| |
| |||||||
Log-Analyse und Auswertung: XML-Verarbeitungsfehler: nicht wohlgeformtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
04.07.2014, 10:15
| #1 |
 |  XML-Verarbeitungsfehler: nicht wohlgeformt Hallo! Wie ich gelesen habe, bin ich nicht die einzige, die dieses Problem bereits hatte. Da die Mitarbeiter jedoch in den anderen Themen erwähnt haben, die Programme die sie vorgeschlagen haben, nur dann zu benutzen wenn es direkt empfohlen wird, wollte ich lieber nicht darauf eingehen, von den Fremden Themen abzulesen und es ihnen einfach nach zu machen. Wie im Titel steht, kommt diese Meldung "XML-Verarbeitungsfehler: nicht wohlgeformt Adresse: hxxp://eu.battle.net/de/ Zeile Nr. 62, Spalte 187" wenn ich auf die eu.battle.net Seite gehen möchte. Wie bei den anderen ist ein Skriptausschnitt unter dem Satz zu sehen. Ich habe das Programm "Microsoft Security Essentials" auf Viren Scannen lassen und es hat auch einen Trojaner gefunden und entfernt. Jedoch kann ich die Seite immer noch nicht aufrufen... Bitte um Hilfe und Danke im Vorraus! LG Queenix |
|
04.07.2014, 10:44
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  XML-Verarbeitungsfehler: nicht wohlgeformt Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
06.07.2014, 13:34
| #3 |
| | XML-Verarbeitungsfehler: nicht wohlgeformt FRST.txt
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Belinda (administrator) on BELINDA-PC on 06-07-2014 14:04:40
Running from C:\Users\Belinda\dwhelper\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell) C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Curse) C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-02-14] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-04-27] (Dell Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-04-09] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2013-05-08] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\Run: [DellSystemDetect] => C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [258160 2014-03-29] (Dell)
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\MountPoints2: {5577ca1c-5901-11e3-a68a-c01885c126a8} - F:\AutoRun.exe
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\MountPoints2: {cea09ece-1506-11e2-971c-5cf9dd42aaa4} - E:\Startme.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
URLSearchHook: HKCU - (No Name) - {e36df325-3f4b-476f-8f89-123bc5d51a30} - No File
URLSearchHook: HKCU - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKCU - {45A295C6-C2D8-42B3-820D-6066453B36CC} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10529
SearchScopes: HKCU - {69B729C4-7E6E-49B5-BC24-4D9B64F19DDB} URL = hxxp://search.us.com/serp?guid={0D2C31F8-9555-4373-B011-88E67E326A31}&action=default_search&serpv=5&k={searchTerms}
SearchScopes: HKCU - {6BF01991-1A65-40E4-8F26-63098A2B1C64} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=SGT&o=APN10374&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AHO&apn_dtid=^YYYYYY^V2^AT&apn_uid=004cf9db-6f7b-4a06-85ba-39fe7a76da63&apn_sauid=DCB0854D-D669-4C0F-A581-2C43852F2390
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKCU - {B5041AFC-9CCE-437A-8EEF-E675469A5EF1} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=114278&tt=0213_1&babsrc=SP_ss&mntrId=a83e3a71000000000000c21885c1a6a7
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: saave, one - {34F6CC54-0699-9930-CB2E-174FEAEB2F2A} - C:\Program Files (x86)\saave, one\MW42pns2.x64.dll ()
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: MySearch - {5274DA06-440D-4335-5C74-BF4F118E1A75} - C:\Program Files (x86)\MySearch\W.x64.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adblocker - {97D90C52-167F-B0B7-E365-FCF2B0CF9F35} - C:\Program Files (x86)\Adblocker\FHLhBbH.x64.dll ()
BHO: sAAvue on - {9BFF5886-A048-5223-AF1E-37998D1E83BD} - C:\Program Files (x86)\sAAvue on\wrl3SYa.x64.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: saave, one - {34F6CC54-0699-9930-CB2E-174FEAEB2F2A} - C:\Program Files (x86)\saave, one\MW42pns2.dll ()
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: MySearch - {5274DA06-440D-4335-5C74-BF4F118E1A75} - C:\Program Files (x86)\MySearch\W.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adblocker - {97D90C52-167F-B0B7-E365-FCF2B0CF9F35} - C:\Program Files (x86)\Adblocker\FHLhBbH.dll ()
BHO-x32: sAAvue on - {9BFF5886-A048-5223-AF1E-37998D1E83BD} - C:\Program Files (x86)\sAAvue on\wrl3SYa.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {E19990DF-6FB7-4B55-A59B-6A5188750476} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - FindWide Toolbar - {E19990DF-6FB7-4B55-A59B-6A5188750476} - C:\Program Files (x86)\TNT2\Profiles\10841\passport.dll (Findwide)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {E36DF325-3F4B-476F-8F89-123BC5D51A30} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F100FA8-6DB0-4F2D-8A23-D6510E7C4508}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563
FF Homepage: https://www.google.at/
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Belinda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblocker - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\ocu9wbj7-nqut@iioeaohtjmjkpwu.org [2014-06-14]
FF Extension: DownloadHelper - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Adblock Plus - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-08]
Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR Extension: (Google Drive) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-10]
CHR Extension: (YouTube) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-10]
CHR Extension: (Google-Suche) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-10]
CHR Extension: (sAAvue on) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek [2014-06-14]
CHR Extension: (Downloads) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2014-06-14]
CHR Extension: (Google Wallet) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-10]
CHR Extension: (Google Mail) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-10]
CHR Extension: (saVe on) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp [2014-06-14]
CHR Extension: (Adblocker) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni [2014-06-14]
CHR Extension: (sAAvue on) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14 [2014-06-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4204272 2012-08-28] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [60416 2009-06-22] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SystemUpdatekb70007; C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [18944 2014-05-08] () [File not signed]
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-04-27] (Dell Inc.) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [138280 2012-04-27] (Broadcom Corporation.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-06 14:04 - 2014-07-06 14:04 - 00000000 ____D () C:\FRST
2014-06-25 13:15 - 2014-06-25 13:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-06-25 10:58 - 2014-06-25 10:58 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-06-23 07:41 - 2014-06-23 07:41 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-20 21:59 - 2014-06-20 22:03 - 00000000 ____D () C:\Windows\pss
2014-06-19 14:58 - 2014-07-06 11:48 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Adobe
2014-06-19 14:34 - 2014-06-19 14:34 - 00003664 ____N () C:\bootsqm.dat
2014-06-15 10:31 - 2014-06-15 10:34 - 00000000 ____D () C:\Users\Belinda\.gimp-2.8
2014-06-15 10:26 - 2014-06-15 10:26 - 00000856 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-06-15 10:25 - 2014-06-20 15:04 - 00000000 ____D () C:\Program Files\GIMP 2
2014-06-15 09:50 - 2014-06-20 15:00 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-06-15 09:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-15 09:46 - 2014-06-20 15:00 - 00000000 ____D () C:\AdwCleaner
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 _____ () C:\autoexec.bat
2014-06-15 00:18 - 2014-06-20 15:06 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-15 00:00 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieUserList
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieSiteList
2014-06-14 17:03 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\MySearch
2014-06-14 17:03 - 2014-06-20 15:04 - 00000000 ____D () C:\Program Files (x86)\MySearch
2014-06-14 17:01 - 2014-06-20 15:02 - 00000000 ____D () C:\ProgramData\MountainApp
2014-06-14 17:00 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\sAAvue on
2014-06-14 17:00 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-14 17:00 - 2014-06-20 15:04 - 00000000 ____D () C:\Program Files (x86)\sAAvue on
2014-06-14 17:00 - 2014-06-20 15:04 - 00000000 ____D () C:\Program Files (x86)\Adblocker
2014-06-14 17:00 - 2014-06-14 17:00 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-14 16:59 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\saave, one
2014-06-14 16:59 - 2014-06-20 15:04 - 00000000 ____D () C:\Program Files (x86)\saave, one
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator
2014-06-14 16:59 - 2014-06-14 17:03 - 00000000 ____D () C:\ProgramData\bbe119dfcbd6ab61
2014-06-14 16:59 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Packages
2014-06-14 16:08 - 2014-06-14 16:08 - 00003022 _____ () C:\Windows\System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F}
2014-06-13 13:19 - 2014-06-13 13:19 - 00000000 ____D () C:\Users\Belinda\K
2014-06-12 20:56 - 2014-07-06 11:40 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\PCDr
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Dell
2014-06-12 20:13 - 2014-06-15 00:12 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-12 20:13 - 2014-06-12 20:13 - 00000000 ____D () C:\ProgramData\PCDr
2014-06-12 18:38 - 2014-06-12 18:38 - 00000000 ____D () C:\Users\Belinda\AppData\Local\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Local\TuneUp Software
2014-06-12 18:25 - 2014-06-12 18:26 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\DVDVideoSoft
2014-06-12 17:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 17:57 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 17:57 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 17:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 17:57 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 17:57 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 17:57 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 17:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 17:57 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 17:57 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 17:57 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 17:57 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 17:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 17:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 17:57 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 17:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 17:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 17:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 17:57 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 17:57 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 17:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 17:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 17:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 17:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 17:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 17:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 17:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 17:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 17:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 17:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 17:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 17:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 17:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 17:57 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 17:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 17:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 17:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 17:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 17:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 17:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 17:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 17:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 17:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 17:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 17:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 17:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 17:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 17:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 17:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 17:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 17:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 17:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 17:54 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 17:54 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 17:51 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 17:51 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 17:51 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 17:51 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 17:51 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 17:51 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 17:51 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 17:51 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 17:51 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 17:51 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 17:51 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 17:51 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 17:51 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 17:51 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:14 - 2014-06-12 14:31 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TS3Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
