| |
| |||||||
Log-Analyse und Auswertung: Spyware Terminator erkennt Trojan.ExOptions.Gen als BedrohungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
14.06.2014, 17:27
| #1 |
| |  Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung Hallo, ich habe auf meinem Rechner (Windows7, 64 Bit) Malewarebytes Anti-Malware, Bitdefender und den Spyware-Terminator installiert. Seit kurzen zeigt der Spywareterminator bei jedem Scan zahlreiche Probleme an, hauptsächlich den als besonders gravierend eingestuften "Trojan.Exoptions.Gen. und verscheidene "Tracking Cookies". MBAM, Bitdefender sowie Winzip erkennen diesen nicht. Auch ein Zurücksetzen der Festplatte auf Werkseinstellung hat nichts geändert, das Problem war nach dem Installieren von MBAM plötzlich wieder da. Ich würde gerne wissen, ob es sich bei den von Spyware-Terminator gemeldeten Problem um eine echte Bedrohung oder eine Falschmeldung handelt. Die angefordeten Logfiles habe ich angehängt. Vielen Dank für die Hilfe!!!  |
|
14.06.2014, 17:49
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung Hi und
__________________ Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
15.06.2014, 11:15
| #3 |
| | Spyware Terminator erkennt Trojan.ExOptions.Gen als BedrohungCode:
ATTFilter ------
Logfile von Spyware Terminator (db:)
------
Scann Zeit: 14.06.2014 12:14:40 länge: 0:04:00
Plattform: W7 (6.1.0.7601)
Benutzer: Admin
Scann typ: Schneller Scann
Gescannte Objekte: 41438 (Kritisch: 16)
------
laufende Prozesse
------
smss.exe [Microsoft Corporation] : %SYSDIR%\smss.exe
csrss.exe [Microsoft Corporation] : %SYSDIR%\csrss.exe
wininit.exe [Microsoft Corporation] : %SYSDIR%\wininit.exe
csrss.exe [Microsoft Corporation] : %SYSDIR%\csrss.exe
services.exe [Microsoft Corporation] : %SYSDIR%\services.exe
lsass.exe [Microsoft Corporation] : %SYSDIR%\lsass.exe
lsm.exe [Microsoft Corporation] : %SYSDIR%\lsm.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
vsserv.exe [Bitdefender] : %SystemDiskRoot%\Program Files\Bitdefender\Bitdefender\vsserv.exe
winlogon.exe [Microsoft Corporation] : %SYSDIR%\winlogon.exe
ibmpmsvc.exe [Lenovo.] : %SYSDIR%\ibmpmsvc.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
audiodg.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
spoolsv.exe [Microsoft Corporation] : %SYSDIR%\spoolsv.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
TPHKSVC.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\TPHKSVC.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
PresentationFontCache.exe [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
CamMute.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\Communications Utility\CamMute.exe
micmute.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\micmute.exe
TPKNRSVC.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\Communications Utility\TPKNRSVC.exe
lvvsst.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\VIRTSCRL\lvvsst.exe
LMS.exe [Intel Corporation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SeaPort.EXE [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft\BingBar\SeaPort.EXE
st_rsser64.exe [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\st_rsser64.exe
updatesrv.exe [Bitdefender] : %SystemDiskRoot%\Program Files\Bitdefender\Bitdefender\updatesrv.exe
WLIDSVC.EXE [Microsoft Corp.] : %SystemDiskRoot%\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
safeboxservice.exe [Bitdefender] : %SystemDiskRoot%\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
WLIDSVCM.EXE [Microsoft Corp.] : %SystemDiskRoot%\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
WmiPrvSE.exe [Microsoft Corporation] : %SYSDIR%\wbem\WmiPrvSE.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
virtscrl.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\VIRTSCRL\virtscrl.exe
dwm.exe [Microsoft Corporation] : %SYSDIR%\dwm.exe
taskhost.exe [Microsoft Corporation] : %SYSDIR%\taskhost.exe
explorer.exe [Microsoft Corporation] : %WINDIR%\explorer.exe
SynTPEnh.exe [Synaptics Incorporated] : %SystemDiskRoot%\Program Files\Synaptics\SynTP\SynTPEnh.exe
TPOSDSVC.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\TPOSDSVC.exe
TpShocks.exe [Lenovo.] : %SYSDIR%\TpShocks.exe
taskeng.exe [Microsoft Corporation] : %SYSDIR%\taskeng.exe
tpnumlkd.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\tpnumlkd.exe
hkcmd.exe [Intel Corporation] : %SYSDIR%\hkcmd.exe
igfxpers.exe [Intel Corporation] : %SYSDIR%\igfxpers.exe
TPKNRRES.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\Communications Utility\TPKNRRES.exe
bdagent.exe [Bitdefender] : %SystemDiskRoot%\Program Files\Bitdefender\Bitdefender\bdagent.exe
SpywareTerminatorShield.exe [Crawler.com] : %PROGRAMFILES32%\Spyware Terminator\SpywareTerminatorShield.exe
WinZipMalwareProtector.exe [Nico Mak Computing] : %PROGRAMFILES32%\WinZip Malware Protector\WinZipMalwareProtector.exe
TPONSCR.exe [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\TPONSCR.exe
pmbxag.exe [Bitdefender] : %SystemDiskRoot%\Program Files\Bitdefender\Bitdefender\pmbxag.exe
bdapppassmgr.exe [Bitdefender] : %PROGRAMFILES%\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
SynTPHelper.exe [Synaptics Incorporated] : %SystemDiskRoot%\Program Files\Synaptics\SynTP\SynTPHelper.exe
SynTPLpr.exe [Synaptics Incorporated] : %SystemDiskRoot%\Program Files\Synaptics\SynTP\SynTPLpr.exe
BTTray.exe [Broadcom Corporation.] : %SystemDiskRoot%\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
SpywareTerminatorUpdate.exe [Crawler.com] : %PROGRAMFILES32%\Spyware Terminator\SpywareTerminatorUpdate.exe
rundll32.exe [Microsoft Corporation] : %SYSDIR32%\rundll32.exe
SSScheduler.exe [McAfee, Inc.] : %PROGRAMFILES32%\McAfee Security Scan\3.8.150\SSScheduler.exe
rundll32.exe [Microsoft Corporation] : %SYSDIR%\rundll32.exe
LenovoReg.exe [Lenovo, Inc.] : %PROGRAMFILES32%\Lenovo Registration\LenovoReg.exe
SearchIndexer.exe [Microsoft Corporation] : %SYSDIR%\SearchIndexer.exe
WmiPrvSE.exe [Microsoft Corporation] : %SYSDIR%\wbem\WmiPrvSE.exe
igfxext.exe [Intel Corporation] : %SYSDIR%\igfxext.exe
igfxsrvc.exe [Intel Corporation] : %SYSDIR%\igfxsrvc.exe
BTStackServer.exe [Broadcom Corporation.] : %SystemDiskRoot%\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
SearchProtocolHost.exe [Microsoft Corporation] : %SYSDIR%\SearchProtocolHost.exe
BluetoothHeadsetProxy.exe [Broadcom Corporation.] : %PROGRAMFILES%\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
btwdins.exe [Broadcom Corporation.] : %SystemDiskRoot%\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
mscorsvw.exe [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
mscorsvw.exe [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
sppsvc.exe [Microsoft Corporation] : %SYSDIR%\sppsvc.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
SUService.exe [Lenovo Group Limited] : %PROGRAMFILES32%\Lenovo\System Update\SUService.exe
UNS.exe [Intel Corporation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
wmpnetwk.exe [Microsoft Corporation] : %SystemDiskRoot%\Program Files\Windows Media Player\wmpnetwk.exe
taskhost.exe [Microsoft Corporation] : %SYSDIR%\taskhost.exe
TrustedInstaller.exe [Microsoft Corporation] : %WINDIR%\servicing\TrustedInstaller.exe
VSSVC.exe [Microsoft Corporation] : %SYSDIR%\VSSVC.exe
svchost.exe [Microsoft Corporation] : %SYSDIR%\svchost.exe
SearchFilterHost.exe [Microsoft Corporation] : %SYSDIR%\SearchFilterHost.exe
SpywareTerminator.exe [Crawler.com] : %PROGRAMFILES32%\Spyware Terminator\SpywareTerminator.exe
------
Laufende Services und Treiber
------
5U877 [Ricoh co.,Ltd.] : %SYSDIR%\drivers\5U877.sys
ACPI [Microsoft Corporation] : %SYSDIR%\drivers\acpi.sys
AeLookupSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
AFD [Microsoft Corporation] : %SYSDIR%\drivers\afd.sys
amdxata [Advanced Micro Devices] : %SYSDIR%\drivers\amdxata.sys
Appinfo [Microsoft Corporation] : %SYSDIR%\svchost.exe
AudioEndpointBuilder [Microsoft Corporation] : %SYSDIR%\svchost.exe
AudioSrv [Microsoft Corporation] : %SYSDIR%\svchost.exe
avc3 [BitDefender] : %SYSDIR%\drivers\avc3.sys
avchv [BitDefender] : %SYSDIR%\drivers\avchv.sys
avckf [BitDefender] : %SYSDIR%\drivers\avckf.sys
BdfNdisf [BitDefender LLC] : %SystemDiskRoot%\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
bdfwfpf [BitDefender LLC] : %SystemDiskRoot%\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
BDVEDISK [BitDefender] : %SYSDIR%\drivers\bdvedisk.sys
BFE [Microsoft Corporation] : %SYSDIR%\svchost.exe
BITS [Microsoft Corporation] : %SYSDIR%\svchost.exe
blbdrive [Microsoft Corporation] : %SYSDIR%\drivers\blbdrive.sys
bowser [Microsoft Corporation] : %SYSDIR%\drivers\bowser.sys
Browser [Microsoft Corporation] : %SYSDIR%\svchost.exe
BthEnum [Microsoft Corporation] : %SYSDIR%\drivers\bthenum.sys
BthPan [Microsoft Corporation] : %SYSDIR%\drivers\bthpan.sys
bthserv [Microsoft Corporation] : %SYSDIR%\svchost.exe
BTHUSB [Microsoft Corporation] : %SYSDIR%\drivers\BTHUSB.SYS
btusbflt [Broadcom Corporation.] : %SYSDIR%\drivers\btusbflt.sys
btwaudio [Broadcom Corporation.] : %SYSDIR%\drivers\btwaudio.sys
btwavdt [Broadcom Corporation.] : %SYSDIR%\drivers\btwavdt.sys
btwdins [Broadcom Corporation.] : %SystemDiskRoot%\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
btwl2cap [Broadcom Corporation.] : %SYSDIR%\drivers\btwl2cap.sys
btwrchid [Broadcom Corporation.] : %SYSDIR%\drivers\btwrchid.sys
CLFS [Microsoft Corporation] : %SYSDIR%\clfs.sys
clr_optimization_v4.0.30319_32 [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
