 AM) (Source: Registry Helper Service) (User: )
Description: Error: Service started
Error: (04/03/2014 01:21:32 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Re-markit157.exe, Version 1.157.0.0, Zeitstempel 0x5320316f, fehlerhaftes Modul kernel32.dll, Version 6.0.6001.18631, Zeitstempel 0x4da467f0, Ausnahmecode 0xe06d7363, Fehleroffset 0x00044503,
Prozess-ID 0xb84, Anwendungsstartzeit Re-markit157.exe0.
Error: (04/03/2014 01:21:25 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (04/03/2014 04:32:49 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (04/03/2014 04:32:46 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
System errors:
=============
Error: (04/04/2014 10:45:31 AM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (04/04/2014 10:44:00 AM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (04/04/2014 10:42:36 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (04/03/2014 00:44:13 PM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (04/03/2014 00:43:43 PM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (04/03/2014 04:33:17 PM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (04/03/2014 04:31:47 PM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error: (04/03/2014 04:30:35 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (04/03/2014 04:30:32 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 27.03.2014 um 19:00:27 unerwartet heruntergefahren.
Error: (03/27/2014 07:59:55 PM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-04-04 11:20:24.759
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:20:24.548
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:20:24.338
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:20:24.129
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:20:23.911
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:20:23.700
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:20:23.480
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:20:23.271
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:16:08.005
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-04 11:16:07.790
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 69%
Total physical RAM: 1790.58 MB
Available physical RAM: 553.37 MB
Total Pagefile: 3833.66 MB
Available Pagefile: 1560.33 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.12 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:97.74 GB) (Free:3.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:191.56 GB) (Free:179.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 5385A26E)
Partition 1: (Not Active) - (Size=9 GB) - (Type=27)
Partition 2: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=192 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
05.04.2014, 10:30
| #10 |
| /// the machine /// TB-Ausbilder | Windows Vista: BKA Virus sperrt Bildschirm Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.04.2014, 19:33
| #11 |
| | Windows Vista: BKA Virus sperrt Bildschirm Fixlog Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Lukas at 2014-04-05 13:03:46 Run:1
Running from C:\Users\Lukas\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
The system needed a reboot.
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 05.04.2014 13:19:24, SYSTEM, LAURA-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, Update, 05.04.2014 13:19:41, SYSTEM, LAURA-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.5.2, Update, 05.04.2014 13:19:54, SYSTEM, LAURA-PC, Manual, program, 2.0.0.1000, 2.0.1.1004, Update, 05.04.2014 13:20:35, SYSTEM, LAURA-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, Update, 05.04.2014 13:20:44, SYSTEM, LAURA-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.5.2, (end) Code:
ATTFilter # AdwCleaner v3.023 - Bericht erstellt am 05/04/2014 um 13:55:33
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzername : Lukas - LAURA-PC
# Gestartet von : C:\Users\Lukas\Desktop\adwcleaner3023.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : Application Updater
Dienst Gelöscht : BackupStack
Dienst Gelöscht : CltMngSvc
Dienst Gelöscht : IePluginService
Dienst Gelöscht : Level Quality Watcher
Dienst Gelöscht : MovieMode
Dienst Gelöscht : NewPlayerUpdaterService
Dienst Gelöscht : Registry Helper Service
Dienst Gelöscht : Re-markit
Dienst Gelöscht : SProtection
[#] Dienst Gelöscht : Update Mega Browse
[#] Dienst Gelöscht : Util Mega Browse
Dienst Gelöscht : Wpm
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\DriverCure
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\MovieMode
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\Registry Helper
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Helper
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue
Ordner Gelöscht : C:\Program Files\AnyProtectEx
Ordner Gelöscht : C:\Program Files\Application Updater
Ordner Gelöscht : C:\Program Files\BringStar
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\ConduitEngine
Ordner Gelöscht : C:\Program Files\DVDVideoSoftTB
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files\Iminent
Ordner Gelöscht : C:\Program Files\IminentToolbar
Ordner Gelöscht : C:\Program Files\Level Quality Watcher
Ordner Gelöscht : C:\Program Files\media enhance
Ordner Gelöscht : C:\Program Files\Mega Browse
Ordner Gelöscht : C:\Program Files\MyPC Backup
Ordner Gelöscht : C:\Program Files\Mysearchdial
Ordner Gelöscht : C:\Program Files\NewPlayer
Ordner Gelöscht : C:\Program Files\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files\Registry Helper
Ordner Gelöscht : C:\Program Files\SavingsBull
Ordner Gelöscht : C:\Program Files\SearchMe Toolbar
Ordner Gelöscht : C:\Program Files\SearchProtect
Ordner Gelöscht : C:\Program Files\simplitec
Ordner Gelöscht : C:\Program Files\softonic-de3
Ordner Gelöscht : C:\Program Files\uniblue
Ordner Gelöscht : C:\Program Files\v-bates
Ordner Gelöscht : C:\Program Files\HQTotalS
Ordner Gelöscht : C:\Program Files\media enhance
Ordner Gelöscht : C:\Program Files\appbarioDE_1
Ordner Gelöscht : C:\Program Files\Common Files\Spigot
Ordner Gelöscht : C:\Program Files\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\Installer\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Ordner Gelöscht : C:\Windows\system32\SearchProtect
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Laura\AppData\Local\MovieMode
Ordner Gelöscht : C:\Users\Laura\AppData\Local\NewPlayer
Ordner Gelöscht : C:\Users\Laura\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Tuguu_SL
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\Search Settings
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\softonic-de3
Ordner Gelöscht : C:\Users\Laura\AppData\LocalLow\Vuze_Remote
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Mysearchdial
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\uniblue
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Ordner Gelöscht : C:\Users\Laura\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\NativeMessaging
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\WhiteListing
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\Search Settings
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\softonic-de3
Ordner Gelöscht : C:\Users\Lukas\AppData\LocalLow\appbarioDE_1
Ordner Gelöscht : C:\Users\Lukas\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Lukas\AppData\Roaming\IminentToolbar
Ordner Gelöscht : C:\Users\Lukas\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Lukas\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Lukas\AppData\Roaming\SimplyTech
Ordner Gelöscht : C:\Users\Lukas\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm
[!] Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
[!] Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
Ordner Gelöscht : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pickdmmkcajdddggmoaommkkoafandof
Ordner Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pickdmmkcajdddggmoaommkkoafandof
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\NewPlayer.lnk
Datei Gelöscht : C:\Users\Public\Desktop\simplicheck.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
Datei Gelöscht : C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Laura\Desktop\AnyProtect.lnk
Datei Gelöscht : C:\Users\Laura\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Program Files\Mozilla Firefox\user.js
Datei Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_de.iminent.com_0.localstorage
Datei Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_de.iminent.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
Datei Gelöscht : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater
Datei Gelöscht : C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
Datei Gelöscht : C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
Datei Gelöscht : C:\Windows\Tasks\SpeedUpMyPC Startup.job
Datei Gelöscht : C:\Windows\System32\Tasks\SpeedUpMyPC Startup
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pickdmmkcajdddggmoaommkkoafandof
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pickdmmkcajdddggmoaommkkoafandof