==================== One Month Modified Files and Folders =======
2014-07-06 14:04 - 2014-07-06 14:04 - 00000000 ____D () C:\FRST
2014-07-06 13:55 - 2012-10-19 10:39 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Deployment
2014-07-06 13:34 - 2013-03-29 11:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 12:44 - 2012-07-15 05:55 - 01850936 _____ () C:\Windows\WindowsUpdate.log
2014-07-06 11:48 - 2014-06-19 14:58 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Adobe
2014-07-06 11:48 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-06 11:48 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-06 11:40 - 2014-06-12 20:56 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-06 11:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 11:38 - 2009-07-14 06:51 - 00184495 _____ () C:\Windows\setupact.log
2014-07-04 06:03 - 2010-11-21 08:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-07-04 06:03 - 2010-11-21 08:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-07-04 06:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 23:39 - 2014-04-20 18:25 - 00001069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2014-06-30 23:39 - 2014-04-20 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2014-06-30 08:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-29 21:29 - 2014-01-13 21:04 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-29 12:44 - 2014-05-05 21:13 - 00000000 ___RD () C:\Users\Belinda\Dropbox
2014-06-29 12:43 - 2014-05-05 21:12 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\DropboxMaster
2014-06-29 12:43 - 2014-05-05 21:09 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Dropbox
2014-06-29 12:36 - 2012-09-19 19:30 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Skype
2014-06-29 02:56 - 2014-05-09 21:15 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Battle.net
2014-06-25 13:38 - 2012-09-19 18:06 - 00000000 ____D () C:\Users\Belinda
2014-06-25 13:15 - 2014-06-25 13:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-06-25 10:58 - 2014-06-25 10:58 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-06-25 10:58 - 2012-09-19 18:13 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Adobe
2014-06-24 08:20 - 2013-02-08 11:52 - 00000000 ____D () C:\Users\Belinda\.VirtualBox
2014-06-23 11:28 - 2013-01-24 13:32 - 00007671 _____ () C:\Users\Belinda\AppData\Local\Resmon.ResmonCfg
2014-06-23 11:15 - 2012-09-20 08:42 - 00000000 ____D () C:\Users\Belinda\SCHULE
2014-06-23 07:44 - 2012-09-20 15:29 - 00370688 ___SH () C:\Users\Belinda\Thumbs.db
2014-06-23 07:41 - 2014-06-23 07:41 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-20 22:03 - 2014-06-20 21:59 - 00000000 ____D () C:\Windows\pss
2014-06-20 22:00 - 2012-10-18 18:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 21:56 - 2014-05-09 21:27 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-06-20 21:46 - 2014-05-09 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 15:06 - 2014-06-15 00:18 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-20 15:05 - 2014-05-09 23:33 - 00000000 ____D () C:\Users\Belinda\AppData\Local\NVIDIA
2014-06-20 15:05 - 2014-05-09 21:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Battle.net
2014-06-20 15:05 - 2013-09-30 11:44 - 00000000 ____D () C:\Users\Decayde
2014-06-20 15:05 - 2013-04-10 08:06 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-20 15:05 - 2013-01-11 15:25 - 00000000 ____D () C:\Users\Gast
2014-06-20 15:05 - 2012-09-25 10:45 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Azureus
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-06-20 15:04 - 2014-06-15 10:25 - 00000000 ____D () C:\Program Files\GIMP 2
2014-06-20 15:04 - 2014-06-15 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio
2014-06-20 15:04 - 2014-06-14 17:03 - 00000000 ____D () C:\ProgramData\MySearch
2014-06-20 15:04 - 2014-06-14 17:03 - 00000000 ____D () C:\Program Files (x86)\MySearch
2014-06-20 15:04 - 2014-06-14 17:00 - 00000000 ____D () C:\ProgramData\sAAvue on
2014-06-20 15:04 - 2014-06-14 17:00 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-20 15:04 - 2014-06-14 17:00 - 00000000 ____D () C:\Program Files (x86)\sAAvue on
2014-06-20 15:04 - 2014-06-14 17:00 - 00000000 ____D () C:\Program Files (x86)\Adblocker
2014-06-20 15:04 - 2014-06-14 16:59 - 00000000 ____D () C:\ProgramData\saave, one
2014-06-20 15:04 - 2014-06-14 16:59 - 00000000 ____D () C:\Program Files (x86)\saave, one
2014-06-20 15:04 - 2014-02-13 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Storybook
2014-06-20 15:04 - 2013-10-14 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-20 15:04 - 2013-10-10 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 15:04 - 2013-09-22 17:45 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-20 15:04 - 2013-08-09 01:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-06-20 15:04 - 2013-04-23 11:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-20 15:04 - 2013-03-03 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Storybook 4
2014-06-20 15:04 - 2012-11-24 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Screensaver
2014-06-20 15:04 - 2012-11-11 17:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-20 15:04 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-06-20 15:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Comodo
2014-06-20 15:03 - 2013-12-25 16:24 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Google
2014-06-20 15:03 - 2013-02-15 08:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-20 15:03 - 2013-02-04 13:05 - 00000000 ____D () C:\Users\Belinda\dwhelper
2014-06-20 15:03 - 2012-10-19 10:40 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Google
2014-06-20 15:02 - 2014-06-14 17:01 - 00000000 ____D () C:\ProgramData\MountainApp
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Comodo
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator
2014-06-20 15:02 - 2013-05-08 21:59 - 00000000 ____D () C:\Program Files\Smith Micro
2014-06-20 15:02 - 2013-02-09 11:24 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-20 15:02 - 2012-09-24 21:26 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-20 15:00 - 2014-06-15 09:50 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-06-20 15:00 - 2014-06-15 09:46 - 00000000 ____D () C:\AdwCleaner
2014-06-20 15:00 - 2013-04-10 08:01 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-20 15:00 - 2012-10-19 10:40 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-20 15:00 - 2012-07-15 13:46 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-20 15:00 - 2012-07-15 13:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-19 14:55 - 2013-04-10 08:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-19 14:34 - 2014-06-19 14:34 - 00003664 ____N () C:\bootsqm.dat
2014-06-19 11:43 - 2013-07-27 17:47 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-06-15 10:34 - 2014-06-15 10:31 - 00000000 ____D () C:\Users\Belinda\.gimp-2.8
2014-06-15 10:26 - 2014-06-15 10:26 - 00000856 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-06-15 09:49 - 2010-11-21 05:47 - 00333236 _____ () C:\Windows\PFRO.log
2014-06-15 09:47 - 2012-09-19 18:09 - 00000961 _____ () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 _____ () C:\autoexec.bat
2014-06-15 00:12 - 2014-06-12 20:13 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-15 00:12 - 2014-03-29 15:40 - 00002982 _____ () C:\Windows\System32\Tasks\{9CE87621-B0FF-4B20-BBC1-176D52210A67}
2014-06-15 00:12 - 2014-03-19 21:46 - 00002982 _____ () C:\Windows\System32\Tasks\{61C9DBC5-09D7-47A1-AF31-0DD4CB996EC2}
2014-06-14 23:51 - 2013-11-26 13:27 - 00003510 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Belinda-PC-Belinda
2014-06-14 23:51 - 2013-09-22 18:07 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-06-14 23:14 - 2013-12-30 17:52 - 00003094 _____ () C:\Windows\System32\Tasks\{08169894-71C7-41FE-8C59-3C26BB7B473D}
2014-06-14 23:14 - 2013-09-30 11:44 - 00003098 _____ () C:\Windows\System32\Tasks\{43426D0C-2840-40B1-885F-B5DAE5D333FF}
2014-06-14 23:14 - 2013-09-24 17:24 - 00003098 _____ () C:\Windows\System32\Tasks\{64698EA9-AC20-48D3-89FC-74686F1D8121}
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieUserList
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieSiteList
2014-06-14 17:03 - 2014-06-14 16:59 - 00000000 ____D () C:\ProgramData\bbe119dfcbd6ab61
2014-06-14 17:00 - 2014-06-14 17:00 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-14 16:59 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Packages
2014-06-14 16:08 - 2014-06-14 16:08 - 00003022 _____ () C:\Windows\System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F}
2014-06-13 18:14 - 2013-03-29 11:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-13 18:13 - 2012-07-15 13:05 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-13 18:13 - 2012-07-15 13:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-13 18:05 - 2012-10-19 10:40 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-13 18:05 - 2012-10-19 10:40 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-13 17:40 - 2012-10-19 10:40 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-13 17:40 - 2012-10-19 10:40 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-13 14:01 - 2013-09-22 18:07 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-06-13 13:59 - 2013-04-10 08:01 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Microsoft Help
2014-06-13 13:19 - 2014-06-13 13:19 - 00000000 ____D () C:\Users\Belinda\K
2014-06-13 12:41 - 2014-01-02 01:59 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\vlc
2014-06-12 20:58 - 2012-10-18 17:10 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\PCDr
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Dell
2014-06-12 20:13 - 2014-06-12 20:13 - 00000000 ____D () C:\ProgramData\PCDr
2014-06-12 20:12 - 2014-01-13 20:37 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Skype
2014-06-12 19:35 - 2013-07-17 10:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 19:33 - 2012-09-26 10:18 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 19:28 - 2014-05-07 08:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 19:05 - 2012-09-29 15:01 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-12 18:38 - 2014-06-12 18:38 - 00000000 ____D () C:\Users\Belinda\AppData\Local\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Local\TuneUp Software
2014-06-12 18:26 - 2014-06-12 18:25 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\DVDVideoSoft
2014-06-12 18:26 - 2013-02-01 12:38 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-06-12 18:26 - 2012-09-29 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-12 18:26 - 2012-09-29 14:59 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\DVDVideoSoft
2014-06-12 14:31 - 2014-06-12 14:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TS3Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-08 11:13 - 2014-06-12 17:54 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 17:54 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Files to move or delete:
====================
C:\Users\Belinda\GameDevTycoon-139.exe
Some content of TEMP:
====================
C:\Users\Belinda\AppData\Local\Temp\amt_webssearches.exe
C:\Users\Belinda\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1v1oyp.dll
C:\Users\Belinda\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Belinda\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Belinda\AppData\Local\Temp\i4jdel0.exe
C:\Users\Belinda\AppData\Local\Temp\Quarantine.exe
C:\Users\Belinda\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Belinda\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Belinda\AppData\Local\Temp\SHSetup.exe
C:\Users\Belinda\AppData\Local\Temp\sSetup-se.exe
C:\Users\Decayde\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Decayde\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Decayde\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Decayde\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Decayde\AppData\Local\Temp\nsbF8AA.exe
C:\Users\Decayde\AppData\Local\Temp\nsh4B14.exe
C:\Users\Decayde\AppData\Local\Temp\nsm47D8.exe
C:\Users\Decayde\AppData\Local\Temp\nsq9D22.exe
C:\Users\Decayde\AppData\Local\Temp\nsr4E5F.exe
C:\Users\Decayde\AppData\Local\Temp\nsrFC15.exe
C:\Users\Decayde\AppData\Local\Temp\nswF530.exe
C:\Users\Decayde\AppData\Local\Temp\riftuninstall.exe
C:\Users\Decayde\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Decayde\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Decayde\AppData\Local\Temp\setup__4216.exe
C:\Users\Decayde\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\Decayde\AppData\Local\Temp\_is5965.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-10 12:51
==================== End Of Log ============================
[/CODE] Addition.txt Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Belinda at 2014-07-06 14:07:08
Running from C:\Users\Belinda\dwhelper\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 3.9 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock 2 (HKLM-x32\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Crawler 3D Fireplace (HKLM-x32\...\{CDAFD956-97BE-443D-8EF7-F4F094EB5766}_SAV_3DFIREPLACE) (Version: - Crawler, LLC)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD09282B-E878-4C2C-914D-E67475E4729C}) (Version: - Microsoft)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3E90B7F4-1817-4405-B4A5-E4EA5EC0E2B3}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.217 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.52 - Dell Inc.)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.0.0.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.39.604 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.39.604 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417015FF}) (Version: 7.0.150 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 15 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170150}) (Version: 1.7.0.150 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LINE (HKLM-x32\...\LINE) (Version: 3.7.0.34 - LINE Corporation)
Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Minecraft1.5.1 (HKLM-x32\...\Minecraft1.5.1) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Network Notepad 4.6.9 (HKLM-x32\...\Netnotep_is1) (Version: - Jason Green)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
Novell Vibe Desktop 64-bit 1.0 (HKLM\...\{CA0D6979-21D2-40C1-AC0B-A34F944EC45C}) (Version: 1.0.0.17399 - Novell, Inc.)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 4.1.22 (HKLM\...\{883F56F3-B9E7-4B07-8F6D-2BEF6291DF16}) (Version: 4.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
sAAvue on (HKLM-x32\...\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}) (Version: 2.2.0.1169 - save on) <==== ATTENTION
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.188 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9F71CF8-8310-4EFC-869F-47BC0FEE269D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{98821750-2C79-4A07-9AE9-D2536FD9491D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F6CE638B-5A06-4EDD-A1FA-BFA827D14071}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{927B47DF-91B2-4EBF-9B66-43B2C95E41BF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{E3852353-AB54-4642-B25F-6E9EB106388B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2500 - Broadcom Corporation)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-2 - BitNami)
==================== Restore Points =========================
20-06-2014 12:40:51 Installed Manga Studio
20-06-2014 12:45:07 Wiederherstellungsvorgang
20-06-2014 18:54:43 Windows Update
25-06-2014 05:44:11 Windows Update
25-06-2014 11:37:34 Removed Adobe Download Assistant
28-06-2014 19:40:26 Windows Update
01-07-2014 20:46:26 Windows Update
04-07-2014 04:07:30 Microsoft Antimalware Checkpoint
06-07-2014 09:48:57 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {162F0C4C-B0D3-4683-940A-72869FFA066B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13] (Adobe Systems Incorporated)
Task: {169F6838-AC82-4DD4-881A-F224CDF3DE93} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {18D90D48-9820-4C82-ADD6-505043C428BF} - System32\Tasks\{64698EA9-AC20-48D3-89FC-74686F1D8121} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {1C2CFDC4-674F-4C33-9286-A1417D5D9CF7} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {27FC83DA-DE75-4F5F-BF54-D584B3D81FF7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {42D4ADAF-8DC7-41A4-B1B7-A3D8F0B8EC48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {45B45BA6-32FF-4A86-8A32-583775C8B3EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5DA4CBEF-078B-4640-9FC2-F124C3E05C8C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {60981396-8E41-4D14-BD86-F60B72C1034B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6925EB37-0F28-472D-95E7-D9586471DFEA} - System32\Tasks\{08169894-71C7-41FE-8C59-3C26BB7B473D} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.60.102/de/abandoninstall?page=tsBing
Task: {6A6511E9-8A7C-4FEF-9F52-439B7C86CCF6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {777F5872-2E8F-419B-98FD-B122A7B889D1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {7BE5822E-744A-4F79-B162-0B156BDDE393} - System32\Tasks\{D059BDD4-852F-49E5-91A8-11FE41D9189E} => Firefox.exe
Task: {82425580-1F63-4D86-BCAB-D6CD49E8A58C} - \SW-Booster-S-1609871843 No Task File <==== ATTENTION
Task: {8B5B67EF-4D31-40D2-8FD7-6BDBA2750880} - System32\Tasks\{61C9DBC5-09D7-47A1-AF31-0DD4CB996EC2} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-03-06] (Broadcom Corporation.)
Task: {954AFBB9-CACF-417C-9A1C-A094327BF52E} - System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {9FD839E7-6F57-4F3E-B803-BC397D8CF618} - System32\Tasks\{87B59C41-63AE-4EB4-9B61-36B6C5989F76} => Firefox.exe
Task: {A7540DC6-D1E7-4B76-9FCF-99C0232A89BC} - \Funmoods No Task File <==== ATTENTION
Task: {AAD36762-E58A-433F-8C75-7C36A6F49104} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {AB56B8DB-402C-4365-9CD9-8F452D4A4683} - System32\Tasks\{DD5A5FC7-B760-4DFC-BFFA-7AB5DF49E681} => Firefox.exe
Task: {B1E5B3C4-0901-424B-8521-721BD105AE1D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B4DD9B4B-FA90-42C8-859C-366F39AC7527} - System32\Tasks\{43426D0C-2840-40B1-885F-B5DAE5D333FF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {BDF168E9-2C46-4A99-B159-0DBE815CD449} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-14] (PC-Doctor, Inc.)
Task: {DA4F2E1D-8512-414E-95F4-C5F987EC5BCB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {DF96CB30-1F76-4F55-85CF-5FECFFE0D917} - System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {E2C8E010-D284-48DE-A85A-B70D31CAB5DB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1432196140-1771900234-4215042517-1004
Task: {E754DCF1-CBE1-43EB-AAD4-1B7A0A947C12} - System32\Tasks\{9CE87621-B0FF-4B20-BBC1-176D52210A67} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-03-06] (Broadcom Corporation.)
Task: {EBE528AE-F1C7-497D-8F34-4C05B015E9E2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {EC5C1C3F-73E1-4AC7-B41C-A7DB05934789} - System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {F859CECB-B4B3-4301-BFE0-B28FDCE8352F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {F9FC3C86-2CD6-4EC7-BD71-615029A45AED} - System32\Tasks\AdobeAAMUpdater-1.0-Belinda-PC-Belinda => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FC1B8405-F529-4F78-A896-F8C1C585BEE1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-12-18 15:42 - 2014-05-20 04:44 - 00014280 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-07-15 05:56 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-13 21:06 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-02-01 18:50 - 2014-02-01 18:50 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-14 17:08 - 2014-05-08 11:45 - 00018944 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-15 14:31 - 2012-03-27 03:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-23 07:41 - 2014-06-23 07:40 - 00014848 _____ () C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.WowDb.dll
2014-06-23 07:41 - 2014-06-23 07:40 - 00035840 _____ () C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.Advertising.dll
2014-06-23 07:41 - 2014-06-23 07:40 - 00099840 _____ () C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\Curse.CurseClient.CMOD2.dll
2011-06-24 15:45 - 2013-05-08 14:40 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2013-05-08 14:03 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-06-14 17:08 - 2014-05-08 11:45 - 00061952 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\InstallerLibrary.dll
2014-06-14 17:08 - 2014-05-08 11:45 - 00016896 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\Installer.dll
2013-12-18 15:42 - 2014-05-20 04:44 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-06-15 09:50 - 2014-07-06 11:38 - 00086528 _____ () C:\Program Files (x86)\MSR\Privoxy\mgwz.dll
2014-02-14 11:57 - 2014-02-14 11:57 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\00a0b4a9df6e4abf30ae2af3624a77ce\IsdiInterop.ni.dll
2012-07-15 13:20 - 2012-02-01 23:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-15 13:22 - 2012-01-20 18:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-09 23:15 - 2014-06-20 21:45 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/06/2014 11:48:20 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/06/2014 11:39:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/05/2014 07:27:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/04/2014 10:59:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/04/2014 06:08:54 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/04/2014 06:07:30 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {d9e134ce-e395-482c-94d1-016da0e19854}
Error: (07/03/2014 11:06:58 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/03/2014 10:57:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 10:44:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/01/2014 10:36:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/06/2014 02:00:22 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/06/2014 01:48:15 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/06/2014 01:10:32 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/06/2014 00:58:25 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/06/2014 00:20:43 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/06/2014 00:08:36 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/06/2014 11:42:35 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/06/2014 11:40:28 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.1.100192.168.137.0255.255.255.0
Error: (07/06/2014 11:40:28 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (07/06/2014 11:40:28 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Microsoft Office Sessions:
=========================
Error: (07/06/2014 11:48:20 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/06/2014 11:39:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/05/2014 07:27:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/04/2014 10:59:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/04/2014 06:08:54 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/04/2014 06:07:30 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {d9e134ce-e395-482c-94d1-016da0e19854}
Error: (07/03/2014 11:06:58 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/03/2014 10:57:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 10:44:47 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154
Error: (07/01/2014 10:36:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2013-10-19 15:54:06.335
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.284
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.231
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.175
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.698
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.648
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.598
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.548
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 13:06:06.527
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1240\f358984552.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 12:56:59.201
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1200\f349989968.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 34%
Total physical RAM: 8063.41 MB
Available physical RAM: 5287.16 MB
Total Pagefile: 16125 MB
Available Pagefile: 13140.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:309.72 GB) (Free:68.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Server2012) (Fixed) (Total:156 GB) (Free:128.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7AF659C3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=310 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=156 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
06.07.2014, 15:04
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | XML-Verarbeitungsfehler: nicht wohlgeformt Was ist mit meiner Frage nach bisherigen Logs mit Funden?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.07.2014, 17:16
| #5 |
| |  XML-Verarbeitungsfehler: nicht wohlgeformt Ohweh, entschuldige, habe ich wohl irgendwie gelöscht Ich habe keine weiteren Virenscanner auf meinem Laptop da mir eine Freundin die sich etwas mit PCs auskennt sagte, da ich keine verschiedernen Virenscanner brauche, habe also keine andern Programme nach Viren suchen lassen, und der Trojaner war auch der einzige Virus der von Microsoft Security Essentials gefunden wurde, das programm macht allerdeings anscheinend keine Logdateien, zumindest weiß ich leider nicht wo ich diese finden könnte... |
|
07.07.2014, 20:59
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | XML-Verarbeitungsfehler: nicht wohlgeformt Bitte mal ein Log mit CF machen: Scan mit Combofix
__________________ --> XML-Verarbeitungsfehler: nicht wohlgeformt |
|
08.07.2014, 13:01
| #7 |
| | XML-Verarbeitungsfehler: nicht wohlgeformt Nachdem ich den Prozess "Microsoft Secruity Essentials" geschlossen und Combofix geöffnet habe, hat es, wie sie gesagt haben, noch eine Meldung gegeben. Combofix Logfile: Code:
ATTFilter ComboFix 14-07-08.01 - Belinda 08.07.2014 13:04:16.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.8063.5261 [GMT 2:00]
ausgeführt von:: c:\users\Belinda\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
c:\program files (x86)\MySearch
c:\program files (x86)\MySearch\W.dat
c:\program files (x86)\MySearch\W.dll
c:\program files (x86)\MySearch\W.tlb
c:\program files (x86)\MySearch\W.x64.dll
c:\windows\MICROSOFT
c:\windows\MICROSOFT\SystemUpdatekb70007\Installer.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\InstallerLibrary.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\Newtonsoft.Json.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\SQLite.Interop.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\System.Data.SQLite.dll
c:\windows\MICROSOFT\SystemUpdatekb70007\win32.reg
c:\windows\MICROSOFT\SystemUpdatekb70007\WindowsUpdater.exe
c:\windows\RPSETUP.EXE.LOG
c:\windows\SysWow64\DEBUG.log
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SystemUpdatekb70007
-------\Service_SystemUpdatekb70007
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-08 bis 2014-07-08 ))))))))))))))))))))))))))))))
.