clr_optimization_v4.0.30319_64 [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
CmBatt [Microsoft Corporation] : %SYSDIR%\drivers\CmBatt.sys
CNG [Microsoft Corporation] : %SYSDIR%\drivers\cng.sys
CnxtHdAudService [Conexant Systems Inc.] : %SYSDIR%\drivers\CHDRT64.sys
Compbatt [Microsoft Corporation] : %SYSDIR%\drivers\compbatt.sys
CompositeBus [Microsoft Corporation] : %SYSDIR%\drivers\CompositeBus.sys
CryptSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
DcomLaunch [Microsoft Corporation] : %SYSDIR%\svchost.exe
DfsC [Microsoft Corporation] : %SYSDIR%\drivers\dfsc.sys
Dhcp [Microsoft Corporation] : %SYSDIR%\svchost.exe
discache [Microsoft Corporation] : %SYSDIR%\drivers\discache.sys
Disk [Microsoft Corporation] : %SYSDIR%\drivers\disk.sys
Dnscache [Microsoft Corporation] : %SYSDIR%\svchost.exe
DPS [Microsoft Corporation] : %SYSDIR%\svchost.exe
DXGKrnl [Microsoft Corporation] : %SYSDIR%\drivers\dxgkrnl.sys
EapHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
eventlog [Microsoft Corporation] : %SYSDIR%\svchost.exe
EventSystem [Microsoft Corporation] : %SYSDIR%\svchost.exe
FDResPub [Microsoft Corporation] : %SYSDIR%\svchost.exe
FileInfo [Microsoft Corporation] : %SYSDIR%\drivers\fileinfo.sys
FltMgr [Microsoft Corporation] : %SYSDIR%\drivers\fltMgr.sys
FontCache [Microsoft Corporation] : %SYSDIR%\svchost.exe
FontCache3.0.0.0 [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
fvevol [Microsoft Corporation] : %SYSDIR%\drivers\fvevol.sys
gpsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
gzflt [BitDefender LLC] : %SYSDIR%\drivers\gzflt.sys
HDAudBus [Microsoft Corporation] : %SYSDIR%\drivers\hdaudbus.sys
HECIx64 [Intel Corporation] : %SYSDIR%\drivers\HECIx64.sys
HidUsb [Microsoft Corporation] : %SYSDIR%\drivers\hidusb.sys
HTTP [Microsoft Corporation] : %SYSDIR%\drivers\http.sys
hwpolicy [Microsoft Corporation] : %SYSDIR%\drivers\hwpolicy.sys
i8042prt [Microsoft Corporation] : %SYSDIR%\drivers\i8042prt.sys
iaStor [Intel Corporation] : %SYSDIR%\drivers\iaStor.sys
IBMPMDRV [Lenovo.] : %SYSDIR%\drivers\ibmpmdrv.sys
IBMPMSVC [Lenovo.] : %SYSDIR%\ibmpmsvc.exe
igfx [Intel Corporation] : %SYSDIR%\drivers\igdkmd64.sys
IKEEXT [Microsoft Corporation] : %SYSDIR%\svchost.exe
Impcd [Intel Corporation] : %SYSDIR%\drivers\Impcd.sys
IntcDAud [Intel(R) Corporation] : %SYSDIR%\drivers\IntcDAud.sys
intelppm [Microsoft Corporation] : %SYSDIR%\drivers\intelppm.sys
iphlpsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
kbdclass [Microsoft Corporation] : %SYSDIR%\drivers\kbdclass.sys
KeyIso [Microsoft Corporation] : %SYSDIR%\lsass.exe
KSecDD [Microsoft Corporation] : %SYSDIR%\drivers\ksecdd.sys
KSecPkg [Microsoft Corporation] : %SYSDIR%\drivers\ksecpkg.sys
ksthunk [Microsoft Corporation] : %SYSDIR%\drivers\ksthunk.sys
LanmanServer [Microsoft Corporation] : %SYSDIR%\svchost.exe
LanmanWorkstation [Microsoft Corporation] : %SYSDIR%\svchost.exe
LENOVO.CAMMUTE [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\Communications Utility\CamMute.exe
LENOVO.MICMUTE [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\micmute.exe
lenovo.smi [Lenovo Group Limited] : %SYSDIR%\drivers\smiifx64.sys
LENOVO.TPKNRSVC [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\Communications Utility\TPKNRSVC.exe
Lenovo.VIRTSCRLSVC [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\VIRTSCRL\lvvsst.exe
lltdio [Microsoft Corporation] : %SYSDIR%\drivers\lltdio.sys
lmhosts [Microsoft Corporation] : %SYSDIR%\svchost.exe
LMS [Intel Corporation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
luafv [Microsoft Corporation] : %SYSDIR%\drivers\luafv.sys
MMCSS [Microsoft Corporation] : %SYSDIR%\svchost.exe
monitor [Microsoft Corporation] : %SYSDIR%\drivers\monitor.sys
mouclass [Microsoft Corporation] : %SYSDIR%\drivers\mouclass.sys
mouhid [Microsoft Corporation] : %SYSDIR%\drivers\mouhid.sys
mountmgr [Microsoft Corporation] : %SYSDIR%\drivers\mountmgr.sys
mpsdrv [Microsoft Corporation] : %SYSDIR%\drivers\mpsdrv.sys
MpsSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
mrxsmb [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb.sys
mrxsmb10 [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb10.sys
mrxsmb20 [Microsoft Corporation] : %SYSDIR%\drivers\mrxsmb20.sys
msisadrv [Microsoft Corporation] : %SYSDIR%\drivers\msisadrv.sys
mssmbios [Microsoft Corporation] : %SYSDIR%\drivers\mssmbios.sys
Mup [Microsoft Corporation] : %SYSDIR%\drivers\mup.sys
NativeWifiP [Microsoft Corporation] : %SYSDIR%\drivers\nwifi.sys
NDIS [Microsoft Corporation] : %SYSDIR%\drivers\ndis.sys
NdisTapi [Microsoft Corporation] : %SYSDIR%\drivers\ndistapi.sys
Ndisuio [Microsoft Corporation] : %SYSDIR%\drivers\ndisuio.sys
NdisWan [Microsoft Corporation] : %SYSDIR%\drivers\ndiswan.sys
NetBIOS [Microsoft Corporation] : %SYSDIR%\drivers\netbios.sys
NetBT [Microsoft Corporation] : %SYSDIR%\drivers\netbt.sys
Netman [Microsoft Corporation] : %SYSDIR%\svchost.exe
netprofm [Microsoft Corporation] : %SYSDIR%\svchost.exe
NlaSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
nsi [Microsoft Corporation] : %SYSDIR%\svchost.exe
nsiproxy [Microsoft Corporation] : %SYSDIR%\drivers\nsiproxy.sys
partmgr [Microsoft Corporation] : %SYSDIR%\drivers\partmgr.sys
PcaSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
pci [Microsoft Corporation] : %SYSDIR%\drivers\pci.sys
pcw [Microsoft Corporation] : %SYSDIR%\drivers\pcw.sys
PEAUTH [Microsoft Corporation] : %SYSDIR%\drivers\PEAuth.sys
PlugPlay [Microsoft Corporation] : %SYSDIR%\svchost.exe
PolicyAgent [Microsoft Corporation] : %SYSDIR%\svchost.exe
Power [Microsoft Corporation] : %SYSDIR%\svchost.exe
PptpMiniport [Microsoft Corporation] : %SYSDIR%\drivers\raspptp.sys
ProfSvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
psadd [Lenovo (United States) Inc.] : %SYSDIR%\drivers\psadd.sys
Psched [Microsoft Corporation] : %SYSDIR%\drivers\pacer.sys
RasAgileVpn [Microsoft Corporation] : %SYSDIR%\drivers\agilevpn.sys
Rasl2tp [Microsoft Corporation] : %SYSDIR%\drivers\rasl2tp.sys
RasPppoe [Microsoft Corporation] : %SYSDIR%\drivers\raspppoe.sys
RasSstp [Microsoft Corporation] : %SYSDIR%\drivers\rassstp.sys
rdbss [Microsoft Corporation] : %SYSDIR%\drivers\rdbss.sys
RDPCDD [Microsoft Corporation] : %SYSDIR%\drivers\RDPCDD.sys
RDPENCDD [Microsoft Corporation] : %SYSDIR%\drivers\RDPENCDD.sys
RDPREFMP [Microsoft Corporation] : %SYSDIR%\drivers\RDPREFMP.sys
rdyboost [Microsoft Corporation] : %SYSDIR%\drivers\rdyboost.sys
RFCOMM [Microsoft Corporation] : %SYSDIR%\drivers\rfcomm.sys
RpcEptMapper [Microsoft Corporation] : %SYSDIR%\svchost.exe
RpcSs [Microsoft Corporation] : %SYSDIR%\svchost.exe
rspndr [Microsoft Corporation] : %SYSDIR%\drivers\rspndr.sys
RTL8167 [Realtek ] : %SYSDIR%\drivers\Rt64win7.sys
RTL8192Ce [Realtek Semiconductor Corporation ] : %SYSDIR%\drivers\rtl8192Ce.sys
SafeBox [Bitdefender] : %SystemDiskRoot%\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
SamSs [Microsoft Corporation] : %SYSDIR%\lsass.exe
Schedule [Microsoft Corporation] : %SYSDIR%\svchost.exe
SeaPort [Microsoft Corporation] : %PROGRAMFILES32%\Microsoft\BingBar\SeaPort.EXE
SENS [Microsoft Corporation] : %SYSDIR%\svchost.exe
ShellHWDetection [Microsoft Corporation] : %SYSDIR%\svchost.exe
Shockprf [Lenovo.] : %SYSDIR%\drivers\ApsX64.sys
Spooler [Microsoft Corporation] : %SYSDIR%\spoolsv.exe
sppsvc [Microsoft Corporation] : %SYSDIR%\sppsvc.exe
sp_rsdrv2 [Windows (R) Win 7 DDK provider] : %SYSDIR%\drivers\stflt.sys
srv [Microsoft Corporation] : %SYSDIR%\drivers\srv.sys
srv2 [Microsoft Corporation] : %SYSDIR%\drivers\srv2.sys
srvnet [Microsoft Corporation] : %SYSDIR%\drivers\srvnet.sys
SSDPSRV [Microsoft Corporation] : %SYSDIR%\svchost.exe
ST2012_Svc [Crawler.com] : %PROGRAMFILES%\Spyware Terminator\st_rsser64.exe
StillCam [Microsoft Corporation] : %SYSDIR%\drivers\serscan.sys
stisvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
SUService [Lenovo Group Limited] : %PROGRAMFILES32%\Lenovo\System Update\SUService.exe
swenum [Microsoft Corporation] : %SYSDIR%\drivers\swenum.sys
swprv [Microsoft Corporation] : %SYSDIR%\svchost.exe
SynTP [Synaptics Incorporated] : %SYSDIR%\drivers\SynTP.sys
SysMain [Microsoft Corporation] : %SYSDIR%\svchost.exe
Tcpip [Microsoft Corporation] : %SYSDIR%\drivers\tcpip.sys
tcpipreg [Microsoft Corporation] : %SYSDIR%\drivers\tcpipreg.sys
tdx [Microsoft Corporation] : %SYSDIR%\drivers\tdx.sys
TermDD [Microsoft Corporation] : %SYSDIR%\drivers\termdd.sys
TermService [Microsoft Corporation] : %SYSDIR%\svchost.exe
Themes [Microsoft Corporation] : %SYSDIR%\svchost.exe
TPDIGIMN [Lenovo.] : %SYSDIR%\drivers\ApsHM64.sys
TPHKSVC [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\TPHKSVC.exe
TPPWRIF : %SYSDIR%\drivers\TPPWR64V.SYS
TrkWks [Microsoft Corporation] : %SYSDIR%\svchost.exe
trufos [BitDefender S.R.L.] : %SYSDIR%\drivers\trufos.sys
TrustedInstaller [Microsoft Corporation] : %WINDIR%\servicing\TrustedInstaller.exe
tunnel [Microsoft Corporation] : %SYSDIR%\drivers\tunnel.sys
umbus [Microsoft Corporation] : %SYSDIR%\drivers\umbus.sys
UNS [Intel Corporation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
UPDATESRV [Bitdefender] : %SystemDiskRoot%\Program Files\Bitdefender\Bitdefender\updatesrv.exe
upnphost [Microsoft Corporation] : %SYSDIR%\svchost.exe
usbccgp [Microsoft Corporation] : %SYSDIR%\drivers\usbccgp.sys
usbehci [Microsoft Corporation] : %SYSDIR%\drivers\usbehci.sys
usbhub [Microsoft Corporation] : %SYSDIR%\drivers\usbhub.sys