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F960FBE7-AEE4-4341-B39F-A5AB0852CF5D}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CDB67E9-80C0-453D-B6BF-11BEA5A3C5CA}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CDB67E9-80C0-453D-B6BF-11BEA5A3C5CA}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42854AE1-FF14-4E74-9D7A-C7847424FBE0}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42854AE1-FF14-4E74-9D7A-C7847424FBE0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\.bdc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\.bgl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\.bof
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyDict
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyGloss
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyOptFile
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.Band
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.Band.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{67C71B35-A416-4A54-BD1D-15965A4FE41C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8B40BBFF-4BC7-447E-9B95-6943B8EDCC7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{042149D1-4E21-414B-8099-F5047DFE689C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C78AEB7A-143C-4659-AACB-B4EAE55747A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B40BBFF-4BC7-447E-9B95-6943B8EDCC7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042149D1-4E21-414B-8099-F5047DFE689C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8B40BBFF-4BC7-447E-9B95-6943B8EDCC7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{042149D1-4E21-414B-8099-F5047DFE689C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C78AEB7A-143C-4659-AACB-B4EAE55747A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{005abe5c-3967-4be4-900e-36f4ea332ca5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ffbd811e-7003-45ab-8283-3af1f8e7a367}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70b3bc5b-5f41-4c27-9019-0a83d25ef2c8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b205035b-75c4-4557-86ac-2f58f2db0e00}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88B32C84-6B30-41C0-AFC0-CB7B2586A79C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CCA5220-99EA-4417-BCFA-2D346D8FEBD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D2B7970-08AC-461B-AC64-60B1640EA563}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30A2F3C1-3F2A-4F3E-955F-0D070C02CA53}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC88EA11-FC36-442D-87C2-7189EB7BDC5E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C5E5D33-5998-43BC-A14B-B68AD1A55237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8F08E18-9DBE-494F-AA59-616865330BB3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Babylon
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\appbarioDE_1
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\softonic-de3
Schlüssel Gelöscht : HKLM\Software\Application Updater
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\conduitEngine
Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\incredibar.com
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\ParetoLogic
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\simplitec
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Tarma Installer
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\Software\appbarioDE_1
Schlüssel Gelöscht : HKLM\Software\softonic-de3
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\softonic-de3 Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62255E52F19EC97429A42D59D49024FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD04033484A18CA4CAB3EE59D39D756E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE7C2A75DF08824E9CEFDE20F655BD9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1708EDD6AB4EB164A86999D0AF0ABE1D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\1708EDD6AB4EB164A86999D0AF0ABE1D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\1708EDD6AB4EB164A86999D0AF0ABE1D
***** [ Browser ] *****
-\\ Internet Explorer v8.0.6001.19088
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Google Chrome v33.0.1750.154
[ Datei : C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : search_url
Gelöscht : keyword
Gelöscht : homepage
[ Datei : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : keyword
*************************
AdwCleaner[R0].txt - [65570 octets] - [05/04/2014 13:53:36]
AdwCleaner[S0].txt - [39221 octets] - [05/04/2014 13:55:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39282 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Lukas on 05.04.2014 at 17:47:02,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Users\Lukas\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Lukas\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage-journal"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Lukas\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Lukas\appdata\local\downloadguide"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.04.2014 at 20:21:38,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Lukas (administrator) on LAURA-PC on 05-04-2014 20:24:51
Running from C:\Users\Lukas\Downloads
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Elogsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Zanda.exe
(Norman ASA) C:\Program Files\Norman\npm\bin\nvoy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Users\Lukas\AppData\Roaming\BupSystem\bup.exe
(Devguru Co., Ltd.) C:\Windows\system32\dgdersvc.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
() C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Olivetti) C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
() C:\Windows\system32\PSIService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
() C:\Program Files\Zapp\WConnectorDirect.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Zlh.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Google Inc.) C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
(Olivetti) C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Norman ASA) C:\Program Files\Norman\Npm\bin\NJEEVES.EXE
(Norman ASA) C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Norman ZANDA] - C:\Program Files\Norman\Npm\Bin\ZLH.EXE [187504 2009-02-11] (Norman ASA)
HKLM\...\Run: [NPCTray] - C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD
HKLM\...\Run: [Google EULA Launcher] - c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [20480 2008-05-28] ( )
HKLM\...\Run: [FaxCenterServer] - C:\Program Files\Lexmark Fax Solutions\fm3032.exe [320168 2008-03-27] ()
HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe [707376 2006-06-30] (Microsoft Corporation)
HKLM\...\Run: [Google Quick Search Box] - C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [122368 2009-08-08] (Google Inc.)
HKLM\...\Run: [OlStatusMon] - C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe [106496 2006-07-26] (Olivetti)
HKLM\...\Run: [WinampAgent] - "D:\Program Files\Winamp\winampa.exe"
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Hercules DJ Series] - C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [509224 2009-10-23] (Hercules®)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-28] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [X]
HKU\.DEFAULT\...\Run: [fsc-reg] - c:\fsc-reg\fscreg.exe
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-08] (Google Inc.)
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\meine software.lnk
ShortcutTarget: meine software.lnk -> C:\Program Files\T-Home\Meine Software\meine software.exe (Deutsche Telekom AG)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk
ShortcutTarget: StarOffice 8.lnk -> C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2127E04A82F3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Zapp - {03b42da4-e052-423f-b1f4-98a5faae8111} - C:\Program Files\Zapp\IE\Zapp.dll (Simply Tech LTD.)
BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Zapp - {03b42da4-e052-423f-b1f4-98a5faae8111} - C:\Program Files\Zapp\IE\Zapp.dll (Simply Tech LTD.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR DefaultSearchKeyword: start.iminent.com
CHR DefaultSearchProvider: StartWeb
CHR DefaultSearchURL: hxxp://start.iminent.com/?appId=FD270491-55E2-4573-9DA1-BD69265FE522&ref=toolbox&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Zapp) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdhkblnbddfcjjpkknjgjhhecciokdi [2014-03-24]
CHR Extension: (Protegere) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-03-18]
CHR Extension: (HQTotalS) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-03-18]
CHR Extension: (RealDownloader) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-10-01]
CHR Extension: (V-bates) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-03-16]
CHR Extension: (SavingsBull) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb [2014-03-18]
CHR Extension: (Google Wallet) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-17]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-02-01]
CHR HKLM\...\Chrome\Extension: [${CHROME_KEY}] - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibar.crx [2013-02-01]
CHR HKLM\...\Chrome\Extension: [ahdhkblnbddfcjjpkknjgjhhecciokdi] - C:\Program Files\Zapp\chrome\Zapp.crx [2014-03-18]
CHR HKLM\...\Chrome\Extension: [fmoekfjgeamfnpnebcgikdbhlebgbaej] - C:\Users\Lukas\AppData\Roaming\freegames135\freegames135.crx [2014-03-18]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 bupService; C:\Users\Lukas\AppData\Roaming\BupSystem\bup.exe [1005056 2014-03-18] ()
R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [95568 2010-09-06] (Devguru Co., Ltd.)