.
2014-07-08 11:17 . 2014-07-08 11:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-08 11:17 . 2014-07-08 11:17 -------- d-----w- c:\users\Gast\AppData\Local\temp
2014-07-08 11:17 . 2014-07-08 11:17 -------- d-----w- c:\users\Decayde\AppData\Local\temp
2014-07-08 10:56 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B9F145F3-9FAB-495C-9677-18ABD5529032}\mpengine.dll
2014-07-06 12:04 . 2014-07-06 12:08 -------- d-----w- C:\FRST
2014-07-06 10:43 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-06 09:50 . 2014-05-02 07:44 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC84AC53-C5D3-4C66-AC84-8B83F9CA04D7}\gapaengine.dll
2014-06-25 11:15 . 2014-06-25 11:15 -------- d-----w- c:\users\Belinda\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-06-25 08:58 . 2014-06-25 08:58 -------- d-----w- c:\users\Belinda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-06-19 12:58 . 2014-07-08 10:55 -------- d-----w- c:\users\Belinda\AppData\Local\Adobe
2014-06-15 08:31 . 2014-06-15 08:34 -------- d-----w- c:\users\Belinda\.gimp-2.8
2014-06-15 08:25 . 2014-06-20 13:04 -------- d-----w- c:\program files\GIMP 2
2014-06-15 07:50 . 2014-06-20 13:00 -------- d-----w- c:\program files (x86)\MSR
2014-06-15 07:47 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-15 07:46 . 2014-06-20 13:00 -------- d-----w- C:\AdwCleaner
2014-06-14 22:19 . 2014-06-14 22:19 -------- d-----w- c:\program files\Enigma Software Group
2014-06-14 22:18 . 2014-06-20 13:06 -------- d-----w- c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-14 21:06 . 2014-06-20 13:03 -------- d-----w- c:\users\Belinda\Vuze Downloads
2014-06-14 15:10 . 2014-06-14 15:10 -------- d-sh--w- c:\users\Belinda\AppData\Local\EmieUserList
2014-06-14 15:10 . 2014-06-14 15:10 -------- d-sh--w- c:\users\Belinda\AppData\Local\EmieSiteList
2014-06-14 15:03 . 2014-06-20 13:04 -------- d-----w- c:\programdata\MySearch
2014-06-14 15:01 . 2014-06-20 13:02 -------- d-----w- c:\programdata\MountainApp
2014-06-14 15:00 . 2014-06-20 13:04 -------- d-----w- c:\programdata\sAAvue on
2014-06-14 15:00 . 2014-06-20 13:04 -------- d-----w- c:\program files (x86)\sAAvue on
2014-06-14 15:00 . 2014-06-20 13:04 -------- d-----w- c:\programdata\Adblocker
2014-06-14 15:00 . 2014-06-20 13:04 -------- d-----w- c:\program files (x86)\Adblocker
2014-06-14 14:59 . 2014-06-20 13:04 -------- d-----w- c:\programdata\saave, one
2014-06-14 14:59 . 2014-06-20 13:04 -------- d-----w- c:\program files (x86)\saave, one
2014-06-14 14:59 . 2014-06-14 14:59 -------- d-----w- c:\users\Belinda\AppData\Local\Packages
2014-06-14 14:59 . 2014-06-14 15:03 -------- d-----w- c:\programdata\bbe119dfcbd6ab61
2014-06-14 14:59 . 2014-06-20 13:03 -------- d-----w- c:\users\HomeGroupUser$
2014-06-14 14:59 . 2014-06-20 13:03 -------- d-----w- c:\users\Gast\AppData\Local\Comodo
2014-06-14 14:59 . 2014-06-20 13:03 -------- d-----w- c:\users\Decayde\AppData\Local\Comodo
2014-06-14 14:59 . 2014-06-20 13:02 -------- d-----w- c:\users\Belinda\AppData\Local\Comodo
2014-06-14 14:59 . 2014-06-20 13:02 -------- d-----w- c:\users\Administrator
2014-06-13 11:19 . 2014-06-13 11:19 -------- d-----w- c:\users\Belinda\K
2014-06-12 18:14 . 2014-06-12 18:14 -------- d-----w- c:\users\Decayde\AppData\Roaming\PCDr
2014-06-12 18:14 . 2014-06-12 18:14 -------- d-----w- c:\users\Decayde\AppData\Roaming\Dell
2014-06-12 18:13 . 2014-06-12 18:13 -------- d-----w- c:\programdata\PCDr
2014-06-12 18:07 . 2014-06-12 18:27 -------- d-----w- c:\users\Decayde\AppData\Local\Diagnostics
2014-06-12 16:38 . 2014-06-12 16:38 -------- d-----w- c:\users\Belinda\AppData\Local\TuneUp Software
2014-06-12 16:32 . 2014-06-12 16:32 -------- d-----w- c:\users\Decayde\AppData\Roaming\TuneUp Software
2014-06-12 16:32 . 2014-06-12 16:32 -------- d-----w- c:\users\Decayde\AppData\Local\TuneUp Software
2014-06-12 16:25 . 2014-06-12 16:26 -------- d-----w- c:\users\Decayde\AppData\Roaming\DVDVideoSoft
2014-06-12 15:54 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-12 15:54 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-12 12:14 . 2014-06-12 12:31 -------- d-----w- c:\users\Decayde\AppData\Roaming\TS3Client
2014-06-12 12:14 . 2014-06-12 12:14 -------- d-----w- c:\program files\TeamSpeak 3 Client
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-13 16:13 . 2012-07-15 11:05 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-13 16:13 . 2012-07-15 11:05 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-12 17:33 . 2012-09-26 08:18 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-20 02:44 . 2014-05-26 18:21 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-05-20 02:44 . 2014-05-26 18:21 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-05-20 02:44 . 2014-05-26 18:21 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2014-05-20 02:44 . 2014-05-26 18:21 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2014-05-20 02:44 . 2014-05-26 18:21 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-05-20 02:44 . 2014-05-26 18:21 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-05-20 02:44 . 2014-05-26 18:21 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-05-20 02:44 . 2014-05-26 18:21 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2014-05-20 02:44 . 2014-05-26 18:21 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2014-05-20 02:44 . 2014-05-26 18:21 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2014-05-26 18:21 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-05-20 02:44 . 2014-05-26 18:21 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-05-20 02:44 . 2014-05-26 18:21 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-26 18:21 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-05-20 02:44 . 2014-05-26 18:21 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-26 18:21 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2014-05-26 18:21 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-05-26 18:21 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2014-05-26 18:21 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-05-20 02:44 . 2014-05-26 18:21 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2014-05-26 18:21 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2014-05-26 18:21 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
2014-05-20 02:44 . 2014-05-26 18:21 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-05-20 02:44 . 2014-05-26 18:21 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2014-05-20 02:44 . 2014-05-26 18:21 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2014-05-20 02:44 . 2014-05-09 21:30 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2014-05-09 21:30 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2014-05-09 21:30 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2012-10-08 10:42 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2012-10-08 10:42 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2012-10-08 10:42 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2012-07-15 12:31 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-05-20 01:25 . 2012-07-15 03:56 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2012-07-15 03:56 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2012-07-15 03:56 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2012-07-15 03:56 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-05-20 01:25 . 2012-07-15 03:56 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2012-07-15 03:56 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2012-07-15 03:56 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-20 01:25 . 2012-07-15 03:56 1078616 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-05-14 23:49 . 2012-07-15 03:56 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-02 07:44 . 2012-09-29 13:03 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-30 18:29 . 2014-05-09 21:33 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2014-05-09 21:33 1225920 ----a-w- c:\windows\system32\nvspcap64.dll
2014-04-14 18:13 . 2014-05-26 18:25 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-15 08:45 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:22 . 2014-05-15 08:45 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:19 . 2014-05-15 08:45 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-15 08:45 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-15 08:45 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-15 08:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-15 08:45 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-15 08:45 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-15 08:45 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-04-11 10:44 . 2013-04-11 10:44 5940700 ----a-w- c:\program files (x86)\npp.6.3.2.Installer.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}]
2014-06-14 14:59 423936 ----a-w- c:\program files (x86)\saave, one\MW42pns2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{97D90C52-167F-B0B7-E365-FCF2B0CF9F35}]
2013-06-14 15:00 423936 ----a-w- c:\program files (x86)\Adblocker\FHLhBbH.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9BFF5886-A048-5223-AF1E-37998D1E83BD}]
2013-06-14 15:00 423936 ----a-w- c:\program files (x86)\sAAvue on\wrl3SYa.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{E19990DF-6FB7-4B55-A59B-6A5188750476}"= "c:\program files (x86)\TNT2\Profiles\10841\passport.dll" [2014-01-01 11520]
.