UxSms [Microsoft Corporation] : %SYSDIR%\svchost.exe
vdrvroot [Microsoft Corporation] : %SYSDIR%\drivers\vdrvroot.sys
VgaSave [Microsoft Corporation] : %SYSDIR%\drivers\vga.sys
volmgr [Microsoft Corporation] : %SYSDIR%\drivers\volmgr.sys
volmgrx [Microsoft Corporation] : %SYSDIR%\drivers\volmgrx.sys
volsnap [Microsoft Corporation] : %SYSDIR%\drivers\volsnap.sys
VSS [Microsoft Corporation] : %SYSDIR%\VSSVC.exe
VSSERV [Bitdefender] : %SystemDiskRoot%\Program Files\Bitdefender\Bitdefender\vsserv.exe
vwifibus [Microsoft Corporation] : %SYSDIR%\drivers\vwifibus.sys
vwififlt [Microsoft Corporation] : %SYSDIR%\drivers\vwififlt.sys
Wanarpv6 [Microsoft Corporation] : %SYSDIR%\drivers\wanarp.sys
Wdf01000 [Microsoft Corporation] : %SYSDIR%\drivers\Wdf01000.sys
WdiServiceHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
WdiSystemHost [Microsoft Corporation] : %SYSDIR%\svchost.exe
WfpLwf [Microsoft Corporation] : %SYSDIR%\drivers\wfplwf.sys
WinHttpAutoProxySvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
Winmgmt [Microsoft Corporation] : %SYSDIR%\svchost.exe
Wlansvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
wlidsvc [Microsoft Corp.] : %SystemDiskRoot%\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
WMPNetworkSvc [Microsoft Corporation] : %SystemDiskRoot%\Program Files\Windows Media Player\wmpnetwk.exe
wscsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
WSearch [Microsoft Corporation] : %SYSDIR%\SearchIndexer.exe
wuauserv [Microsoft Corporation] : %SYSDIR%\svchost.exe
WudfPf [Microsoft Corporation] : %SYSDIR%\drivers\WUDFPf.sys
wudfsvc [Microsoft Corporation] : %SYSDIR%\svchost.exe
------
geladene Bibliotheken
------
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ntdll.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\kernel32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\KERNELBASE.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\advapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\msvcrt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\sechost.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\rpcrt4.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\sspicli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\CRYPTBASE.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wtsapi32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\shell32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\shlwapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\gdi32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\user32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\lpk.dll
Microsoft(R) Uniscribe Unicode script processor [Microsoft Corporation] : %SYSDIR32%\usp10.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\userenv.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\profapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\setupapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cfgmgr32.dll
[Microsoft Corporation]%SYSDIR32%\oleaut32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ole32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\devobj.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wintrust.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\crypt32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\msasn1.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\imm32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\msctf.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ntmarta.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\Wldap32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cryptsp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\rsaenh.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\imagehlp.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ncrypt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\bcrypt.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\bcryptprimitives.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\gpapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\apphelp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\winsta.dll
BitDefender® AntiVirus [BitDefender S.R.L. Bucharest, ROMANIA] : %PROGRAMFILES%\Bitdefender\Bitdefender\Active Virus Control\Avc3_00244_002\avcuf32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\clbcatq.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\msdmo.dll
On screen display [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\micmute6.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\oleacc.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\winspool.drv
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\MMDevAPI.dll
Windows® Search [Microsoft Corporation] : %SYSDIR32%\propsys.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\AudioSes.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ws2_32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\nsi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\IPHLPAPI.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\winnsi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\dnsapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\winhttp.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\webio.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\SensApi.dll
Microsoft(R) MSXML 6.0 SP3 [Microsoft Corporation] : %SYSDIR32%\msxml6.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\RpcRtRemote.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\cryptnet.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\uxtheme.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\dwmapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\winmm.dll
On screen display [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\TPOSDSVC.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\secur32.dll
On screen display [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\HKVOLKEY.dll
On screen display [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\TPLHMM.dll
On screen display [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\HOTKEY\tpnumlkd.dll
ThinkVantage Communications Utility [Lenovo Group Limited] : %PROGRAMFILES%\Lenovo\Communications Utility\TPKNRDLL.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\version.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\shfolder.dll
Microsoft® Visual Studio® 2010 [Microsoft Corporation] : %PROGRAMFILES32%\Mozilla Firefox\msvcr100.dll
Firefox [Mozilla Foundation] : %PROGRAMFILES32%\Mozilla Firefox\mozglue.dll
Microsoft® Visual Studio® 2010 [Microsoft Corporation] : %PROGRAMFILES32%\Mozilla Firefox\msvcp100.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\msimg32.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\urlmon.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\iertutil.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\wininet.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\normaliz.dll
Microsoft® .NET Framework [Microsoft Corporation] : %SYSDIR32%\mscoree.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
Microsoft® Visual Studio® 2005 [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System\bc0a0a6cbb94b5b551d32cdaddeecbf8\System.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2ae28fddee1c753dbffa6bc7ee361715\System.Web.Services.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.Drawing\249fc89df18871ad416f63ea0d6c1dc2\System.Drawing.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5fcae50235c8e3a190a2363063558251\System.Windows.Forms.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.Deployment\1da791eea77552cd1c98ff252ec9ba7f\System.Deployment.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
System.Data.SQLite : %PROGRAMFILES32%\WinZip Malware Protector\System.Data.SQLite.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.Data\3b47f4a4b4f8f69609558cdff0a0feb5\System.Data.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.Transactions\c8a26c74dc68bcea0e398b6b88d340c7\System.Transactions.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.Xml\a3e8c1670c0e281a4fed37dd4316cb41\System.Xml.ni.dll
Xceed Zip for .NET [Xceed Software Inc.] : %PROGRAMFILES32%\WinZip Malware Protector\Xceed.Compression.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.Configuration\065a4e76247240651a5c6ce574eb885f\System.Configuration.ni.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\6d1167d8b485258afc9780fb6f207073\System.EnterpriseServices.ni.dll
Licmgr Dynamic Link Library : %PROGRAMFILES32%\WinZip Malware Protector\aspsys.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\comdlg32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\sfc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\sfc_os.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\netapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\netutils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\srvcli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wkscli.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\inetmib1.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\snmpapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\ieframe.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\psapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\sxs.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\WindowsCodecs.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\mshtml.dll
Xceed Zip for .NET [Xceed Software Inc.] : %PROGRAMFILES32%\WinZip Malware Protector\Xceed.Zip.dll