R2 eLoggerSvc6; C:\Program Files\Norman\Npm\Bin\Elogsvc.exe [150584 2007-11-21] (Norman ASA)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [17408 2007-11-21] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [9728 2009-05-04] (Deutsche Telekom AG)
R3 Norman NJeeves; C:\Program Files\Norman\Npm\bin\NJEEVES.EXE [203896 2008-05-13] (Norman ASA)
R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [408696 2009-02-25] (Norman ASA)
R3 NVCScheduler; C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE [154680 2007-09-18] (Norman ASA)
R2 NVOY; C:\Program Files\Norman\npm\bin\nvoy.exe [126008 2009-01-20] (Norman ASA)
R2 olMntrService; C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe [86016 2006-07-24] (Olivetti)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1740600 2013-08-30] (TuneUp Software)
S2 Winmgmt; C:\PROGRA~2\a4lwg7jr.gsa [X]
==================== Drivers (Whitelisted) ====================
S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [127488 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-09-06] ()
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [124416 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [107736 2014-04-05] (Malwarebytes Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [148192 2008-07-18] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-07-29] (Avira GmbH)
R1 tStLib; C:\Windows\System32\drivers\tStLib.sys [55232 2014-03-24] (StdLib)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S3 usbsermpt; C:\Windows\System32\DRIVERS\usbsermpt.sys [22768 2008-11-03] (Microsoft Corporation)
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1965872 2006-06-30] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 PDNMp50; \??\C:\Windows\system32\drivers\PDNMp50.sys [X]
S3 PDNSp50; \??\C:\Windows\system32\drivers\PDNSp50.sys [X]
S3 RTL8187B; system32\DRIVERS\wg111v3.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-05 20:22 - 2014-04-05 20:21 - 00001396 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-04-05 14:27 - 2014-04-05 14:27 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 14:26 - 2014-04-05 14:26 - 01038974 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT-613.exe
2014-04-05 14:24 - 2014-04-05 14:24 - 01038974 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-04-05 14:20 - 2014-04-05 14:20 - 00674504 _____ () C:\Users\Lukas\Downloads\Junkware-Removal-Tool_Setup_Download.exe
2014-04-05 14:05 - 2014-04-05 14:05 - 00039363 _____ () C:\Users\Lukas\Desktop\AdwCleaner[S0].txt
2014-04-05 13:52 - 2014-04-05 13:57 - 00000000 ___DC () C:\AdwCleaner
2014-04-05 13:52 - 2014-04-05 13:51 - 01426178 _____ () C:\Users\Lukas\Desktop\adwcleaner3023.exe
2014-04-05 13:51 - 2014-04-05 13:51 - 01426178 _____ () C:\Users\Lukas\Downloads\adwcleaner3023.exe
2014-04-05 13:49 - 2014-04-05 13:49 - 00000550 _____ () C:\Users\Lukas\Desktop\mbam.txt
2014-04-05 13:15 - 2014-04-05 13:20 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 13:15 - 2014-04-05 13:20 - 00000905 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-05 13:15 - 2014-04-05 13:20 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-04-05 13:15 - 2014-04-05 13:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-05 13:15 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 13:15 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-05 13:15 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-05 13:13 - 2014-04-05 13:13 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-04 11:30 - 2014-02-18 12:38 - 00000426 ____C () C:\AVScanner.ini
2014-04-04 11:10 - 2014-04-04 11:24 - 00046408 _____ () C:\Users\Lukas\Downloads\Addition.txt
2014-04-04 11:09 - 2014-04-05 20:24 - 00019063 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-04-04 11:09 - 2014-04-05 20:24 - 00000000 ___DC () C:\FRST
2014-04-04 11:08 - 2014-04-04 11:08 - 01145856 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-04-02 19:23 - 2014-04-02 19:23 - 00000000 ___DC () C:\_OTL
2014-04-02 19:23 - 2011-07-13 04:55 - 02237440 ___RC (OldTimer Tools) C:\OTLPE.exe
2014-03-28 02:21 - 2014-03-31 20:28 - 00206594 ____C () C:\OTL.Txt
2014-03-28 02:21 - 2014-03-31 20:28 - 00041420 ____C () C:\Extras.Txt
2014-03-24 13:41 - 2014-03-24 13:41 - 00000000 __SHD () C:\found.000
2014-03-24 12:53 - 2014-03-24 12:53 - 00055232 _____ (StdLib) C:\Windows\system32\Drivers\tStLib.sys
2014-03-24 12:42 - 2014-03-24 12:46 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 2
2014-03-24 12:31 - 2014-03-24 12:37 - 00000000 ____D () C:\Users\Lukas\Desktop\The Best of The Irish Folk Festival Vol.2
2014-03-18 19:10 - 2014-03-18 19:15 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 3
2014-03-18 18:02 - 2014-03-18 18:02 - 00000926 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-03-18 18:02 - 2014-03-18 18:02 - 00000000 ____D () C:\Program Files\Audiograbber
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\BupSystem
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\Zapp
2014-03-18 18:01 - 2014-02-04 07:36 - 00033864 _____ () C:\Windows\Launcher.exe
2014-03-18 18:00 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Security System 2
2014-03-18 17:55 - 2014-03-18 17:55 - 29401464 _____ (DVDVideoSoft Ltd. ) C:\Users\Lukas\Downloads\FreeAudioCDToMP3Converter1.3.12.1228.exe
2014-03-18 17:41 - 2014-03-18 18:12 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 1
2014-03-18 17:31 - 2014-03-18 17:31 - 00000000 ____D () C:\Users\Lukas\Desktop\Album
2014-03-16 19:59 - 2014-03-18 17:21 - 00000368 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-16 19:59 - 2014-03-18 17:21 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-16 19:59 - 2014-03-18 17:21 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-16 19:56 - 2014-04-05 19:56 - 00000282 _____ () C:\Windows\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
2014-03-16 19:56 - 2014-03-16 19:56 - 00000045 ____C () C:\user.js
2014-03-16 19:35 - 2014-03-16 20:01 - 00000000 ____D () C:\Users\Laura\Downloads\Album
2014-03-16 18:57 - 2014-03-16 18:57 - 00000920 _____ () C:\Users\Laura\Desktop\PC Speed Maximizer.lnk
2014-03-16 18:57 - 2014-03-13 17:24 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\AnyProtectScannerSetup.exe
2014-03-16 18:42 - 2014-03-16 18:42 - 00001442 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.results
2014-03-16 18:39 - 2014-03-16 18:42 - 00000610 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.quick.results
2014-03-16 18:39 - 2014-03-16 18:42 - 00000161 _____ () C:\Users\Laura\AppData\Roaming\aps.uninstall.scan.results
2014-03-16 18:38 - 2014-04-05 20:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 18:38 - 2014-03-16 18:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-16 18:37 - 2014-03-16 18:37 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\nsi841B.tmp