[HKEY_CLASSES_ROOT\clsid\{e19990df-6fb7-4b55-a59b-6a5188750476}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSystemDetect"="c:\users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe" [2014-03-29 258160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2011-08-04 4165440]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2013-05-08 646744]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2014-5-24 0]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"IJNetworkScannerSelectorEX"=c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
"CanonQuickMenu"=c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe"
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
"IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Sweetpacks Communicator"=c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 12:24 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-15 16:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}]
2014-06-14 14:59 472064 ----a-w- c:\program files (x86)\saave, one\MW42pns2.x64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{97D90C52-167F-B0B7-E365-FCF2B0CF9F35}]
2014-06-14 15:00 472064 ----a-w- c:\program files (x86)\Adblocker\FHLhBbH.x64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9BFF5886-A048-5223-AF1E-37998D1E83BD}]
2014-06-14 15:00 472064 ----a-w- c:\program files (x86)\sAAvue on\wrl3SYa.x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:15 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:15 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:15 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Belinda\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-02-14 1425408]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-05 439064]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-05 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-05 398616]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2012-04-27 7520768]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2012-04-09 626552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyServer = http=127.0.0.1:8118;https=127.0.0.1:8118
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office15\ONBttnIE.dll/105
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office15\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: dell.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7F100FA8-6DB0-4F2D-8A23-D6510E7C4508}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.at/
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 8118
FF - prefs.js: network.proxy.type - 1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{e36df325-3f4b-476f-8f89-123bc5d51a30} - (no file)
URLSearchHooks-{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - (no file)
BHO-{5274DA06-440D-4335-5C74-BF4F118E1A75} - c:\program files (x86)\MySearch\W.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{5274DA06-440D-4335-5C74-BF4F118E1A75} - c:\program files (x86)\MySearch\W.x64.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-{E19990DF-6FB7-4B55-A59B-6A5188750476} - (no file)
WebBrowser-{E36DF325-3F4B-476F-8F89-123BC5D51A30} - (no file)
AddRemove-8461-7759-5462-8226 - c:\program files (x86)\Vuze\uninstall.exe
AddRemove-PaintToolSAI - c:\users\Belinda\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\b7afbd43e3adc18ff61ff8130bb127a7\PaintToolSAI\uninst.exe
AddRemove-{CDAFD956-97BE-443D-8EF7-F4F094EB5766}_SAV_3DFIREPLACE - c:\progra~2\crawler\ssaver\cssaver.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1432196140-1771900234-4215042517-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:76,a2,45,a0,ca,ec,2b,09,38,93,29,f0,d3,06,50,53,6f,b1,27,5d,35,55,6a,
39,88,43,14,3c,90,34,c7,7c,60,e0,7c,99,a8,ff,c5,d1,e9,0e,2a,ed,b2,4f,f5,76,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_USERS\S-1-5-21-1432196140-1771900234-4215042517-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:3e,2c,5d,18,5b,cf,3e,a9,a4,c8,33,9e,2c,fe,6f,0b,b4,af,dc,2d,cb,
38,42,fd,98,a9,3a,96,de,9d,00,2e,dc,bd,a6,6b,b8,1b,5b,1e,fb,ff,ec,89,5f,f3,\
"rkeysecu"=hex:ad,07,b6,e4,56,ff,37,6d,df,38,4e,17,49,ff,2a,2f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files\Tablet\Pen\WacomHost.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-08 13:26:54 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-07-08 11:26
.
Vor Suchlauf: 18 Verzeichnis(se), 74.287.104.000 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 76.851.294.208 Bytes frei
.
- - End Of File - - 6E917ECDE54597B8819456D1EDABDE92
Noch etwas.. Nach dem Neustart meines Laptops wurden keine Prozesse, die übrlicherweise mit dem Laptop starten, ausgeführt. Ich habe darauf meinen Laptop erneut gestartet und die Prozesse wurden wieder mit dem Neustart ausgeführt. Jedoch wurden die Proxy-Einstllungen meiner Browser Firefox und Google Chrome ebenfalls geändert, dass sie sich manuell konfigurieren, und dies hat sich nach dem Neustart nicht von selbst eingestelt. Ich habe die Einstellungen so geändert, dass die Proxy-Einstellungen automatisch erkannt werden, sons hätte mich der Browser nicht einmal auf google.at gehen lassen. Ich dachte ich erwähne das, im Falle, dass die Poxyeinstellungen nicht automatisch zugewiesen werden sollten und ich das ändern muss oder in irgend einer anderen Art wichtig sein könnten.  |
|
08.07.2014, 14:10
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | XML-Verarbeitungsfehler: nicht wohlgeformt Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.07.2014, 10:12
| #9 |
| | XML-Verarbeitungsfehler: nicht wohlgeformt AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 09/07/2014 um 10:45:26
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Belinda - BELINDA-PC
# Gestartet von : C:\Users\Belinda\Desktop\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Adblocker
Ordner Gelöscht : C:\ProgramData\saave, one
Ordner Gelöscht : C:\ProgramData\sAAvue on
Ordner Gelöscht : C:\Program Files (x86)\Adblocker
Ordner Gelöscht : C:\Program Files (x86)\MSR
Ordner Gelöscht : C:\Program Files (x86)\saave, one
Ordner Gelöscht : C:\Program Files (x86)\sAAvue on
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Ordner Gelöscht : C:\Users\Decayde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek
Ordner Gelöscht : C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek
Ordner Gelöscht : C:\Users\Decayde\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp
Ordner Gelöscht : C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp
Ordner Gelöscht : C:\Users\Decayde\AppData\Local\Google\Chrome\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp
Datei Gelöscht : C:\Windows\SysWOW64\RegistryHelperLM.ocx
Datei Gelöscht : C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9BFF5886-A048-5223-AF1E-37998D1E83BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFF5886-A048-5223-AF1E-37998D1E83BD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BFF5886-A048-5223-AF1E-37998D1E83BD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9BFF5886-A048-5223-AF1E-37998D1E83BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9BFF5886-A048-5223-AF1E-37998D1E83BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9BFF5886-A048-5223-AF1E-37998D1E83BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34F6CC54-0699-9930-CB2E-174FEAEB2F2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFF5886-A048-5223-AF1E-37998D1E83BD}
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\prefs.js ]
Zeile gelöscht : user_pref("extensions.aF9dRfAAB.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumoro[...]
[ Datei : C:\Users\Decayde\AppData\Roaming\Mozilla\Firefox\Profiles\zml9yfl9.default\prefs.js ]
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\svta04s9.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : iihioilnlhmofhdhbigchkelfcmabkek
Gelöscht [Extension] : placaoajpbomigajoaeldfbhglnhdbfp
[ Datei : C:\Users\Decayde\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : placaoajpbomigajoaeldfbhglnhdbfp
Gelöscht [Extension] : iihioilnlhmofhdhbigchkelfcmabkek
[ Datei : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : placaoajpbomigajoaeldfbhglnhdbfp
Gelöscht [Extension] : iihioilnlhmofhdhbigchkelfcmabkek
*************************
AdwCleaner[R0].txt - [37390 octets] - [15/06/2014 09:46:43]
AdwCleaner[R1].txt - [6102 octets] - [09/07/2014 10:43:08]
AdwCleaner[S0].txt - [33345 octets] - [15/06/2014 09:47:42]
AdwCleaner[S1].txt - [5967 octets] - [09/07/2014 10:45:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6027 octets] ##########
JRT-Logfile: Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Belinda on 09.07.2014 at 10:52:29,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1432196140-1771900234-4215042517-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AddLyrics_2901-8801ec1c_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AddLyrics_2901-8801ec1c_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AddLyrics_2901-8801ec1c_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AddLyrics_2901-8801ec1c_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{69B729C4-7E6E-49B5-BC24-4D9B64F19DDB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6BF01991-1A65-40E4-8F26-63098A2B1C64}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B5041AFC-9CCE-437A-8EEF-E675469A5EF1}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\mysearch"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Belinda\appdata\local\{7B8C8313-7BED-4C18-B445-95A7C9ACD091}
Successfully deleted: [Empty Folder] C:\Users\Belinda\appdata\local\{AFB24C22-B059-4929-B2AD-5D5924ADADE6}
Successfully deleted: [Empty Folder] C:\Users\Belinda\appdata\local\{B373BA3A-6148-4803-A8BF-89312BFE014E}
Successfully deleted: [Empty Folder] C:\Users\Belinda\appdata\local\{EBB2AE0A-127A-4E46-AA32-D25FF07DF83A}
Successfully deleted: [Empty Folder] C:\Users\Belinda\appdata\local\{ECD01218-1DB8-4D4E-87F9-603B11075CFA}
~~~ FireFox
Successfully deleted the following from C:\Users\Belinda\AppData\Roaming\mozilla\firefox\profiles\1obdb2lb.default-1381238947563\prefs.js
user_pref("extensions.aF9dRfAAB.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")
user_pref("extensions.aF9dRfAAB.url", "hxxp://webdriiver.in/sync2/?q=hfZ9ofV9CShEAen0rTw9qihTB6lKDzt4okxktNtVh7n0rjnEqTw9rjn8pjn4tMFHhd9Fqda6rdUEpdn6qjCMDMlGojUMAe4Uojk9rdnEqj
Emptied folder: C:\Users\Belinda\AppData\Roaming\mozilla\firefox\profiles\1obdb2lb.default-1381238947563\minidumps [86 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.07.2014 at 10:59:32,43
End of JRT log
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Belinda (administrator) on BELINDA-PC on 09-07-2014 11:04:08
Running from C:\Users\Belinda\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell) C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-02-14] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-04-27] (Dell Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-04-09] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2013-05-08] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\Run: [DellSystemDetect] => C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [258160 2014-03-29] (Dell)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKCU - {45A295C6-C2D8-42B3-820D-6066453B36CC} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10529
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adblocker - {97D90C52-167F-B0B7-E365-FCF2B0CF9F35} - C:\Program Files (x86)\Adblocker\FHLhBbH.x64.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: MySearch - {5274DA06-440D-4335-5C74-BF4F118E1A75} - C:\Program Files (x86)\MySearch\W.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adblocker - {97D90C52-167F-B0B7-E365-FCF2B0CF9F35} - C:\Program Files (x86)\Adblocker\FHLhBbH.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - No Name - {E19990DF-6FB7-4B55-A59B-6A5188750476} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - FindWide Toolbar - {E19990DF-6FB7-4B55-A59B-6A5188750476} - C:\Program Files (x86)\TNT2\Profiles\10841\passport.dll (Findwide)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F100FA8-6DB0-4F2D-8A23-D6510E7C4508}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563
FF Homepage: https://www.google.at/
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Belinda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblocker - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\ocu9wbj7-nqut@iioeaohtjmjkpwu.org [2014-06-14]
FF Extension: DownloadHelper - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Adblock Plus - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-08]
Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR Extension: (Google Drive) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-10]
CHR Extension: (YouTube) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-10]
CHR Extension: (Google-Suche) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-10]
CHR Extension: (No Name) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek [2014-06-14]
CHR Extension: (Downloads) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2014-06-14]