Xceed Zip for .NET [Xceed Software Inc.] : %PROGRAMFILES32%\WinZip Malware Protector\Xceed.FileSystem.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\wbem\wmiutils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbemcomn.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbem\wbemprox.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v2.0.50727\wminet_utils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbem\wbemsvc.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wbem\fastprox.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\ntdsapi.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\msimtf.dll
Microsoft® Line Services [Microsoft Corporation] : %SYSDIR32%\msls31.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\d2d1.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\DWrite.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\dxgi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\d3d10_1.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\d3d10_1core.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\D3D10Warp.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\mlang.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\jscript9.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\rasapi32.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\rasman.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\rtutils.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\windowscodecsext.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\dxtrans.dll
Microsoft (R) Visual C++ [Microsoft Corporation] : %SYSDIR32%\atl.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\ddrawex.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\ddraw.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\dciman32.dll
Windows® Internet Explorer [Microsoft Corporation] : %SYSDIR32%\dxtmsft.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\26c2405ea9b5b5b7d2e1cb560b40af37\System.ServiceProcess.ni.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\mswsock.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\WSHTCPIP.DLL
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\wship6.dll
TaskService [CodePlex Community] : %PROGRAMFILES32%\WinZip Malware Protector\Microsoft.Win32.TaskScheduler.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\taskschd.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\credssp.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\dhcpcsvc.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\dhcpcsvc6.DLL
Microsoft® CoReXT [Microsoft Corp.] : %COMMONFILES32%\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\rasadhlp.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
Microsoft® Visual Studio® 2005 [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
Microsoft XML Core Services [Microsoft Corporation] : %SYSDIR32%\xmllite.dll
HTMLayout [Terra Informatica Software, Inc., British Columbia, Canada.] : %PROGRAMFILES%\Bitdefender\Bitdefender\antispam32\htmlayout.dll
tinyxmlx Dynamic Link Library : %PROGRAMFILES%\Bitdefender\Bitdefender\antispam32\txmlutil.dll
Microsoft® Visual Studio® 2010 [Microsoft Corporation] : %PROGRAMFILES%\Bitdefender\Bitdefender\antispam32\msvcr100.dll
Microsoft® Visual Studio® 2010 [Microsoft Corporation] : %PROGRAMFILES%\Bitdefender\Bitdefender\antispam32\msvcp100.dll
Bitdefender 2014 [Bitdefender] : %PROGRAMFILES%\Bitdefender\Bitdefender\antispam32\bdsecurepass.dll
[Microsoft Corporation]%SYSDIR32%\olepro32.dll
Spyware Terminator 2011 [Crawler.com] : %PROGRAMFILES32%\Spyware Terminator\TorrentDll.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\nlaapi.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\AppPatch\AcLayers.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\mpr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\AppPatch\acwow64.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\tapi32.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\oledlg.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\msvfw32.dll
Microsoft® Visual Studio® 2010 [Microsoft Corporation] : %SYSDIR32%\MSVCR100_CLR0400.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\Microsoft.NET\Framework\v4.0.30319\fusion.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\msidle.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\powrprof.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %WINDIR%\AppPatch\AcGenral.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\samcli.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\msacm32.dll
[ ] : %PROGRAMFILES32%\Lenovo\System Update\TvsuServiceCommon.dll
Microsoft® .NET Framework [Microsoft Corporation] : %WINDIR%\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\wsock32.dll
StatusStrings Link Library [Intel Corporation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
Xerces-C Version 2.7.0 [Apache Software Foundation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
DTMessageLib.dll. [Intel Corporation] : %PROGRAMFILES32%\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\NapiNSP.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\pnrpnsp.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\winrnr.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\wshbth.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\FWPUCLNT.DLL
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\explorerframe.dll
Microsoft® Windows® Operating System [Microsoft Corporation] : %SYSDIR32%\duser.dll
Betriebssystem Microsoft® Windows® [Microsoft Corporation] : %SYSDIR32%\dui70.dll
------
Report Ende
------
Code:
ATTFilter Produkt:Bitdefender Total Security Scan-Aufgabe:Geräte-Scan Protokollpfad:
Nach Viren suchen:Ja Nach Adware suchen:Ja Nach Spyware suchen:Ja Nach Anwendungen suchen:Ja Nach Dialern suchen:Ja Nach Rootkits suchen:Nein Nach Keyloggern suchen:Ja
Gescannte Objekte:8(es konnten keine Objekte gescannt werden) Infizierte Objekte:0(es wurden keine infizierten Objekte gefunden) Verdächtige Objekte:0(es wurden keine verdächtigen Objekte gefunden) Geklärte Objekte:0(infizierte oder verdächtige Objekte sind gefunden worden, und wurden ignoriert oder konnten nicht repariert werden)(während dieses Scans wurden keine Bedrohungen gefunden) Ungeklärte Objekte:0(keine ungelösten Probleme)
Virensignaturen:11885156
Registry-Schlüssel scannen:Nein Cookies scannen:Nein Scan boot sectors:Nein Speicherprozesse scannen:Nein Archive scannen:Ja Laufzeitpacker scannen:Ja E-Mails scannen:Ja Heuristischer Scan:Ja Dateitypen:Alle Dateien scannen Ausgeschlossene Dateiendungen:;
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:08 on 13/06/2014
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
Ran by Marie at 2014-06-13 11:13:55
Running from C:\Users\Marie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
Registry Patch to arrange icons in Device and Printers folder of Windows 7 (HKLM\...\W7DevOR) (Version: 1.00 - )
Access Help (HKLM-x32\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.00 - Lenovo)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.10.00 - )
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.28.0.1191 - Bitdefender)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant CX20582 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.126.0.64 - Conexant)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Integrated Camera Driver Installer Package Ver.1.0.1.8 (HKLM-x32\...\{C3CD17B4-08B0-492D-8A4C-81716D33E520}) (Version: 1.0.1.8 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.8.601 - Chicony Electronics Co.,Ltd.)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.02 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5802.24 - PC-Doctor, Inc.)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0004.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband (HKLM-x32\...\{4330AAE7-1893-42F9-BC38-539A1A60530B}) (Version: 3.6.0034 - Lenovo)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0032 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.2500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.30 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.60.0.4 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.19.0 - )
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.1 - REALTEK Semiconductor Corp.)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 1.43 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.74 - Lenovo)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) (HKLM\...\114EB224AD576F278686036AA9E1EFB7847E3935) (Version: 11/18/2009 1.60.0.4 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
==================== Restore Points =========================
09-06-2014 09:37:25 Windows Update
09-06-2014 09:43:36 Windows Update
10-06-2014 21:21:20 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
10-06-2014 21:22:21 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
10-06-2014 21:24:41 OpenOffice 4.1.0 wird installiert
11-06-2014 21:15:25 Windows Update
13-06-2014 08:50:36 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {4576468F-3B74-49EF-B7CA-C9CC0A675EE7} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-04-01] (PC-Doctor, Inc.)
Task: {B76894DA-A8C6-4ED6-BE96-F3F9121AC634} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {BDE9EA22-B737-42BF-B38F-31C058350B2F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2010-08-24] (Lenovo Group Limited)
Task: {D66862B0-249B-40DD-A7DE-B3A99F1986A2} - System32\Tasks\PCDEventLauncher => C:\PROGRAM FILES\PC-DOCTOR\sessionchecker.exe [2011-04-01] (PC-Doctor, Inc.)