2014-03-16 18:32 - 2014-04-05 13:54 - 00000000 ____D () C:\Program Files\media enhance
2014-03-16 18:32 - 2014-03-16 18:32 - 00001760 _____ () C:\Users\Laura\Desktop\Sync Folder.lnk
2014-03-16 18:31 - 2014-04-05 14:22 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-16 18:31 - 2014-04-05 13:54 - 00000000 ____D () C:\Program Files\HQTotalS
2014-03-16 18:20 - 2014-03-16 18:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TuneUp Software
2014-03-07 17:32 - 2014-03-07 17:32 - 00000000 ____D () C:\Users\Lukas\Desktop\Filme
2014-03-06 18:09 - 2014-04-04 13:02 - 00000000 ___DC () C:\output
2014-03-06 18:08 - 2014-03-06 18:08 - 03432683 _____ (WAV To MP3 ) C:\Users\Lukas\Downloads\wav2mp3v21.exe
2014-03-06 18:08 - 2014-03-06 18:08 - 03432683 _____ (WAV To MP3 ) C:\Users\Lukas\Downloads\wav2mp3v21 (1).exe
2014-03-06 18:08 - 2014-03-06 18:08 - 00000550 _____ () C:\Users\Public\Desktop\WAV To MP3.lnk
2014-03-06 18:08 - 2014-03-06 18:08 - 00000000 ___DC () C:\WAV To MP3
==================== One Month Modified Files and Folders =======
2014-04-05 20:25 - 2014-04-04 11:09 - 00019063 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-04-05 20:24 - 2014-04-04 11:09 - 00000000 ___DC () C:\FRST
2014-04-05 20:21 - 2014-04-05 20:22 - 00001396 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-04-05 20:04 - 2014-03-16 18:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-05 19:56 - 2014-03-16 19:56 - 00000282 _____ () C:\Windows\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
2014-04-05 19:37 - 2008-11-02 21:15 - 01856788 _____ () C:\Windows\WindowsUpdate.log
2014-04-05 19:35 - 2010-02-03 12:14 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-05 19:34 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-05 19:34 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 18:52 - 2013-08-31 20:59 - 00014213 _____ () C:\Windows\setupact.log
2014-04-05 17:35 - 2010-02-03 12:14 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-05 17:34 - 2008-11-02 21:27 - 00000000 ____D () C:\Program Files\Norman
2014-04-05 17:34 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-05 14:57 - 2006-11-02 15:01 - 00032516 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-05 14:27 - 2014-04-05 14:27 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 14:26 - 2014-04-05 14:26 - 01038974 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT-613.exe
2014-04-05 14:24 - 2014-04-05 14:24 - 01038974 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-04-05 14:22 - 2014-03-16 18:31 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-04-05 14:20 - 2014-04-05 14:20 - 00674504 _____ () C:\Users\Lukas\Downloads\Junkware-Removal-Tool_Setup_Download.exe
2014-04-05 14:05 - 2014-04-05 14:05 - 00039363 _____ () C:\Users\Lukas\Desktop\AdwCleaner[S0].txt
2014-04-05 13:57 - 2014-04-05 13:52 - 00000000 ___DC () C:\AdwCleaner
2014-04-05 13:57 - 2012-01-22 18:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-05 13:54 - 2014-03-16 18:32 - 00000000 ____D () C:\Program Files\media enhance
2014-04-05 13:54 - 2014-03-16 18:31 - 00000000 ____D () C:\Program Files\HQTotalS
2014-04-05 13:54 - 2013-12-09 14:14 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\freegames135
2014-04-05 13:54 - 2013-12-09 14:14 - 00000000 ____D () C:\Program Files\Free Games 135
2014-04-05 13:51 - 2014-04-05 13:52 - 01426178 _____ () C:\Users\Lukas\Desktop\adwcleaner3023.exe
2014-04-05 13:51 - 2014-04-05 13:51 - 01426178 _____ () C:\Users\Lukas\Downloads\adwcleaner3023.exe
2014-04-05 13:49 - 2014-04-05 13:49 - 00000550 _____ () C:\Users\Lukas\Desktop\mbam.txt
2014-04-05 13:20 - 2014-04-05 13:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 13:20 - 2014-04-05 13:15 - 00000905 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-05 13:20 - 2014-04-05 13:15 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-04-05 13:15 - 2014-04-05 13:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-05 13:13 - 2014-04-05 13:13 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-05 13:07 - 2011-06-30 12:20 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-05 13:03 - 2006-11-02 13:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-05 12:54 - 2008-01-21 04:47 - 00087182 _____ () C:\Windows\PFRO.log
2014-04-04 13:02 - 2014-03-06 18:09 - 00000000 ___DC () C:\output
2014-04-04 11:24 - 2014-04-04 11:10 - 00046408 _____ () C:\Users\Lukas\Downloads\Addition.txt
2014-04-04 11:08 - 2014-04-04 11:08 - 01145856 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-04-03 13:12 - 2013-02-01 23:31 - 00017408 _____ () C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 09:51 - 2014-04-05 13:15 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-05 13:15 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-05 13:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 19:23 - 2014-04-02 19:23 - 00000000 ___DC () C:\_OTL
2014-03-31 20:28 - 2014-03-28 02:21 - 00206594 ____C () C:\OTL.Txt
2014-03-31 20:28 - 2014-03-28 02:21 - 00041420 ____C () C:\Extras.Txt
2014-03-28 02:12 - 2013-02-01 23:24 - 00000000 ____D () C:\Users\Lukas
2014-03-28 02:12 - 2008-11-02 21:29 - 00000000 ____D () C:\Users\Laura
2014-03-24 13:41 - 2014-03-24 13:41 - 00000000 __SHD () C:\found.000
2014-03-24 12:53 - 2014-03-24 12:53 - 00055232 _____ (StdLib) C:\Windows\system32\Drivers\tStLib.sys
2014-03-24 12:50 - 2008-01-21 09:16 - 01572690 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-24 12:46 - 2014-03-24 12:42 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 2
2014-03-24 12:37 - 2014-03-24 12:31 - 00000000 ____D () C:\Users\Lukas\Desktop\The Best of The Irish Folk Festival Vol.2
2014-03-18 19:15 - 2014-03-18 19:10 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 3
2014-03-18 18:12 - 2014-03-18 17:41 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 1
2014-03-18 18:02 - 2014-03-18 18:02 - 00000926 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-03-18 18:02 - 2014-03-18 18:02 - 00000000 ____D () C:\Program Files\Audiograbber
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\BupSystem
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\Zapp
2014-03-18 18:01 - 2014-03-18 18:00 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Security System 2
2014-03-18 17:56 - 2014-03-05 19:02 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DVDVideoSoft
2014-03-18 17:55 - 2014-03-18 17:55 - 29401464 _____ (DVDVideoSoft Ltd. ) C:\Users\Lukas\Downloads\FreeAudioCDToMP3Converter1.3.12.1228.exe
2014-03-18 17:31 - 2014-03-18 17:31 - 00000000 ____D () C:\Users\Lukas\Desktop\Album
2014-03-18 17:21 - 2014-03-16 19:59 - 00000368 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-18 17:21 - 2014-03-16 19:59 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-18 17:21 - 2014-03-16 19:59 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-16 20:01 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Laura\Downloads\Album