CHR Extension: (Google Wallet) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-10]
CHR Extension: (Google Mail) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-10]
CHR Extension: (No Name) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp [2014-06-14]
CHR Extension: (Adblocker) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni [2014-06-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4204272 2012-08-28] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [60416 2009-06-22] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-04-27] (Dell Inc.) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [138280 2012-04-27] (Broadcom Corporation.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-09 11:01 - 2014-07-09 11:04 - 00023628 _____ () C:\Users\Belinda\Desktop\FRST.txt
2014-07-09 10:59 - 2014-07-09 10:59 - 00003552 _____ () C:\Users\Belinda\Desktop\JRT.txt
2014-07-09 10:52 - 2014-07-09 10:52 - 00000000 ____D () C:\Windows\ERUNT
2014-07-09 10:41 - 2014-07-09 10:41 - 01016261 _____ (Thisisu) C:\Users\Belinda\Desktop\JRT.exe
2014-07-09 10:40 - 2014-07-09 10:40 - 01348263 _____ () C:\Users\Belinda\Desktop\adwcleaner_3.215.exe
2014-07-08 13:36 - 2014-07-08 13:36 - 00038930 _____ () C:\Users\Belinda\Desktop\combofix.txt
2014-07-08 13:26 - 2014-07-08 13:26 - 00038930 _____ () C:\ComboFix.txt
2014-07-08 13:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-08 13:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-08 13:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-08 12:56 - 2014-07-08 13:27 - 00000000 ____D () C:\Qoobox
2014-07-08 12:56 - 2014-07-08 13:25 - 00000000 ____D () C:\Windows\erdnt
2014-07-08 12:55 - 2014-07-08 12:56 - 05216105 ____R (Swearware) C:\Users\Belinda\Desktop\ComboFix.exe
2014-07-06 14:04 - 2014-07-09 11:04 - 00000000 ____D () C:\FRST
2014-07-06 14:03 - 2014-07-06 14:04 - 02084352 _____ (Farbar) C:\Users\Belinda\Desktop\FRST64.exe
2014-06-25 13:15 - 2014-06-25 13:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-06-25 10:58 - 2014-06-25 10:58 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-06-23 07:41 - 2014-06-23 07:41 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-20 21:59 - 2014-06-20 22:03 - 00000000 ____D () C:\Windows\pss
2014-06-19 14:58 - 2014-07-09 10:39 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Adobe
2014-06-19 14:34 - 2014-06-19 14:34 - 00003664 ____N () C:\bootsqm.dat
2014-06-15 10:31 - 2014-06-15 10:34 - 00000000 ____D () C:\Users\Belinda\.gimp-2.8
2014-06-15 10:26 - 2014-06-15 10:26 - 00000856 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-06-15 10:25 - 2014-06-20 15:04 - 00000000 ____D () C:\Program Files\GIMP 2
2014-06-15 09:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-15 09:46 - 2014-07-09 10:45 - 00000000 ____D () C:\AdwCleaner
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 _____ () C:\autoexec.bat
2014-06-15 00:18 - 2014-06-20 15:06 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-15 00:00 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieUserList
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieSiteList
2014-06-14 17:01 - 2014-06-20 15:02 - 00000000 ____D () C:\ProgramData\MountainApp
2014-06-14 17:00 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-14 17:00 - 2014-06-20 15:04 - 00000000 ____D () C:\Program Files (x86)\Adblocker
2014-06-14 17:00 - 2014-06-14 17:00 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator
2014-06-14 16:59 - 2014-06-14 17:03 - 00000000 ____D () C:\ProgramData\bbe119dfcbd6ab61
2014-06-14 16:59 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Packages
2014-06-14 16:08 - 2014-06-14 16:08 - 00003022 _____ () C:\Windows\System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F}
2014-06-13 13:19 - 2014-06-13 13:19 - 00000000 ____D () C:\Users\Belinda\K
2014-06-12 20:56 - 2014-07-09 10:47 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\PCDr
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Dell
2014-06-12 20:13 - 2014-06-15 00:12 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-12 20:13 - 2014-06-12 20:13 - 00000000 ____D () C:\ProgramData\PCDr
2014-06-12 18:38 - 2014-06-12 18:38 - 00000000 ____D () C:\Users\Belinda\AppData\Local\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Local\TuneUp Software
2014-06-12 18:25 - 2014-06-12 18:26 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\DVDVideoSoft
2014-06-12 17:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 17:57 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 17:57 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 17:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 17:57 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 17:57 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 17:57 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 17:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 17:57 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 17:57 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 17:57 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 17:57 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 17:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 17:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 17:57 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 17:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 17:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 17:57 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 17:57 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 17:57 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 17:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 17:57 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 17:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 17:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 17:57 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 17:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 17:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 17:57 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 17:57 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 17:57 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 17:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 17:57 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 17:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 17:57 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 17:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 17:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 17:57 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 17:57 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 17:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 17:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 17:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 17:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 17:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 17:57 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 17:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 17:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 17:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 17:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 17:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 17:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 17:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 17:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 17:54 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 17:54 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 17:51 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 17:51 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 17:51 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 17:51 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 17:51 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 17:51 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 17:51 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 17:51 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 17:51 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 17:51 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 17:51 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 17:51 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 17:51 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 17:51 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:14 - 2014-06-12 14:31 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TS3Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
==================== One Month Modified Files and Folders =======
2014-07-09 11:04 - 2014-07-09 11:01 - 00023628 _____ () C:\Users\Belinda\Desktop\FRST.txt
2014-07-09 11:04 - 2014-07-06 14:04 - 00000000 ____D () C:\FRST
2014-07-09 10:59 - 2014-07-09 10:59 - 00003552 _____ () C:\Users\Belinda\Desktop\JRT.txt
2014-07-09 10:57 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 10:57 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 10:55 - 2012-07-15 05:55 - 01956722 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 10:54 - 2013-04-10 08:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 10:52 - 2014-07-09 10:52 - 00000000 ____D () C:\Windows\ERUNT
2014-07-09 10:47 - 2014-06-12 20:56 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-09 10:46 - 2010-11-21 05:47 - 00334270 _____ () C:\Windows\PFRO.log
2014-07-09 10:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 10:46 - 2009-07-14 06:51 - 00185503 _____ () C:\Windows\setupact.log
2014-07-09 10:45 - 2014-06-15 09:46 - 00000000 ____D () C:\AdwCleaner
2014-07-09 10:41 - 2014-07-09 10:41 - 01016261 _____ (Thisisu) C:\Users\Belinda\Desktop\JRT.exe
2014-07-09 10:40 - 2014-07-09 10:40 - 01348263 _____ () C:\Users\Belinda\Desktop\adwcleaner_3.215.exe
2014-07-09 10:39 - 2014-06-19 14:58 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Adobe
2014-07-09 10:34 - 2013-03-29 11:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-08 13:36 - 2014-07-08 13:36 - 00038930 _____ () C:\Users\Belinda\Desktop\combofix.txt
2014-07-08 13:27 - 2014-07-08 12:56 - 00000000 ____D () C:\Qoobox
2014-07-08 13:26 - 2014-07-08 13:26 - 00038930 _____ () C:\ComboFix.txt
2014-07-08 13:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-08 13:25 - 2014-07-08 12:56 - 00000000 ____D () C:\Windows\erdnt
2014-07-08 13:19 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-08 13:18 - 2009-07-14 04:34 - 80216064 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-08 13:18 - 2009-07-14 04:34 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-08 13:18 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-08 13:18 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-08 13:18 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-08 12:56 - 2014-07-08 12:55 - 05216105 ____R (Swearware) C:\Users\Belinda\Desktop\ComboFix.exe
2014-07-07 19:57 - 2014-05-09 21:15 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Battle.net
2014-07-06 14:04 - 2014-07-06 14:03 - 02084352 _____ (Farbar) C:\Users\Belinda\Desktop\FRST64.exe
2014-07-06 13:55 - 2012-10-19 10:39 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Deployment
2014-07-04 06:03 - 2010-11-21 08:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-07-04 06:03 - 2010-11-21 08:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-07-04 06:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 23:39 - 2014-04-20 18:25 - 00001069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2014-06-30 23:39 - 2014-04-20 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2014-06-30 08:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-29 21:29 - 2014-01-13 21:04 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-29 12:44 - 2014-05-05 21:13 - 00000000 ___RD () C:\Users\Belinda\Dropbox
2014-06-29 12:43 - 2014-05-05 21:12 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\DropboxMaster
2014-06-29 12:43 - 2014-05-05 21:09 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Dropbox
2014-06-29 12:36 - 2012-09-19 19:30 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Skype
2014-06-25 13:38 - 2012-09-19 18:06 - 00000000 ____D () C:\Users\Belinda
2014-06-25 13:15 - 2014-06-25 13:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-06-25 10:58 - 2014-06-25 10:58 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-06-25 10:58 - 2012-09-19 18:13 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Adobe
2014-06-24 08:20 - 2013-02-08 11:52 - 00000000 ____D () C:\Users\Belinda\.VirtualBox
2014-06-23 11:28 - 2013-01-24 13:32 - 00007671 _____ () C:\Users\Belinda\AppData\Local\Resmon.ResmonCfg
2014-06-23 11:15 - 2012-09-20 08:42 - 00000000 ____D () C:\Users\Belinda\SCHULE
2014-06-23 07:44 - 2012-09-20 15:29 - 00370688 ___SH () C:\Users\Belinda\Thumbs.db
2014-06-23 07:41 - 2014-06-23 07:41 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-20 22:03 - 2014-06-20 21:59 - 00000000 ____D () C:\Windows\pss