Task: {DA5534B6-315F-43AD-A883-838511D747DC} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {E74AC70E-104C-4FB2-B552-E687542A6010} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-04-01] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2014-06-09 12:15 - 2013-06-19 12:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-06-09 12:15 - 2014-05-26 19:03 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-06-09 12:15 - 2011-11-14 20:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-06-09 12:15 - 2014-05-26 19:03 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-06-09 12:24 - 2014-06-09 12:24 - 00775936 _____ () C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\otengines_00044_002\ashttpbr.mdl
2014-06-09 12:24 - 2014-06-09 12:24 - 00568400 _____ () C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\otengines_00044_002\ashttpdsp.mdl
2014-06-09 12:24 - 2014-06-09 12:24 - 02598560 _____ () C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\otengines_00044_002\ashttpph.mdl
2014-06-09 12:24 - 2014-06-09 12:24 - 01321872 _____ () C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\otengines_00044_002\ashttprbl.mdl
2014-06-11 00:20 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2009-08-03 03:53 - 2009-08-03 03:53 - 00027648 _____ () C:\Windows\System32\sso2ml6.dll
2014-06-09 12:15 - 2013-03-25 16:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2011-06-24 09:33 - 2010-08-24 20:30 - 00047616 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-07-06 14:22 - 2010-07-06 14:22 - 00173344 _____ () C:\PROGRAM FILES\THINKPAD\BLUETOOTH SOFTWARE\btkeyind.dll
2011-06-24 18:50 - 2011-03-24 12:48 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2014-06-11 00:22 - 2013-10-04 06:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2009-05-27 22:09 - 2009-05-27 22:09 - 00049976 _____ () C:\PROGRAM FILES (X86)\LENOVO\MESSAGE CENTER PLUS\MCPLAUNCH.EXE
2014-06-13 11:06 - 2014-06-13 11:06 - 00050477 _____ () C:\USERS\MARIE\DESKTOP\DEFOGGER.EXE
2014-06-09 12:15 - 2014-03-15 01:05 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-06-09 13:16 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-11 23:45 - 2014-06-11 23:45 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
2009-05-27 22:09 - 2009-05-27 22:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2014-06-13 10:53 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-06-13 10:53 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2014-06-13 10:53 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL
2014-06-13 11:06 - 2014-06-13 11:06 - 00050477 _____ () C:\Users\Marie\Desktop\Defogger.exe
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Marie\Desktop\Defogger.exe:BDU
AlternateDataStreams: C:\Users\Marie\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Marie\Downloads\Defogger.exe:BDU
AlternateDataStreams: C:\Users\Marie\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Marie\Downloads\OpenOffice - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\Marie\Downloads\SamsungUniversalPrintDriver2.exe:BDU
AlternateDataStreams: C:\Users\Marie\Downloads\UniversalScanDriver_V1.02.19.exe:BDU
AlternateDataStreams: C:\Users\Marie\Downloads\VLC media player 32 Bit - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\Marie\Downloads\wzmp_8.exe:BDU
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/13/2014 10:47:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/13/2014 10:46:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:46:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices.Protocols, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:46:54 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:46:54 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Web.RegularExpressions, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:46:54 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Web, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=x86" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:43:06 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4 Client Profile - Update "KB2898855v2" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Windows\TEMP\KB2898855v2_20140613_104247642-Microsoft .NET Framework 4 Client Profile-MSP0.txt enthalten.
Error: (06/13/2014 10:43:06 AM) (Source: MsiInstaller) (EventID: 11719) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4 Client Profile -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.
Error: (06/13/2014 10:43:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NDP40-KB2898855-v2-x64.exe, Version: 10.0.30319.1022, Zeitstempel: 0x476b6aa0
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x721571fc
ID des fehlerhaften Prozesses: 0x1238
Startzeit der fehlerhaften Anwendung: 0xNDP40-KB2898855-v2-x64.exe0
Pfad der fehlerhaften Anwendung: NDP40-KB2898855-v2-x64.exe1
Pfad des fehlerhaften Moduls: NDP40-KB2898855-v2-x64.exe2
Berichtskennung: NDP40-KB2898855-v2-x64.exe3
Error: (06/13/2014 10:43:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UNS.exe, Version: 6.0.0.1189, Zeitstempel: 0x4af1f33e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x721571fc
ID des fehlerhaften Prozesses: 0x1108
Startzeit der fehlerhaften Anwendung: 0xUNS.exe0
Pfad der fehlerhaften Anwendung: UNS.exe1
Pfad des fehlerhaften Moduls: UNS.exe2
Berichtskennung: UNS.exe3
System errors:
=============
Error: (06/13/2014 10:46:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (06/13/2014 10:43:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2604121)
Error: (06/13/2014 10:43:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (06/13/2014 10:43:11 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2862973)
Error: (06/13/2014 10:43:11 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2898855)
Error: (06/13/2014 10:43:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management & Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2014 10:43:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "System Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2014 10:43:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SeaPort" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/13/2014 10:43:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/13/2014 10:43:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo Auto Scroll" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (06/13/2014 10:47:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/13/2014 10:46:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:46:55 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices.Protocols, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:46:54 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:46:54 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Web.RegularExpressions, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:46:54 AM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Web, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=x86" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (06/13/2014 10:43:06 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Microsoft .NET Framework 4 Client ProfileKB2898855v21603C:\Windows\TEMP\KB2898855v2_20140613_104247642-Microsoft .NET Framework 4 Client Profile-MSP0.txt(NULL)(NULL)
Error: (06/13/2014 10:43:06 AM) (Source: MsiInstaller) (EventID: 11719) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft .NET Framework 4 Client Profile -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (06/13/2014 10:43:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NDP40-KB2898855-v2-x64.exe10.0.30319.1022476b6aa0unknown0.0.0.000000000c0000005721571fc123801cf86e3722ba067C:\Windows\SoftwareDistribution\Download\Install\NDP40-KB2898855-v2-x64.exeunknownbc89619e-f2d6-11e3-a5d7-ec55f9f97623
Error: (06/13/2014 10:43:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: UNS.exe6.0.0.11894af1f33eunknown0.0.0.000000000c0000005721571fc110801cf85ba0de319f6C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exeunknownbbf36aec-f2d6-11e3-a5d7-ec55f9f97623
==================== Memory info ===========================
Percentage of memory in use: 78%
Total physical RAM: 3892.55 MB
Available physical RAM: 847.16 MB
Total Pagefile: 7783.28 MB
Available Pagefile: 4435.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:80.73 GB) (Free:50.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Dateien) (Fixed) (Total:374.09 GB) (Free:175.01 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:9.77 GB) (Free:2.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: A4459184)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=81 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=374 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Und der MBAM-Scan Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10.06.2014 Scan Time: 08:44:04 Logfile: MBAM log.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.06.10.02 Rootkit Database: v2014.06.02.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Marie Scan Type: Threat Scan Result: Completed Objects Scanned: 256319 Time Elapsed: 12 min, 57 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Vielen Dank für die Antwort, ich hoffe, die Analyse geht jetzt etwas einfacher. ;-) |
|
15.06.2014, 19:39
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung In dem von dir geposteten Log von Spyware Terminator seh ich nichts von Trojan.ExOptions.Gen. Poste bitte die Logs mit Funden.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.06.2014, 23:05
| #5 |
| | Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung Hallo cosinus, danke für die Antwort und Deine Hilfe. :-) Laut dem "Gefahrenreport" von Spyware-Terminator befindet sich das Problem an folgenden Orten: Code:
ATTFilter HKLM\SOFTWARE\WindowsNT\Current Version\Image File Exectuion Options\bdagent.exe
HKLM\SOFTWARE\WindowsNT\Current Version\Image File Exectuion Options\bdwizreg.exe
HKLM\SOFTWARE\WindowsNT\Current Version\Image File Exectuion Options\seccenter.exe
HKLM\SOFTWARE\WindowsNT\Current Version\Image File Exectuion Options\vsserv.exe
|
|
19.06.2014, 10:59
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung Das FRST Log fehlt auch, bitte nachreichen, du hast nur die addtion.txt von FRST gepostet
__________________ --> Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung |
|
20.06.2014, 07:44
| #7 |
| | Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung Hallo cosinus, hier ist das FRST-Log: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Marie (administrator) on BLACKPEARL on 13-06-2014 11:12:26
Running from C:\Users\Marie\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.8.150\McUICnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.8.150\McCHSvc.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
() C:\Users\Marie\Desktop\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [69568 2009-12-21] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [54632 2011-01-14] (Lenovo Group Limited)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-05-21] (Bitdefender)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\pmbxag.exe [568400 2014-05-20] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\pwdmanui.exe [1002048 2014-04-09] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\antispam32\bdapppassmgr.exe [614744 2014-04-09] (Bitdefender)
HKU\S-1-5-21-2850052354-3501707940-3444135315-1000\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-20] (Bitdefender)
HKU\S-1-5-21-2850052354-3501707940-3444135315-1000\...\Run: [Bitdefender-Geldbörse] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-04-09] (Bitdefender)
HKU\S-1-5-21-2850052354-3501707940-3444135315-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-04-09] (Bitdefender)
HKU\S-1-5-21-2850052354-3501707940-3444135315-1000\...\MountPoints2: {5d53963c-9e31-11e0-8d18-806e6f6e6963} - Q:\LenovoQDrive.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {3EF2BAFF-F925-4664-8D97-CDD7C89714EA} URL =
BHO: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\sbcsjq09.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ []
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-06-09]
==================== Services (Whitelisted) =================