2014-03-16 19:56 - 2014-03-16 19:56 - 00000045 ____C () C:\user.js
2014-03-16 18:57 - 2014-03-16 18:57 - 00000920 _____ () C:\Users\Laura\Desktop\PC Speed Maximizer.lnk
2014-03-16 18:42 - 2014-03-16 18:42 - 00001442 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.results
2014-03-16 18:42 - 2014-03-16 18:39 - 00000610 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.quick.results
2014-03-16 18:42 - 2014-03-16 18:39 - 00000161 _____ () C:\Users\Laura\AppData\Roaming\aps.uninstall.scan.results
2014-03-16 18:38 - 2014-03-16 18:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-16 18:38 - 2011-11-06 16:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-16 18:37 - 2014-03-16 18:37 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\nsi841B.tmp
2014-03-16 18:33 - 2009-01-27 13:46 - 00001135 _____ () C:\Users\Laura\Desktop\Internet Explorer.lnk
2014-03-16 18:33 - 2008-11-02 21:30 - 00001165 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 18:32 - 2014-03-16 18:32 - 00001760 _____ () C:\Users\Laura\Desktop\Sync Folder.lnk
2014-03-16 18:23 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-03-16 18:20 - 2014-03-16 18:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TuneUp Software
2014-03-16 18:17 - 2009-01-27 12:17 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\StarOffice8
2014-03-13 17:24 - 2014-03-16 18:57 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\AnyProtectScannerSetup.exe
2014-03-08 19:56 - 2014-01-11 20:26 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Audacity
2014-03-08 19:09 - 2014-03-05 19:06 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-03-07 17:32 - 2014-03-07 17:32 - 00000000 ____D () C:\Users\Lukas\Desktop\Filme
2014-03-06 18:08 - 2014-03-06 18:08 - 03432683 _____ (WAV To MP3 ) C:\Users\Lukas\Downloads\wav2mp3v21.exe
2014-03-06 18:08 - 2014-03-06 18:08 - 03432683 _____ (WAV To MP3 ) C:\Users\Lukas\Downloads\wav2mp3v21 (1).exe
2014-03-06 18:08 - 2014-03-06 18:08 - 00000550 _____ () C:\Users\Public\Desktop\WAV To MP3.lnk
2014-03-06 18:08 - 2014-03-06 18:08 - 00000000 ___DC () C:\WAV To MP3
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-05 17:40
==================== End Of Log ============================
--- --- --- |
|
06.04.2014, 15:49
| #12 |
| /// the machine /// TB-Ausbilder | Windows Vista: BKA Virus sperrt BildschirmESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.04.2014, 22:11
| #13 |
| | Windows Vista: BKA Virus sperrt Bildschirm ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=24972bb941d3d94ba83ac10804820f59
# engine=17784
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-07 07:30:25
# local_time=2014-04-07 09:30:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=1799 16775165 100 95 13193 218196423 5928 0
# compatibility_mode=5892 16776574 100 100 66472882 234431753 0 0
# scanned=248193
# found=1
# cleaned=0
# scan_time=6848
sh=6205DDE47C041E3B67EFC540F89F24344835EE11 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\temp\t.msi"
Code:
ATTFilter Results of screen317's Security Check version 0.99.80
Windows Vista Service Pack 1 x86
Out of date service pack!!
Internet Explorer 8 Out of date!
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2014
TuneUp Utilities 2014 (de-DE)
TuneUp Utilities 2014
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 11.1.102.55 Flash Player out of Date!
Adobe Reader 10.1.4 Adobe Reader out of Date!
Google Chrome 33.0.1750.146
Google Chrome 33.0.1750.154
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Lukas (administrator) on LAURA-PC on 07-04-2014 21:42:11
Running from C:\Users\Lukas\Downloads
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Elogsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Zanda.exe
(Norman ASA) C:\Program Files\Norman\npm\bin\nvoy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Program Files\Zapp\WConnectorDirect.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Users\Lukas\AppData\Roaming\BupSystem\bup.exe
(Devguru Co., Ltd.) C:\Windows\system32\dgdersvc.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
() C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Olivetti) C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
() C:\Windows\system32\PSIService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Norman ASA) C:\Program Files\Norman\Npm\Bin\Zlh.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Google Inc.) C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
(Olivetti) C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Norman ASA) C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Norman ASA) C:\Program Files\Norman\Npm\bin\NJEEVES.EXE
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\OneClick.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TUDefragBackend32.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-07-24] (Realtek Semiconductor)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Norman ZANDA] - C:\Program Files\Norman\Npm\Bin\ZLH.EXE [187504 2009-02-11] (Norman ASA)
HKLM\...\Run: [NPCTray] - C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD
HKLM\...\Run: [Google EULA Launcher] - c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [20480 2008-05-28] ( )
HKLM\...\Run: [FaxCenterServer] - C:\Program Files\Lexmark Fax Solutions\fm3032.exe [320168 2008-03-27] ()
HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe [707376 2006-06-30] (Microsoft Corporation)
HKLM\...\Run: [Google Quick Search Box] - C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [122368 2009-08-08] (Google Inc.)
HKLM\...\Run: [OlStatusMon] - C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe [106496 2006-07-26] (Olivetti)
HKLM\...\Run: [WinampAgent] - "D:\Program Files\Winamp\winampa.exe"
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Hercules DJ Series] - C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [509224 2009-10-23] (Hercules®)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-28] (RealNetworks, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [X]
HKU\.DEFAULT\...\Run: [fsc-reg] - c:\fsc-reg\fscreg.exe
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-08] (Google Inc.)
HKU\S-1-5-21-1760476117-1050406762-223748037-1004\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\meine software.lnk
ShortcutTarget: meine software.lnk -> C:\Program Files\T-Home\Meine Software\meine software.exe (Deutsche Telekom AG)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk
ShortcutTarget: StarOffice 8.lnk -> C:\Program Files\Sun\StarOffice 8\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2127E04A82F3CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Zapp - {03b42da4-e052-423f-b1f4-98a5faae8111} - C:\Program Files\Zapp\IE\Zapp.dll (Simply Tech LTD.)
BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Zapp - {03b42da4-e052-423f-b1f4-98a5faae8111} - C:\Program Files\Zapp\IE\Zapp.dll (Simply Tech LTD.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR DefaultSearchKeyword: start.iminent.com
CHR DefaultSearchProvider: StartWeb
CHR DefaultSearchURL: hxxp://start.iminent.com/?appId=FD270491-55E2-4573-9DA1-BD69265FE522&ref=toolbox&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Zapp) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahdhkblnbddfcjjpkknjgjhhecciokdi [2014-03-24]
CHR Extension: (Protegere) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkeieaieohnceanbhdeijclgemgjjkf [2014-03-18]
CHR Extension: (HQ-Video-Pro-1.9) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-03-18]
CHR Extension: (RealDownloader) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-10-01]
CHR Extension: (V-bates) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-03-16]
CHR Extension: (SavingsBull) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngaeinfoeljecnggcbonnohnjpepenmb [2014-03-18]
CHR Extension: (Google Wallet) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-17]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-02-01]
CHR HKLM\...\Chrome\Extension: [${CHROME_KEY}] - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibar.crx [2013-02-01]
CHR HKLM\...\Chrome\Extension: [ahdhkblnbddfcjjpkknjgjhhecciokdi] - C:\Program Files\Zapp\chrome\Zapp.crx [2014-03-18]
CHR HKLM\...\Chrome\Extension: [fmoekfjgeamfnpnebcgikdbhlebgbaej] - C:\Users\Lukas\AppData\Roaming\freegames135\freegames135.crx [2014-03-18]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 bupService; C:\Users\Lukas\AppData\Roaming\BupSystem\bup.exe [1005056 2014-03-18] ()
R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [95568 2010-09-06] (Devguru Co., Ltd.)
R2 eLoggerSvc6; C:\Program Files\Norman\Npm\Bin\Elogsvc.exe [150584 2007-11-21] (Norman ASA)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [17408 2007-11-21] ()
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [9728 2009-05-04] (Deutsche Telekom AG)
R3 Norman NJeeves; C:\Program Files\Norman\Npm\bin\NJEEVES.EXE [203896 2008-05-13] (Norman ASA)
R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [408696 2009-02-25] (Norman ASA)
R3 NVCScheduler; C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE [154680 2007-09-18] (Norman ASA)
R2 NVOY; C:\Program Files\Norman\npm\bin\nvoy.exe [126008 2009-01-20] (Norman ASA)
R2 olMntrService; C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe [86016 2006-07-24] (Olivetti)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104 2008-04-25] (Fujitsu Siemens Computers)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1740600 2013-08-30] (TuneUp Software)
S2 Winmgmt; C:\PROGRA~2\a4lwg7jr.gsa [X]
==================== Drivers (Whitelisted) ====================
S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [127488 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-09-06] ()
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [124416 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [107736 2014-04-05] (Malwarebytes Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [148192 2008-07-18] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-07-29] (Avira GmbH)
R1 tStLib; C:\Windows\System32\drivers\tStLib.sys [55232 2014-03-24] (StdLib)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S3 usbsermpt; C:\Windows\System32\DRIVERS\usbsermpt.sys [22768 2008-11-03] (Microsoft Corporation)
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1965872 2006-06-30] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 PDNMp50; \??\C:\Windows\system32\drivers\PDNMp50.sys [X]
S3 PDNSp50; \??\C:\Windows\system32\drivers\PDNSp50.sys [X]
S3 RTL8187B; system32\DRIVERS\wg111v3.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-07 21:33 - 2014-04-07 21:33 - 00987442 _____ () C:\Users\Lukas\Downloads\SecurityCheck.exe
2014-04-07 19:33 - 2014-04-07 19:33 - 00000000 ____D () C:\Program Files\ESET
2014-04-07 19:31 - 2014-04-07 19:32 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_enu (2).exe
2014-04-07 19:19 - 2014-04-07 19:19 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_enu (1).exe
2014-04-07 19:17 - 2014-04-07 19:17 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_enu.exe
2014-04-07 19:16 - 2014-04-07 19:16 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\ESET
2014-04-07 19:16 - 2014-04-07 19:16 - 00000000 ____D () C:\Users\Lukas\AppData\Local\ESET
2014-04-07 17:51 - 2014-04-07 17:51 - 01581384 _____ (ESET) C:\Users\Lukas\Downloads\eset_smart_security_live_installer_.exe
2014-04-07 17:51 - 2014-04-07 17:51 - 01581384 _____ (ESET) C:\Users\Lukas\Downloads\eset_smart_security_live_installer_ (1).exe
2014-04-06 19:54 - 2014-04-06 19:55 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_deu.exe
2014-04-06 17:55 - 2014-04-05 01:08 - 77899120 _____ () C:\Users\Lukas\Desktop\fuckyou1111.wav
2014-04-06 17:55 - 2014-04-04 23:46 - 76899554 _____ () C:\Users\Lukas\Desktop\fuckyou.wav
2014-04-05 20:26 - 2014-04-05 20:26 - 00035212 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-04-05 20:22 - 2014-04-05 20:21 - 00001396 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-04-05 14:27 - 2014-04-05 14:27 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 14:26 - 2014-04-05 14:26 - 01038974 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT-613.exe
2014-04-05 14:24 - 2014-04-05 14:24 - 01038974 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-04-05 14:20 - 2014-04-05 14:20 - 00674504 _____ () C:\Users\Lukas\Downloads\Junkware-Removal-Tool_Setup_Download.exe
2014-04-05 14:05 - 2014-04-05 14:05 - 00039363 _____ () C:\Users\Lukas\Desktop\AdwCleaner[S0].txt
2014-04-05 13:52 - 2014-04-05 13:57 - 00000000 ___DC () C:\AdwCleaner
2014-04-05 13:52 - 2014-04-05 13:51 - 01426178 _____ () C:\Users\Lukas\Desktop\adwcleaner3023.exe
2014-04-05 13:51 - 2014-04-05 13:51 - 01426178 _____ () C:\Users\Lukas\Downloads\adwcleaner3023.exe
2014-04-05 13:49 - 2014-04-05 13:49 - 00000550 _____ () C:\Users\Lukas\Desktop\mbam.txt
2014-04-05 13:15 - 2014-04-05 13:20 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 13:15 - 2014-04-05 13:20 - 00000905 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-05 13:15 - 2014-04-05 13:20 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-04-05 13:15 - 2014-04-05 13:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-05 13:15 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 13:15 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-05 13:15 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-05 13:13 - 2014-04-05 13:13 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-04 11:30 - 2014-02-18 12:38 - 00000426 ____C () C:\AVScanner.ini
2014-04-04 11:10 - 2014-04-04 11:24 - 00046408 _____ () C:\Users\Lukas\Downloads\Addition.txt