2014-06-20 22:00 - 2012-10-18 18:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 21:56 - 2014-05-09 21:27 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-06-20 21:46 - 2014-05-09 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 15:06 - 2014-06-15 00:18 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-20 15:05 - 2014-05-09 23:33 - 00000000 ____D () C:\Users\Belinda\AppData\Local\NVIDIA
2014-06-20 15:05 - 2014-05-09 21:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Battle.net
2014-06-20 15:05 - 2013-09-30 11:44 - 00000000 ____D () C:\Users\Decayde
2014-06-20 15:05 - 2013-04-10 08:06 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-20 15:05 - 2013-01-11 15:25 - 00000000 ____D () C:\Users\Gast
2014-06-20 15:05 - 2012-09-25 10:45 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Azureus
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-06-20 15:04 - 2014-06-15 10:25 - 00000000 ____D () C:\Program Files\GIMP 2
2014-06-20 15:04 - 2014-06-15 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio
2014-06-20 15:04 - 2014-06-14 17:00 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-20 15:04 - 2014-06-14 17:00 - 00000000 ____D () C:\Program Files (x86)\Adblocker
2014-06-20 15:04 - 2014-02-13 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Storybook
2014-06-20 15:04 - 2013-10-14 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-20 15:04 - 2013-10-10 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 15:04 - 2013-09-22 17:45 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-20 15:04 - 2013-08-09 01:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-06-20 15:04 - 2013-04-23 11:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-20 15:04 - 2013-03-03 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Storybook 4
2014-06-20 15:04 - 2012-11-24 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Screensaver
2014-06-20 15:04 - 2012-11-11 17:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-20 15:04 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-06-20 15:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Comodo
2014-06-20 15:03 - 2013-12-25 16:24 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Google
2014-06-20 15:03 - 2013-02-15 08:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-20 15:03 - 2013-02-04 13:05 - 00000000 ____D () C:\Users\Belinda\dwhelper
2014-06-20 15:03 - 2012-10-19 10:40 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Google
2014-06-20 15:02 - 2014-06-14 17:01 - 00000000 ____D () C:\ProgramData\MountainApp
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Comodo
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator
2014-06-20 15:02 - 2013-05-08 21:59 - 00000000 ____D () C:\Program Files\Smith Micro
2014-06-20 15:02 - 2013-02-09 11:24 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-20 15:02 - 2012-09-24 21:26 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-20 15:00 - 2013-04-10 08:01 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-20 15:00 - 2012-10-19 10:40 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-20 15:00 - 2012-07-15 13:46 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-20 15:00 - 2012-07-15 13:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-19 14:34 - 2014-06-19 14:34 - 00003664 ____N () C:\bootsqm.dat
2014-06-19 11:43 - 2013-07-27 17:47 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-06-15 10:34 - 2014-06-15 10:31 - 00000000 ____D () C:\Users\Belinda\.gimp-2.8
2014-06-15 10:26 - 2014-06-15 10:26 - 00000856 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-06-15 09:47 - 2012-09-19 18:09 - 00000961 _____ () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 _____ () C:\autoexec.bat
2014-06-15 00:12 - 2014-06-12 20:13 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-15 00:12 - 2014-03-29 15:40 - 00002982 _____ () C:\Windows\System32\Tasks\{9CE87621-B0FF-4B20-BBC1-176D52210A67}
2014-06-15 00:12 - 2014-03-19 21:46 - 00002982 _____ () C:\Windows\System32\Tasks\{61C9DBC5-09D7-47A1-AF31-0DD4CB996EC2}
2014-06-14 23:51 - 2013-11-26 13:27 - 00003510 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Belinda-PC-Belinda
2014-06-14 23:51 - 2013-09-22 18:07 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-06-14 23:14 - 2013-12-30 17:52 - 00003094 _____ () C:\Windows\System32\Tasks\{08169894-71C7-41FE-8C59-3C26BB7B473D}
2014-06-14 23:14 - 2013-09-30 11:44 - 00003098 _____ () C:\Windows\System32\Tasks\{43426D0C-2840-40B1-885F-B5DAE5D333FF}
2014-06-14 23:14 - 2013-09-24 17:24 - 00003098 _____ () C:\Windows\System32\Tasks\{64698EA9-AC20-48D3-89FC-74686F1D8121}
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieUserList
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieSiteList
2014-06-14 17:03 - 2014-06-14 16:59 - 00000000 ____D () C:\ProgramData\bbe119dfcbd6ab61
2014-06-14 17:00 - 2014-06-14 17:00 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-14 16:59 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Packages
2014-06-14 16:08 - 2014-06-14 16:08 - 00003022 _____ () C:\Windows\System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F}
2014-06-13 18:14 - 2013-03-29 11:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-13 18:13 - 2012-07-15 13:05 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-13 18:13 - 2012-07-15 13:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-13 14:01 - 2013-09-22 18:07 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-06-13 13:59 - 2013-04-10 08:01 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Microsoft Help
2014-06-13 13:19 - 2014-06-13 13:19 - 00000000 ____D () C:\Users\Belinda\K
2014-06-13 12:41 - 2014-01-02 01:59 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\vlc
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\PCDr
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Dell
2014-06-12 20:13 - 2014-06-12 20:13 - 00000000 ____D () C:\ProgramData\PCDr
2014-06-12 20:12 - 2014-01-13 20:37 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Skype
2014-06-12 19:35 - 2013-07-17 10:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 19:33 - 2012-09-26 10:18 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 19:28 - 2014-05-07 08:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 19:05 - 2012-09-29 15:01 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-12 18:38 - 2014-06-12 18:38 - 00000000 ____D () C:\Users\Belinda\AppData\Local\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Local\TuneUp Software
2014-06-12 18:26 - 2014-06-12 18:25 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\DVDVideoSoft
2014-06-12 18:26 - 2013-02-01 12:38 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-06-12 18:26 - 2012-09-29 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-12 18:26 - 2012-09-29 14:59 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\DVDVideoSoft
2014-06-12 14:31 - 2014-06-12 14:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TS3Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
Files to move or delete:
====================
C:\Users\Belinda\GameDevTycoon-139.exe
Some content of TEMP:
====================
C:\Users\Belinda\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-10 12:51
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Belinda at 2014-07-09 11:04:29
Running from C:\Users\Belinda\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 3.9 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock 2 (HKLM-x32\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Crawler 3D Fireplace (HKLM-x32\...\{CDAFD956-97BE-443D-8EF7-F4F094EB5766}_SAV_3DFIREPLACE) (Version: - Crawler, LLC)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD09282B-E878-4C2C-914D-E67475E4729C}) (Version: - Microsoft)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3E90B7F4-1817-4405-B4A5-E4EA5EC0E2B3}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.217 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.52 - Dell Inc.)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.0.0.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.39.604 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.39.604 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417015FF}) (Version: 7.0.150 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 15 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170150}) (Version: 1.7.0.150 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LINE (HKLM-x32\...\LINE) (Version: 3.7.0.34 - LINE Corporation)
Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Minecraft1.5.1 (HKLM-x32\...\Minecraft1.5.1) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Network Notepad 4.6.9 (HKLM-x32\...\Netnotep_is1) (Version: - Jason Green)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
Novell Vibe Desktop 64-bit 1.0 (HKLM\...\{CA0D6979-21D2-40C1-AC0B-A34F944EC45C}) (Version: 1.0.0.17399 - Novell, Inc.)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 4.1.22 (HKLM\...\{883F56F3-B9E7-4B07-8F6D-2BEF6291DF16}) (Version: 4.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
sAAvue on (HKLM-x32\...\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}) (Version: 2.2.0.1169 - save on) <==== ATTENTION
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.188 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9F71CF8-8310-4EFC-869F-47BC0FEE269D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{98821750-2C79-4A07-9AE9-D2536FD9491D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F6CE638B-5A06-4EDD-A1FA-BFA827D14071}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{927B47DF-91B2-4EBF-9B66-43B2C95E41BF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{E3852353-AB54-4642-B25F-6E9EB106388B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2500 - Broadcom Corporation)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-2 - BitNami)
==================== Restore Points =========================
25-06-2014 05:44:11 Windows Update
25-06-2014 11:37:34 Removed Adobe Download Assistant
28-06-2014 19:40:26 Windows Update
01-07-2014 20:46:26 Windows Update
04-07-2014 04:07:30 Microsoft Antimalware Checkpoint
06-07-2014 09:48:57 Windows Update
08-07-2014 11:00:51 ComboFix created restore point
09-07-2014 08:51:21 PROPLUS
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-07-08 13:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {162F0C4C-B0D3-4683-940A-72869FFA066B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-13] (Adobe Systems Incorporated)
Task: {169F6838-AC82-4DD4-881A-F224CDF3DE93} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {18D90D48-9820-4C82-ADD6-505043C428BF} - System32\Tasks\{64698EA9-AC20-48D3-89FC-74686F1D8121} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {1C2CFDC4-674F-4C33-9286-A1417D5D9CF7} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {27FC83DA-DE75-4F5F-BF54-D584B3D81FF7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {45B45BA6-32FF-4A86-8A32-583775C8B3EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5DA4CBEF-078B-4640-9FC2-F124C3E05C8C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {60981396-8E41-4D14-BD86-F60B72C1034B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6925EB37-0F28-472D-95E7-D9586471DFEA} - System32\Tasks\{08169894-71C7-41FE-8C59-3C26BB7B473D} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.60.102/de/abandoninstall?page=tsBing
Task: {6A6511E9-8A7C-4FEF-9F52-439B7C86CCF6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {777F5872-2E8F-419B-98FD-B122A7B889D1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {7BE5822E-744A-4F79-B162-0B156BDDE393} - System32\Tasks\{D059BDD4-852F-49E5-91A8-11FE41D9189E} => Firefox.exe
Task: {82425580-1F63-4D86-BCAB-D6CD49E8A58C} - \SW-Booster-S-1609871843 No Task File <==== ATTENTION
Task: {8B5B67EF-4D31-40D2-8FD7-6BDBA2750880} - System32\Tasks\{61C9DBC5-09D7-47A1-AF31-0DD4CB996EC2} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-03-06] (Broadcom Corporation.)
Task: {954AFBB9-CACF-417C-9A1C-A094327BF52E} - System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {9FD839E7-6F57-4F3E-B803-BC397D8CF618} - System32\Tasks\{87B59C41-63AE-4EB4-9B61-36B6C5989F76} => Firefox.exe
Task: {A7540DC6-D1E7-4B76-9FCF-99C0232A89BC} - \Funmoods No Task File <==== ATTENTION
Task: {AB56B8DB-402C-4365-9CD9-8F452D4A4683} - System32\Tasks\{DD5A5FC7-B760-4DFC-BFFA-7AB5DF49E681} => Firefox.exe
Task: {B1E5B3C4-0901-424B-8521-721BD105AE1D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B4DD9B4B-FA90-42C8-859C-366F39AC7527} - System32\Tasks\{43426D0C-2840-40B1-885F-B5DAE5D333FF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {BDF168E9-2C46-4A99-B159-0DBE815CD449} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-14] (PC-Doctor, Inc.)
Task: {DA4F2E1D-8512-414E-95F4-C5F987EC5BCB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {DF96CB30-1F76-4F55-85CF-5FECFFE0D917} - System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {E2C8E010-D284-48DE-A85A-B70D31CAB5DB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1432196140-1771900234-4215042517-1004
Task: {E754DCF1-CBE1-43EB-AAD4-1B7A0A947C12} - System32\Tasks\{9CE87621-B0FF-4B20-BBC1-176D52210A67} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-03-06] (Broadcom Corporation.)