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 SUService; c:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-03-15] (Lenovo Group Limited) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-21] (Bitdefender)
==================== Drivers (Whitelisted) ====================
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-06-09] (Windows (R) Win 7 DDK provider)
R1 TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [13104 2010-08-24] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-13 11:12 - 2014-06-13 11:13 - 00013558 _____ () C:\Users\Marie\Desktop\FRST.txt
2014-06-13 11:11 - 2014-06-13 11:12 - 00000000 ____D () C:\FRST
2014-06-13 11:10 - 2014-06-13 11:10 - 02081792 _____ (Farbar) C:\Users\Marie\Downloads\FRST64.exe
2014-06-13 11:10 - 2014-06-13 11:10 - 02081792 _____ (Farbar) C:\Users\Marie\Desktop\FRST64.exe
2014-06-13 11:08 - 2014-06-13 11:08 - 00000472 _____ () C:\Users\Marie\Desktop\defogger_disable.log
2014-06-13 11:08 - 2014-06-13 11:08 - 00000000 _____ () C:\Users\Marie\defogger_reenable
2014-06-13 11:06 - 2014-06-13 11:06 - 00050477 _____ () C:\Users\Marie\Downloads\Defogger.exe
2014-06-13 11:06 - 2014-06-13 11:06 - 00050477 _____ () C:\Users\Marie\Desktop\Defogger.exe
2014-06-13 10:54 - 2014-06-13 10:54 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-06-13 10:54 - 2014-06-13 10:54 - 00001204 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-06-13 10:54 - 2014-06-13 10:54 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Nico Mak Computing
2014-06-13 10:54 - 2014-06-13 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-06-13 10:53 - 2014-06-13 10:54 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-06-13 10:53 - 2014-06-13 10:53 - 04892480 _____ (WinZip International LLC ) C:\Users\Marie\Downloads\wzmp_8.exe
2014-06-13 10:53 - 2014-06-13 10:53 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-06-13 10:53 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-06-13 10:50 - 2014-06-13 10:50 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Macromedia
2014-06-13 10:50 - 2014-06-13 10:50 - 00000000 ____D () C:\Users\Marie\AppData\Local\Macromedia
2014-06-11 23:45 - 2014-06-11 23:45 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-11 23:45 - 2014-06-11 23:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 23:45 - 2014-06-11 23:45 - 00002181 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-11 23:45 - 2014-06-11 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:45 - 2014-06-11 23:45 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-11 23:45 - 2014-06-11 23:45 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-11 23:45 - 2014-06-11 23:45 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-06-11 23:44 - 2014-06-11 23:44 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-11 23:44 - 2014-06-11 23:44 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-11 23:35 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-06-11 23:35 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-06-11 23:35 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-06-11 23:35 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-06-11 23:35 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-06-11 23:35 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-06-11 23:35 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-06-11 23:35 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-06-11 23:26 - 2014-06-11 23:26 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\dvdcss
2014-06-11 23:23 - 2014-06-11 23:26 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\vlc
2014-06-11 23:22 - 2014-06-11 23:22 - 00001081 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-11 23:22 - 2014-06-11 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-11 23:22 - 2014-06-11 23:22 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-11 23:20 - 2014-06-11 23:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marie\Downloads\VLC media player 32 Bit - CHIP-Installer.exe
2014-06-11 01:06 - 2014-06-13 10:50 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Adobe
2014-06-11 01:06 - 2014-06-11 23:45 - 00000000 ____D () C:\Users\Marie\AppData\Local\Adobe
2014-06-11 00:34 - 2014-06-11 00:34 - 00000000 ____D () C:\Users\Marie\Documents\Fax
2014-06-11 00:25 - 2013-09-02 04:57 - 00155696 _____ () C:\Windows\WIAINST64.EXE
2014-06-11 00:24 - 2014-06-11 00:24 - 00000000 ____D () C:\Windows\twain_64
2014-06-11 00:22 - 2014-06-11 00:22 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-06-11 00:22 - 2013-10-04 07:31 - 00579072 _____ () C:\Windows\system32\SNWIAUI.dll
2014-06-11 00:22 - 2013-10-04 06:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2014-06-11 00:22 - 2013-10-04 06:53 - 00155136 _____ () C:\Windows\system32\SnImgFlt.dll
2014-06-11 00:22 - 2013-10-04 06:52 - 00068096 _____ () C:\Windows\system32\SnErHdlr.dll
2014-06-11 00:22 - 2012-12-10 04:09 - 00120846 _____ () C:\Windows\system32\WIAEXSTR.loc
2014-06-11 00:22 - 2012-03-14 01:58 - 00166640 _____ (TWAIN Working Group) C:\Windows\system32\TWAINDSM.dll
2014-06-11 00:22 - 2012-03-14 01:58 - 00148728 _____ (TWAIN Working Group) C:\Windows\SysWOW64\TWAINDSM.dll
2014-06-11 00:22 - 2012-02-09 09:20 - 00355840 _____ (Samsung Electronics) C:\Windows\system32\snWIAMUI.dll
2014-06-11 00:21 - 2014-06-11 00:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2014-06-11 00:21 - 2014-06-11 00:21 - 00000040 _____ () C:\Autoconfig.ini
2014-06-11 00:21 - 2014-06-11 00:21 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-11 00:20 - 2014-06-11 00:22 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-11 00:20 - 2013-06-01 07:13 - 01571160 ____N () C:\Windows\TotalUninstaller.exe
2014-06-11 00:20 - 2013-05-10 11:48 - 00162136 _____ () C:\Windows\system32\spe__ci.exe
2014-06-11 00:20 - 2012-11-17 10:28 - 00000357 _____ () C:\Windows\system32\spe__l.smt
2014-06-11 00:20 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\system32\spe__l.dll
2014-06-11 00:20 - 2010-10-20 10:46 - 00089600 _____ (SS) C:\Windows\system32\spe__ci.dll
2014-06-11 00:19 - 2014-06-11 00:20 - 23580208 _____ () C:\Users\Marie\Downloads\UniversalScanDriver_V1.02.19.exe
2014-06-11 00:19 - 2014-06-11 00:20 - 21335600 _____ () C:\Users\Marie\Downloads\SamsungUniversalPrintDriver2.exe
2014-06-10 23:38 - 2014-06-10 23:38 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\OpenOffice
2014-06-10 23:26 - 2014-06-10 23:26 - 00001192 _____ () C:\Users\Marie\Desktop\OpenOffice 4.1.0.lnk
2014-06-10 23:26 - 2014-06-10 23:26 - 00000000 ___SD () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-10 23:25 - 2014-06-10 23:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-10 23:21 - 2014-06-10 23:21 - 00000000 ____D () C:\Users\Marie\Desktop\OpenOffice 4.1.0 (de) Installation Files
2014-06-10 23:16 - 2014-06-10 23:17 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marie\Downloads\OpenOffice - CHIP-Installer.exe
2014-06-10 09:58 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-10 09:58 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-06-10 09:58 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-06-10 09:58 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-06-10 09:58 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-06-10 09:58 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-06-10 09:58 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-06-10 09:58 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-06-10 09:58 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-06-10 09:58 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-06-10 09:58 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-06-10 09:58 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-06-10 09:58 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-06-10 09:58 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-06-10 09:58 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-06-10 09:58 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-06-10 09:58 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-06-10 09:58 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-06-10 09:58 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-06-10 09:58 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-06-10 09:58 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-06-10 09:58 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-06-10 09:58 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-06-10 09:57 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-06-10 09:36 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-10 09:36 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-10 09:36 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-06-10 09:36 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-06-10 09:36 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-10 09:36 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-10 09:36 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-10 09:36 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-06-10 09:36 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-06-10 09:36 - 2013-03-19 07:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-10 09:36 - 2013-03-19 06:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-06-10 09:36 - 2013-03-19 05:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-10 09:35 - 2012-11-30 01:17 - 00420064 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-10 09:35 - 2012-11-30 01:15 - 00420064 _____ () C:\Windows\system32\locale.nls
2014-06-10 09:35 - 2012-08-11 02:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-10 09:35 - 2012-08-11 01:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-10 09:35 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-06-10 09:35 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-06-10 09:35 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-06-10 09:33 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-10 09:33 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-10 09:33 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-10 09:33 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-06-10 09:33 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-06-10 09:32 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-10 09:32 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-10 09:32 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-10 09:32 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-06-10 09:32 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-10 09:32 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-06-10 09:31 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-10 09:31 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-06-10 09:31 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-10 09:31 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-10 09:31 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-06-10 09:31 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-06-10 09:31 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-10 09:31 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-06-10 09:31 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-06-10 09:30 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-10 09:30 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-10 09:30 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-10 09:30 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-10 09:30 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-10 09:30 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-10 09:30 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-10 09:30 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-10 09:30 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-10 09:30 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-10 09:30 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-10 09:30 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-10 09:30 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-10 09:30 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-10 09:30 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-10 09:30 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-10 