2014-04-04 11:09 - 2014-04-07 21:42 - 00019762 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-04-04 11:09 - 2014-04-07 21:42 - 00000000 ___DC () C:\FRST
2014-04-04 11:08 - 2014-04-04 11:08 - 01145856 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-04-02 19:23 - 2014-04-02 19:23 - 00000000 ___DC () C:\_OTL
2014-04-02 19:23 - 2011-07-13 04:55 - 02237440 ___RC (OldTimer Tools) C:\OTLPE.exe
2014-03-28 02:21 - 2014-03-31 20:28 - 00206594 ____C () C:\OTL.Txt
2014-03-28 02:21 - 2014-03-31 20:28 - 00041420 ____C () C:\Extras.Txt
2014-03-24 13:41 - 2014-03-24 13:41 - 00000000 __SHD () C:\found.000
2014-03-24 12:53 - 2014-03-24 12:53 - 00055232 _____ (StdLib) C:\Windows\system32\Drivers\tStLib.sys
2014-03-24 12:42 - 2014-03-24 12:46 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 2
2014-03-24 12:31 - 2014-03-24 12:37 - 00000000 ____D () C:\Users\Lukas\Desktop\The Best of The Irish Folk Festival Vol.2
2014-03-18 19:10 - 2014-03-18 19:15 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 3
2014-03-18 18:02 - 2014-03-18 18:02 - 00000926 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-03-18 18:02 - 2014-03-18 18:02 - 00000000 ____D () C:\Program Files\Audiograbber
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\BupSystem
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\Zapp
2014-03-18 18:01 - 2014-02-04 07:36 - 00033864 _____ () C:\Windows\Launcher.exe
2014-03-18 18:00 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Security System 2
2014-03-18 17:55 - 2014-03-18 17:55 - 29401464 _____ (DVDVideoSoft Ltd. ) C:\Users\Lukas\Downloads\FreeAudioCDToMP3Converter1.3.12.1228.exe
2014-03-18 17:41 - 2014-03-18 18:12 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 1
2014-03-18 17:31 - 2014-03-18 17:31 - 00000000 ____D () C:\Users\Lukas\Desktop\Album
2014-03-16 19:59 - 2014-03-18 17:21 - 00000368 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-16 19:59 - 2014-03-18 17:21 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-16 19:59 - 2014-03-18 17:21 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-16 19:56 - 2014-04-07 21:26 - 00000282 _____ () C:\Windows\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
2014-03-16 19:56 - 2014-03-16 19:56 - 00000045 ____C () C:\user.js
2014-03-16 19:35 - 2014-03-16 20:01 - 00000000 ____D () C:\Users\Laura\Downloads\Album
2014-03-16 18:57 - 2014-03-16 18:57 - 00000920 _____ () C:\Users\Laura\Desktop\PC Speed Maximizer.lnk
2014-03-16 18:57 - 2014-03-13 17:24 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\AnyProtectScannerSetup.exe
2014-03-16 18:42 - 2014-03-16 18:42 - 00001442 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.results
2014-03-16 18:39 - 2014-03-16 18:42 - 00000610 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.quick.results
2014-03-16 18:39 - 2014-03-16 18:42 - 00000161 _____ () C:\Users\Laura\AppData\Roaming\aps.uninstall.scan.results
2014-03-16 18:38 - 2014-04-07 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 18:38 - 2014-03-16 18:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-16 18:37 - 2014-03-16 18:37 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\nsi841B.tmp
2014-03-16 18:32 - 2014-04-05 13:54 - 00000000 ____D () C:\Program Files\media enhance
2014-03-16 18:32 - 2014-03-16 18:32 - 00001760 _____ () C:\Users\Laura\Desktop\Sync Folder.lnk
2014-03-16 18:31 - 2014-04-05 14:22 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-03-16 18:31 - 2014-04-05 13:54 - 00000000 ____D () C:\Program Files\HQTotalS
2014-03-16 18:20 - 2014-03-16 18:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TuneUp Software
==================== One Month Modified Files and Folders =======
2014-04-07 21:42 - 2014-04-04 11:09 - 00019762 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-04-07 21:42 - 2014-04-04 11:09 - 00000000 ___DC () C:\FRST
2014-04-07 21:42 - 2010-02-03 12:14 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 21:33 - 2014-04-07 21:33 - 00987442 _____ () C:\Users\Lukas\Downloads\SecurityCheck.exe
2014-04-07 21:29 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 21:29 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 21:26 - 2014-03-16 19:56 - 00000282 _____ () C:\Windows\Tasks\FF Watcher {57DEB8DA-435C-41E5-AAA9-1BB0A7C138A9}.job
2014-04-07 21:04 - 2014-03-16 18:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 20:58 - 2008-11-02 21:15 - 01060303 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 20:42 - 2010-02-03 12:14 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-07 20:38 - 2014-03-05 19:06 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-04-07 19:33 - 2014-04-07 19:33 - 00000000 ____D () C:\Program Files\ESET
2014-04-07 19:32 - 2014-04-07 19:31 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_enu (2).exe
2014-04-07 19:29 - 2008-11-02 21:27 - 00000000 ____D () C:\Program Files\Norman
2014-04-07 19:29 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 19:26 - 2006-11-02 15:01 - 00032516 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-07 19:19 - 2014-04-07 19:19 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_enu (1).exe
2014-04-07 19:17 - 2014-04-07 19:17 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_enu.exe
2014-04-07 19:16 - 2014-04-07 19:16 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\ESET
2014-04-07 19:16 - 2014-04-07 19:16 - 00000000 ____D () C:\Users\Lukas\AppData\Local\ESET
2014-04-07 18:04 - 2013-02-01 23:24 - 00000000 ____D () C:\Users\Lukas
2014-04-07 17:51 - 2014-04-07 17:51 - 01581384 _____ (ESET) C:\Users\Lukas\Downloads\eset_smart_security_live_installer_.exe
2014-04-07 17:51 - 2014-04-07 17:51 - 01581384 _____ (ESET) C:\Users\Lukas\Downloads\eset_smart_security_live_installer_ (1).exe
2014-04-07 17:44 - 2008-01-21 04:47 - 00088088 _____ () C:\Windows\PFRO.log
2014-04-06 19:55 - 2014-04-06 19:54 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_deu.exe
2014-04-05 20:26 - 2014-04-05 20:26 - 00035212 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-04-05 20:21 - 2014-04-05 20:22 - 00001396 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-04-05 18:52 - 2013-08-31 20:59 - 00014213 _____ () C:\Windows\setupact.log
2014-04-05 14:27 - 2014-04-05 14:27 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 14:26 - 2014-04-05 14:26 - 01038974 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT-613.exe
2014-04-05 14:24 - 2014-04-05 14:24 - 01038974 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-04-05 14:22 - 2014-03-16 18:31 - 00000000 ____D () C:\Program Files\Re-markit-soft
2014-04-05 14:20 - 2014-04-05 14:20 - 00674504 _____ () C:\Users\Lukas\Downloads\Junkware-Removal-Tool_Setup_Download.exe
2014-04-05 14:05 - 2014-04-05 14:05 - 00039363 _____ () C:\Users\Lukas\Desktop\AdwCleaner[S0].txt
2014-04-05 13:57 - 2014-04-05 13:52 - 00000000 ___DC () C:\AdwCleaner
2014-04-05 13:57 - 2012-01-22 18:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-05 13:56 - 2009-01-27 16:52 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-05 13:54 - 2014-03-16 18:32 - 00000000 ____D () C:\Program Files\media enhance