09:30 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-10 09:30 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-10 09:30 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-10 09:30 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-06-10 09:30 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-06-10 09:30 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-06-10 09:30 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-06-10 09:30 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-06-10 09:30 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-10 09:30 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-06-10 09:30 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-06-10 09:30 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-06-10 09:30 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-06-10 09:30 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-06-10 09:30 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-06-10 09:30 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-06-10 09:29 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-06-10 09:29 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-06-10 09:29 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-06-10 09:29 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-06-10 09:29 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-06-10 09:29 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-06-10 09:29 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-06-10 09:29 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-06-10 09:29 - 2013-08-27 11:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-10 09:29 - 2013-08-27 11:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-10 09:29 - 2013-08-27 10:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-10 09:29 - 2013-05-13 07:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-10 09:29 - 2013-05-13 07:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-10 09:29 - 2013-05-13 07:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-06-10 09:29 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-06-10 09:29 - 2013-05-13 06:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-10 09:29 - 2013-05-13 06:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-06-10 09:29 - 2013-05-13 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-06-10 09:29 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-06-10 09:29 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-06-10 09:29 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-06-10 09:28 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-10 09:28 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-10 09:28 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-06-10 09:28 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-06-10 09:28 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-10 09:28 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-06-10 09:28 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-06-10 09:28 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-06-10 09:28 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-06-10 09:28 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-06-10 09:28 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-06-10 09:28 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-10 09:27 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-06-10 09:27 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-10 09:27 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-06-10 09:27 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-06-10 09:27 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-10 09:27 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-06-10 09:27 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-06-10 09:27 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-06-09 13:16 - 2014-06-09 13:17 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Mozilla
2014-06-09 13:16 - 2014-06-09 13:17 - 00000000 ____D () C:\Users\Marie\AppData\Local\Mozilla
2014-06-09 13:16 - 2014-06-09 13:16 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-09 13:16 - 2014-06-09 13:16 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-09 13:16 - 2014-06-09 13:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-09 13:16 - 2014-06-09 13:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 12:38 - 2014-06-10 08:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 12:38 - 2014-06-09 12:38 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-09 12:38 - 2014-06-09 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-09 12:38 - 2014-06-09 12:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 12:38 - 2014-06-09 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-09 12:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-09 12:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-09 12:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-09 12:18 - 2014-06-10 09:58 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-06-09 12:18 - 2014-06-09 12:19 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-06-09 12:18 - 2014-06-09 12:18 - 05049344 _____ (Crawler.com ) C:\Users\Marie\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-06-09 12:18 - 2014-06-09 12:18 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-06-09 12:18 - 2014-06-09 12:18 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Spyware Terminator
2014-06-09 12:18 - 2014-06-09 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-06-09 12:16 - 2014-06-09 12:16 - 00758821 _____ () C:\ProgramData\1402308469.bdinstall.bin
2014-06-09 12:16 - 2014-06-09 12:16 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-06-09 12:16 - 2014-06-09 12:16 - 00000385 _____ () C:\Users\Marie\AppData\Roaminguser_gensett.xml
2014-06-09 12:15 - 2014-06-09 12:16 - 00000000 ____D () C:\ProgramData\BDLogging
2014-06-09 12:15 - 2014-06-09 12:15 - 00002201 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-06-09 12:15 - 2014-06-09 12:15 - 00002082 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-06-09 12:15 - 2014-06-09 12:15 - 00000684 ____H () C:\bdr-cf01
2014-06-09 12:15 - 2014-06-09 12:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-06-09 12:15 - 2014-06-09 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-06-09 12:15 - 2013-12-02 12:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-06-09 12:15 - 2013-12-02 12:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-06-09 12:15 - 2013-11-13 16:41 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-06-09 12:15 - 2013-11-04 16:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-06-09 12:15 - 2013-11-04 16:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-06-09 12:15 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-06-09 12:15 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-06-09 12:15 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-06-09 12:10 - 2014-06-09 12:16 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Bitdefender
2014-06-09 12:10 - 2014-06-09 12:15 - 00253404 ____H () C:\bdr-ld01
2014-06-09 12:10 - 2014-06-09 12:15 - 00009216 ____H () C:\bdr-ld01.mbr
2014-06-09 12:10 - 2013-09-24 16:38 - 46879860 ____H () C:\bdr-im01.gz
2014-06-09 12:10 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2014-06-09 12:08 - 2014-06-09 12:46 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-06-09 12:08 - 2014-06-09 12:16 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-06-09 12:08 - 2014-06-09 12:10 - 00000000 ____D () C:\Program Files\Bitdefender
2014-06-09 12:08 - 2013-11-04 16:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-06-09 12:08 - 2013-11-04 16:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-06-09 12:08 - 2013-08-23 13:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-06-09 12:08 - 2013-08-07 13:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-06-09 12:07 - 2014-06-09 12:08 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-06-09 12:07 - 2014-06-09 12:07 - 07304560 _____ () C:\Users\Marie\Downloads\bitdefender_tsecurity.exe
2014-06-09 12:07 - 2014-06-09 12:07 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\QuickScan
2014-06-09 11:58 - 2014-06-09 11:58 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Marie\Downloads\avira_de_av_4010898176__ws.exe
2014-06-09 11:50 - 2014-06-09 11:50 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\PCDr
2014-06-09 11:46 - 2014-06-09 11:46 - 00000000 ____D () C:\Users\Marie\Documents\Bluetooth-Exchange-Ordner
2014-06-09 11:46 - 2014-06-09 11:46 - 00000000 ____D () C:\Users\Marie\AppData\Local\Broadcom
2014-06-09 11:43 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-06-09 11:43 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-06-09 11:43 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-06-09 11:41 - 2014-06-13 10:47 - 00000000 ___RD () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-09 11:41 - 2014-06-13 10:47 - 00000000 ___RD () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-09 11:41 - 2014-06-11 23:13 - 00063568 _____ () C:\Users\Marie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-09 11:41 - 2014-06-09 11:41 - 00001454 _____ () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-09 11:41 - 2014-06-09 11:41 - 00001420 _____ () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-09 11:41 - 2014-06-09 11:41 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Leadertech
2014-06-09 11:41 - 2014-06-09 11:41 - 00000000 ____D () C:\Users\Marie\AppData\Local\VirtualStore
2014-06-09 11:38 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-09 11:38 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-06-09 11:37 - 2014-06-13 11:13 - 00000000 ____D () C:\Users\Marie\AppData\Local\Temp
2014-06-09 11:37 - 2014-06-13 11:08 - 00000000 ____D () C:\Users\Marie
2014-06-09 11:37 - 2014-06-13 11:04 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-06-09 11:37 - 2014-06-11 23:35 - 00003496 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-06-09 11:37 - 2014-06-11 23:35 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-09 11:37 - 2014-06-09 11:45 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-09 11:37 - 2014-06-09 11:37 - 00004236 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-06-09 11:37 - 2014-06-09 11:37 - 00000020 ___SH () C:\Users\Marie\ntuser.ini
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Vorlagen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Startmenü
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Netzwerkumgebung
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Lokale Einstellungen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Eigene Dateien
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Druckumgebung
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Documents\Eigene Musik
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Documents\Eigene Bilder
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\AppData\Local\Verlauf
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\AppData\Local\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-09 11:37 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-09 11:37 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-06-09 11:37 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-06-09 11:37 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-06-09 11:37 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-06-09 11:37 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-06-09 11:37 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-06-09 11:37 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-09 11:37 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
==================== One Month Modified Files and Folders =======
2014-06-13 11:13 - 2014-06-13 11:12 - 00013558 _____ () C:\Users\Marie\Desktop\FRST.txt
2014-06-13 11:13 - 2014-06-09 11:37 - 00000000 ____D () C:\Users\Marie\AppData\Local\Temp
2014-06-13 11:12 - 2014-06-13 11:11 - 00000000 ____D () C:\FRST
2014-06-13 11:12 - 2011-06-24 09:16 - 01335219 _____ () C:\Windows\WindowsUpdate.log
2014-06-13 11:10 - 2014-06-13 11:10 - 02081792 _____ (Farbar) C:\Users\Marie\Downloads\FRST64.exe