2014-04-05 13:54 - 2014-03-16 18:31 - 00000000 ____D () C:\Program Files\HQTotalS
2014-04-05 13:54 - 2013-12-09 14:14 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\freegames135
2014-04-05 13:54 - 2013-12-09 14:14 - 00000000 ____D () C:\Program Files\Free Games 135
2014-04-05 13:51 - 2014-04-05 13:52 - 01426178 _____ () C:\Users\Lukas\Desktop\adwcleaner3023.exe
2014-04-05 13:51 - 2014-04-05 13:51 - 01426178 _____ () C:\Users\Lukas\Downloads\adwcleaner3023.exe
2014-04-05 13:49 - 2014-04-05 13:49 - 00000550 _____ () C:\Users\Lukas\Desktop\mbam.txt
2014-04-05 13:20 - 2014-04-05 13:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 13:20 - 2014-04-05 13:15 - 00000905 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-05 13:20 - 2014-04-05 13:15 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-04-05 13:15 - 2014-04-05 13:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-05 13:13 - 2014-04-05 13:13 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-05 13:07 - 2011-06-30 12:20 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-05 13:03 - 2006-11-02 13:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-05 01:08 - 2014-04-06 17:55 - 77899120 _____ () C:\Users\Lukas\Desktop\fuckyou1111.wav
2014-04-04 23:46 - 2014-04-06 17:55 - 76899554 _____ () C:\Users\Lukas\Desktop\fuckyou.wav
2014-04-04 13:02 - 2014-03-06 18:09 - 00000000 ___DC () C:\output
2014-04-04 11:24 - 2014-04-04 11:10 - 00046408 _____ () C:\Users\Lukas\Downloads\Addition.txt
2014-04-04 11:08 - 2014-04-04 11:08 - 01145856 _____ (Farbar) C:\Users\Lukas\Downloads\FRST.exe
2014-04-03 13:12 - 2013-02-01 23:31 - 00017408 _____ () C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 09:51 - 2014-04-05 13:15 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-05 13:15 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-05 13:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 19:23 - 2014-04-02 19:23 - 00000000 ___DC () C:\_OTL
2014-03-31 20:28 - 2014-03-28 02:21 - 00206594 ____C () C:\OTL.Txt
2014-03-31 20:28 - 2014-03-28 02:21 - 00041420 ____C () C:\Extras.Txt
2014-03-28 02:12 - 2008-11-02 21:29 - 00000000 ____D () C:\Users\Laura
2014-03-24 13:41 - 2014-03-24 13:41 - 00000000 __SHD () C:\found.000
2014-03-24 12:53 - 2014-03-24 12:53 - 00055232 _____ (StdLib) C:\Windows\system32\Drivers\tStLib.sys
2014-03-24 12:50 - 2008-01-21 09:16 - 01572690 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-24 12:46 - 2014-03-24 12:42 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 2
2014-03-24 12:37 - 2014-03-24 12:31 - 00000000 ____D () C:\Users\Lukas\Desktop\The Best of The Irish Folk Festival Vol.2
2014-03-18 19:15 - 2014-03-18 19:10 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 3
2014-03-18 18:12 - 2014-03-18 17:41 - 00000000 ____D () C:\Users\Lukas\Desktop\Der Herr der Ringe - 1
2014-03-18 18:02 - 2014-03-18 18:02 - 00000926 _____ () C:\Users\Public\Desktop\Audiograbber.lnk
2014-03-18 18:02 - 2014-03-18 18:02 - 00000000 ____D () C:\Program Files\Audiograbber
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\BupSystem
2014-03-18 18:01 - 2014-03-18 18:01 - 00000000 ____D () C:\Program Files\Zapp
2014-03-18 18:01 - 2014-03-18 18:00 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Security System 2
2014-03-18 17:56 - 2014-03-05 19:02 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DVDVideoSoft
2014-03-18 17:55 - 2014-03-18 17:55 - 29401464 _____ (DVDVideoSoft Ltd. ) C:\Users\Lukas\Downloads\FreeAudioCDToMP3Converter1.3.12.1228.exe
2014-03-18 17:31 - 2014-03-18 17:31 - 00000000 ____D () C:\Users\Lukas\Desktop\Album
2014-03-18 17:21 - 2014-03-16 19:59 - 00000368 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-03-18 17:21 - 2014-03-16 19:59 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-03-18 17:21 - 2014-03-16 19:59 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-03-16 20:01 - 2014-03-16 19:35 - 00000000 ____D () C:\Users\Laura\Downloads\Album
2014-03-16 19:56 - 2014-03-16 19:56 - 00000045 ____C () C:\user.js
2014-03-16 18:57 - 2014-03-16 18:57 - 00000920 _____ () C:\Users\Laura\Desktop\PC Speed Maximizer.lnk
2014-03-16 18:42 - 2014-03-16 18:42 - 00001442 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.results
2014-03-16 18:42 - 2014-03-16 18:39 - 00000610 _____ () C:\Users\Laura\AppData\Roaming\aps.scan.quick.results
2014-03-16 18:42 - 2014-03-16 18:39 - 00000161 _____ () C:\Users\Laura\AppData\Roaming\aps.uninstall.scan.results
2014-03-16 18:38 - 2014-03-16 18:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-16 18:38 - 2011-11-06 16:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-16 18:37 - 2014-03-16 18:37 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\nsi841B.tmp
2014-03-16 18:33 - 2009-01-27 13:46 - 00001135 _____ () C:\Users\Laura\Desktop\Internet Explorer.lnk
2014-03-16 18:33 - 2008-11-02 21:30 - 00001165 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 18:32 - 2014-03-16 18:32 - 00001760 _____ () C:\Users\Laura\Desktop\Sync Folder.lnk
2014-03-16 18:23 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-03-16 18:20 - 2014-03-16 18:20 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TuneUp Software
2014-03-16 18:17 - 2009-01-27 12:17 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\StarOffice8
2014-03-13 17:24 - 2014-03-16 18:57 - 00954784 _____ (AnyProtect.com) C:\Users\Laura\AppData\Local\AnyProtectScannerSetup.exe
2014-03-08 19:56 - 2014-01-11 20:26 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Audacity
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-07 19:41
==================== End Of Log ============================
--- --- --- --- --- --- Soweit keine Probleme mehr! Tausend Dank für die Hilfe! :-) |
|
08.04.2014, 12:18
| #14 |
| /// the machine /// TB-Ausbilder | Windows Vista: BKA Virus sperrt Bildschirm Java, Flash, Adobe updaten. Windows update machen, da fehlen 3 Jahre Updates!! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
ProxyEnable: Internet Explorer proxy is enabled.
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.04.2014, 18:35
| #15 |
| | Windows Vista: BKA Virus sperrt BildschirmCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by Lukas at 2014-04-09 19:33:49 Run:1
Running from C:\Users\Lukas\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
ProxyEnable: Internet Explorer proxy is enabled.
*****************
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
==== End of Fixlog ====
|
|
| Themen zu Windows Vista: BKA Virus sperrt Bildschirm |
| antivir, avira, bho, bildschirm, browser, desktop, error, firefox, flash player, format, helper, home, logfile, norman, object, pc speed maximizer, realtek, registry, rundll, savingsbull, scan, schannel.dll, security, senden, software, tarma, virus, vista, windows, wrapper |
Textbox. 
Linear-Darstellung