2014-06-13 11:10 - 2014-06-13 11:10 - 02081792 _____ (Farbar) C:\Users\Marie\Desktop\FRST64.exe
2014-06-13 11:08 - 2014-06-13 11:08 - 00000472 _____ () C:\Users\Marie\Desktop\defogger_disable.log
2014-06-13 11:08 - 2014-06-13 11:08 - 00000000 _____ () C:\Users\Marie\defogger_reenable
2014-06-13 11:08 - 2014-06-09 11:37 - 00000000 ____D () C:\Users\Marie
2014-06-13 11:08 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 11:08 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 11:06 - 2014-06-13 11:06 - 00050477 _____ () C:\Users\Marie\Downloads\Defogger.exe
2014-06-13 11:06 - 2014-06-13 11:06 - 00050477 _____ () C:\Users\Marie\Desktop\Defogger.exe
2014-06-13 11:04 - 2014-06-09 11:37 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-06-13 10:54 - 2014-06-13 10:54 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-06-13 10:54 - 2014-06-13 10:54 - 00001204 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-06-13 10:54 - 2014-06-13 10:54 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Nico Mak Computing
2014-06-13 10:54 - 2014-06-13 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-06-13 10:54 - 2014-06-13 10:53 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-06-13 10:53 - 2014-06-13 10:53 - 04892480 _____ (WinZip International LLC ) C:\Users\Marie\Downloads\wzmp_8.exe
2014-06-13 10:53 - 2014-06-13 10:53 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-06-13 10:52 - 2011-06-24 19:00 - 00654166 _____ () C:\Windows\system32\perfh007.dat
2014-06-13 10:52 - 2011-06-24 19:00 - 00130006 _____ () C:\Windows\system32\perfc007.dat
2014-06-13 10:52 - 2009-07-14 07:13 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-13 10:50 - 2014-06-13 10:50 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Macromedia
2014-06-13 10:50 - 2014-06-13 10:50 - 00000000 ____D () C:\Users\Marie\AppData\Local\Macromedia
2014-06-13 10:50 - 2014-06-11 01:06 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Adobe
2014-06-13 10:47 - 2014-06-09 11:41 - 00000000 ___RD () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-13 10:47 - 2014-06-09 11:41 - 00000000 ___RD () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-13 10:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-13 10:46 - 2009-07-14 06:51 - 00046908 _____ () C:\Windows\setupact.log
2014-06-13 10:45 - 2009-07-14 06:45 - 00293320 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-13 10:42 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-11 23:45 - 2014-06-11 23:45 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-11 23:45 - 2014-06-11 23:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 23:45 - 2014-06-11 23:45 - 00002181 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-11 23:45 - 2014-06-11 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 23:45 - 2014-06-11 23:45 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-11 23:45 - 2014-06-11 23:45 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-11 23:45 - 2014-06-11 23:45 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-06-11 23:45 - 2014-06-11 01:06 - 00000000 ____D () C:\Users\Marie\AppData\Local\Adobe
2014-06-11 23:45 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-11 23:44 - 2014-06-11 23:44 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-06-11 23:44 - 2014-06-11 23:44 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-11 23:35 - 2014-06-09 11:37 - 00003496 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-06-11 23:35 - 2014-06-09 11:37 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-11 23:26 - 2014-06-11 23:26 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\dvdcss
2014-06-11 23:26 - 2014-06-11 23:23 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\vlc
2014-06-11 23:22 - 2014-06-11 23:22 - 00001081 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-11 23:22 - 2014-06-11 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-11 23:22 - 2014-06-11 23:22 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-06-11 23:20 - 2014-06-11 23:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marie\Downloads\VLC media player 32 Bit - CHIP-Installer.exe
2014-06-11 23:13 - 2014-06-09 11:41 - 00063568 _____ () C:\Users\Marie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-11 00:34 - 2014-06-11 00:34 - 00000000 ____D () C:\Users\Marie\Documents\Fax
2014-06-11 00:25 - 2014-06-11 00:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2014-06-11 00:24 - 2014-06-11 00:24 - 00000000 ____D () C:\Windows\twain_64
2014-06-11 00:22 - 2014-06-11 00:22 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-06-11 00:22 - 2014-06-11 00:20 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-11 00:21 - 2014-06-11 00:21 - 00000040 _____ () C:\Autoconfig.ini
2014-06-11 00:21 - 2014-06-11 00:21 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-11 00:20 - 2014-06-11 00:19 - 23580208 _____ () C:\Users\Marie\Downloads\UniversalScanDriver_V1.02.19.exe
2014-06-11 00:20 - 2014-06-11 00:19 - 21335600 _____ () C:\Users\Marie\Downloads\SamsungUniversalPrintDriver2.exe
2014-06-10 23:38 - 2014-06-10 23:38 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\OpenOffice
2014-06-10 23:26 - 2014-06-10 23:26 - 00001192 _____ () C:\Users\Marie\Desktop\OpenOffice 4.1.0.lnk
2014-06-10 23:26 - 2014-06-10 23:26 - 00000000 ___SD () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-10 23:25 - 2014-06-10 23:25 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-06-10 23:21 - 2014-06-10 23:21 - 00000000 ____D () C:\Users\Marie\Desktop\OpenOffice 4.1.0 (de) Installation Files
2014-06-10 23:17 - 2014-06-10 23:16 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marie\Downloads\OpenOffice - CHIP-Installer.exe
2014-06-10 09:58 - 2014-06-09 12:18 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-06-10 09:57 - 2011-06-24 09:42 - 00000000 ____D () C:\ProgramData\PCDr
2014-06-10 08:44 - 2014-06-09 12:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 13:17 - 2014-06-09 13:16 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Mozilla
2014-06-09 13:17 - 2014-06-09 13:16 - 00000000 ____D () C:\Users\Marie\AppData\Local\Mozilla
2014-06-09 13:16 - 2014-06-09 13:16 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-09 13:16 - 2014-06-09 13:16 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-09 13:16 - 2014-06-09 13:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-09 13:16 - 2014-06-09 13:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 12:46 - 2014-06-09 12:08 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-06-09 12:38 - 2014-06-09 12:38 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-09 12:38 - 2014-06-09 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-09 12:38 - 2014-06-09 12:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 12:38 - 2014-06-09 12:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-09 12:19 - 2014-06-09 12:18 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-06-09 12:18 - 2014-06-09 12:18 - 05049344 _____ (Crawler.com ) C:\Users\Marie\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-06-09 12:18 - 2014-06-09 12:18 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-06-09 12:18 - 2014-06-09 12:18 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Spyware Terminator
2014-06-09 12:18 - 2014-06-09 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-06-09 12:16 - 2014-06-09 12:16 - 00758821 _____ () C:\ProgramData\1402308469.bdinstall.bin
2014-06-09 12:16 - 2014-06-09 12:16 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-06-09 12:16 - 2014-06-09 12:16 - 00000385 _____ () C:\Users\Marie\AppData\Roaminguser_gensett.xml
2014-06-09 12:16 - 2014-06-09 12:15 - 00000000 ____D () C:\ProgramData\BDLogging
2014-06-09 12:16 - 2014-06-09 12:10 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Bitdefender
2014-06-09 12:16 - 2014-06-09 12:08 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-06-09 12:15 - 2014-06-09 12:15 - 00002201 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-06-09 12:15 - 2014-06-09 12:15 - 00002082 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-06-09 12:15 - 2014-06-09 12:15 - 00000684 ____H () C:\bdr-cf01
2014-06-09 12:15 - 2014-06-09 12:15 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-06-09 12:15 - 2014-06-09 12:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
2014-06-09 12:15 - 2014-06-09 12:10 - 00253404 ____H () C:\bdr-ld01
2014-06-09 12:15 - 2014-06-09 12:10 - 00009216 ____H () C:\bdr-ld01.mbr
2014-06-09 12:10 - 2014-06-09 12:08 - 00000000 ____D () C:\Program Files\Bitdefender
2014-06-09 12:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-09 12:08 - 2014-06-09 12:07 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-06-09 12:07 - 2014-06-09 12:07 - 07304560 _____ () C:\Users\Marie\Downloads\bitdefender_tsecurity.exe
2014-06-09 12:07 - 2014-06-09 12:07 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\QuickScan
2014-06-09 11:58 - 2014-06-09 11:58 - 04536336 _____ (Avira Operations GmbH & Co. KG) C:\Users\Marie\Downloads\avira_de_av_4010898176__ws.exe
2014-06-09 11:50 - 2014-06-09 11:50 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\PCDr
2014-06-09 11:46 - 2014-06-09 11:46 - 00000000 ____D () C:\Users\Marie\Documents\Bluetooth-Exchange-Ordner
2014-06-09 11:46 - 2014-06-09 11:46 - 00000000 ____D () C:\Users\Marie\AppData\Local\Broadcom
2014-06-09 11:45 - 2014-06-09 11:37 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-09 11:41 - 2014-06-09 11:41 - 00001454 _____ () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-09 11:41 - 2014-06-09 11:41 - 00001420 _____ () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-06-09 11:41 - 2014-06-09 11:41 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Leadertech
2014-06-09 11:41 - 2014-06-09 11:41 - 00000000 ____D () C:\Users\Marie\AppData\Local\VirtualStore
2014-06-09 11:41 - 2011-06-24 09:36 - 00000000 ____D () C:\swshare
2014-06-09 11:41 - 2011-02-15 11:42 - 00000000 ____D () C:\SWTOOLS
2014-06-09 11:37 - 2014-06-09 11:37 - 00004236 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-06-09 11:37 - 2014-06-09 11:37 - 00000020 ___SH () C:\Users\Marie\ntuser.ini
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Vorlagen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Startmenü
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Netzwerkumgebung
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Lokale Einstellungen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Eigene Dateien
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Druckumgebung
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Documents\Eigene Musik
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Documents\Eigene Bilder
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\AppData\Local\Verlauf
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\AppData\Local\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Marie\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-06-09 11:37 - 2014-06-09 11:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-06-09 11:37 - 2011-06-24 09:21 - 00000042 _____ () C:\Windows\SysWOW64\Drivers\17AA_Lenovo_ThinkPad_Edge_0217_3BG.MRK
2014-06-09 11:37 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-06-09 11:37 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-09 11:37 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-09 11:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-09 11:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-09 11:28 - 2011-02-15 11:42 - 00000000 ____D () C:\Windows\Panther
2014-06-09 11:27 - 2010-11-21 05:47 - 00005592 _____ () C:\Windows\PFRO.log
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-10 22:59
==================== End Of Log ============================
|
|
20.06.2014, 08:21
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Spyware Terminator erkennt Trojan.ExOptions.Gen als Bedrohung |
| anti-malware, bitdefender, cookies, defender, erkennen, erkennt, festplatte, geändert, hilfe!, installieren, kurze, logfiles, mbam, nichts, platte, plötzlich, probleme, rechner, scan, spyware, spyware terminator, tracking, trojan.exoptions.gen, windows, winzip, wissen, zurücksetzen |
Linear-Darstellung