Task: {EBE528AE-F1C7-497D-8F34-4C05B015E9E2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {EC5C1C3F-73E1-4AC7-B41C-A7DB05934789} - System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {F859CECB-B4B3-4301-BFE0-B28FDCE8352F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {F9FC3C86-2CD6-4EC7-BD71-615029A45AED} - System32\Tasks\AdobeAAMUpdater-1.0-Belinda-PC-Belinda => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FC1B8405-F529-4F78-A896-F8C1C585BEE1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-07-15 05:56 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-13 21:06 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-02-01 18:50 - 2014-02-01 18:50 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-07-15 14:31 - 2012-03-27 03:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-08 14:03 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2011-06-24 15:45 - 2013-05-08 14:40 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2014-05-14 08:15 - 2014-05-14 08:15 - 08890536 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-12-18 15:42 - 2014-05-20 04:44 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-14 11:57 - 2014-02-14 11:57 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\00a0b4a9df6e4abf30ae2af3624a77ce\IsdiInterop.ni.dll
2012-07-15 13:20 - 2012-02-01 23:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-15 13:22 - 2012-01-20 18:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-09 23:15 - 2014-06-20 21:45 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (07/09/2014 11:03:08 AM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-07-08 13:16:53.106
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-08 13:16:53.028
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-19 15:54:06.335
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.284
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.231
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.175
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.698
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.648
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.598
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.548
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 8063.41 MB
Available physical RAM: 5392.78 MB
Total Pagefile: 16125 MB
Available Pagefile: 13398.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:309.72 GB) (Free:71.42 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Server2012) (Fixed) (Total:156 GB) (Free:128.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7AF659C3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=310 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=156 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Eine Frage: Was mache ich mit den Tools, wenn der Fehler behoben ist? Sollte ich sie dann von meinem Laptop entfernen oder kann ich sie immer wieder benutzen, um sicherheitshalber nach Viren zu scannen? |
|
09.07.2014, 10:30
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | XML-Verarbeitungsfehler: nicht wohlgeformt Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
BHO: Adblocker - {97D90C52-167F-B0B7-E365-FCF2B0CF9F35} - C:\Program Files (x86)\Adblocker\FHLhBbH.x64.dll ()
BHO-x32: MySearch - {5274DA06-440D-4335-5C74-BF4F118E1A75} - C:\Program Files (x86)\MySearch\W.dll No File
BHO-x32: Adblocker - {97D90C52-167F-B0B7-E365-FCF2B0CF9F35} - C:\Program Files (x86)\Adblocker\FHLhBbH.dll ()
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 4
FF Extension: Adblocker - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\ocu9wbj7-nqut@iioeaohtjmjkpwu.org [2014-06-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Extension: (Adblocker) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni [2014-06-14]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Task: {1C2CFDC4-674F-4C33-9286-A1417D5D9CF7} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {82425580-1F63-4D86-BCAB-D6CD49E8A58C} - \SW-Booster-S-1609871843 No Task File <==== ATTENTION
Task: {A7540DC6-D1E7-4B76-9FCF-99C0232A89BC} - \Funmoods No Task File <==== ATTENTION
Task: {AB56B8DB-402C-4365-9CD9-8F452D4A4683} - System32\Tasks\{DD5A5FC7-B760-4DFC-BFFA-7AB5DF49E681} => Firefox.exe
C:\Users\Belinda\GameDevTycoon-139.exe
C:\Program Files\Enigma Software Group
C:\ProgramData\bbe119dfcbd6ab61
C:\Program Files (x86)\Adblocker
C:\Program Files (x86)\MySearch
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.07.2014, 12:32
| #11 |
| | XML-Verarbeitungsfehler: nicht wohlgeformtCode:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01
Ran by Belinda at 2014-07-10 13:24:34 Run:1
Running from C:\Users\Belinda\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
BHO: Adblocker - {97D90C52-167F-B0B7-E365-FCF2B0CF9F35} - C:\Program Files (x86)\Adblocker\FHLhBbH.x64.dll ()
BHO-x32: MySearch - {5274DA06-440D-4335-5C74-BF4F118E1A75} - C:\Program Files (x86)\MySearch\W.dll No File
BHO-x32: Adblocker - {97D90C52-167F-B0B7-E365-FCF2B0CF9F35} - C:\Program Files (x86)\Adblocker\FHLhBbH.dll ()
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 4
FF Extension: Adblocker - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\ocu9wbj7-nqut@iioeaohtjmjkpwu.org [2014-06-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Extension: (Adblocker) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni [2014-06-14]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Task: {1C2CFDC4-674F-4C33-9286-A1417D5D9CF7} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {82425580-1F63-4D86-BCAB-D6CD49E8A58C} - \SW-Booster-S-1609871843 No Task File <==== ATTENTION
Task: {A7540DC6-D1E7-4B76-9FCF-99C0232A89BC} - \Funmoods No Task File <==== ATTENTION
Task: {AB56B8DB-402C-4365-9CD9-8F452D4A4683} - System32\Tasks\{DD5A5FC7-B760-4DFC-BFFA-7AB5DF49E681} => Firefox.exe
C:\Users\Belinda\GameDevTycoon-139.exe
C:\Program Files\Enigma Software Group
C:\ProgramData\bbe119dfcbd6ab61
C:\Program Files (x86)\Adblocker
C:\Program Files (x86)\MySearch
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{97D90C52-167F-B0B7-E365-FCF2B0CF9F35}' => Key deleted successfully.
'HKCR\CLSID\{97D90C52-167F-B0B7-E365-FCF2B0CF9F35}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5274DA06-440D-4335-5C74-BF4F118E1A75}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{5274DA06-440D-4335-5C74-BF4F118E1A75}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{97D90C52-167F-B0B7-E365-FCF2B0CF9F35}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{97D90C52-167F-B0B7-E365-FCF2B0CF9F35}' => Key deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\ocu9wbj7-nqut@iioeaohtjmjkpwu.org => Moved successfully.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni => Moved successfully.
esgiguard => Service deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C2CFDC4-674F-4C33-9286-A1417D5D9CF7}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C2CFDC4-674F-4C33-9286-A1417D5D9CF7}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoforFilesUpdate' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82425580-1F63-4D86-BCAB-D6CD49E8A58C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82425580-1F63-4D86-BCAB-D6CD49E8A58C}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SW-Booster-S-1609871843' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7540DC6-D1E7-4B76-9FCF-99C0232A89BC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7540DC6-D1E7-4B76-9FCF-99C0232A89BC}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB56B8DB-402C-4365-9CD9-8F452D4A4683}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB56B8DB-402C-4365-9CD9-8F452D4A4683}' => Key deleted successfully.
C:\Windows\System32\Tasks\{DD5A5FC7-B760-4DFC-BFFA-7AB5DF49E681} => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DD5A5FC7-B760-4DFC-BFFA-7AB5DF49E681}' => Key deleted successfully.
C:\Users\Belinda\GameDevTycoon-139.exe => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\ProgramData\bbe119dfcbd6ab61 => Moved successfully.
C:\Program Files (x86)\Adblocker => Moved successfully.
"C:\Program Files (x86)\MySearch" => File/Directory not found.
The system needed a reboot.
==== End of Fixlog ====
|
|
10.07.2014, 12:37
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | XML-Verarbeitungsfehler: nicht wohlgeformt Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.07.2014, 19:38
| #13 |
| | XML-Verarbeitungsfehler: nicht wohlgeformt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Belinda (administrator) on BELINDA-PC on 10-07-2014 20:39:40
Running from C:\Users\Belinda\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell) C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-02-14] (IDT, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-04-27] (Dell Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-04-09] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2013-05-08] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\Run: [DellSystemDetect] => C:\Users\Belinda\AppData\Local\Apps\2.0\7Q0KH250.EYE\Q5NX3KBK.7VZ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [258160 2014-03-29] (Dell)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKCU - {45A295C6-C2D8-42B3-820D-6066453B36CC} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10529
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - No Name - {E19990DF-6FB7-4B55-A59B-6A5188750476} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - FindWide Toolbar - {E19990DF-6FB7-4B55-A59B-6A5188750476} - C:\Program Files (x86)\TNT2\Profiles\10841\passport.dll (Findwide)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7F100FA8-6DB0-4F2D-8A23-D6510E7C4508}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Belinda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Adblock Plus - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-08]
Chrome:
=======
CHR HomePage: hxxp://google.com/
CHR Extension: (Google Drive) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-10]
CHR Extension: (YouTube) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-10]
CHR Extension: (Google-Suche) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-10]
CHR Extension: (No Name) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek [2014-06-14]
CHR Extension: (Downloads) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2014-06-14]
CHR Extension: (Google Wallet) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-10]
CHR Extension: (Google Mail) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-10]
CHR Extension: (No Name) - C:\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp [2014-06-14]
==================== Services (Whitelisted) =================
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4204272 2012-08-28] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [60416 2009-06-22] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-01] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-04-27] (Dell Inc.) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
S4 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S4 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [138280 2012-04-27] (Broadcom Corporation.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-10 20:39 - 2014-07-10 20:40 - 00022228 _____ () C:\Users\Belinda\Desktop\FRST.txt
2014-07-10 13:43 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 13:43 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 13:43 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 13:43 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 13:43 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 13:42 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 13:42 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 13:42 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 13:42 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 13:42 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 13:42 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 13:42 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 13:42 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 13:42 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 13:42 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 13:42 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 13:42 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 13:42 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 13:42 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 13:42 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 13:42 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 13:42 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 13:42 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 13:42 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 13:42 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 13:42 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 13:42 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 13:42 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 13:42 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 13:42 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 13:42 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 13:42 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 13:42 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 13:42 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 13:42 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 13:42 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 13:42 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 13:42 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 13:42 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 13:42 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 13:42 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 13:42 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 13:42 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 13:42 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 13:42 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 13:42 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 13:42 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 13:42 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 13:42 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 13:42 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 13:42 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 13:42 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 13:42 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 13:42 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 13:42 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 13:42 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 13:42 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 13:42 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 13:42 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 13:42 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 13:42 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 13:42 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 13:42 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 13:42 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 13:42 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 13:42 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 13:42 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 13:42 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 13:42 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 13:42 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 13:42 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 13:42 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 13:42 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 13:42 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 13:42 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 13:42 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 13:42 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 13:42 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 13:42 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 13:42 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 13:41 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 10:52 - 2014-07-09 10:52 - 00000000 ____D () C:\Windows\ERUNT
2014-07-09 10:41 - 2014-07-09 10:41 - 01016261 _____ (Thisisu) C:\Users\Belinda\Desktop\JRT.exe
2014-07-09 10:40 - 2014-07-09 10:40 - 01348263 _____ () C:\Users\Belinda\Desktop\adwcleaner_3.215.exe
2014-07-08 13:26 - 2014-07-08 13:26 - 00038930 _____ () C:\ComboFix.txt
2014-07-08 13:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-08 13:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-08 13:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-08 13:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-08 12:56 - 2014-07-08 13:27 - 00000000 ____D () C:\Qoobox
2014-07-08 12:56 - 2014-07-08 13:25 - 00000000 ____D () C:\Windows\erdnt
2014-07-08 12:55 - 2014-07-08 12:56 - 05216105 ____R (Swearware) C:\Users\Belinda\Desktop\ComboFix.exe
2014-07-06 14:04 - 2014-07-10 20:39 - 00000000 ____D () C:\FRST
2014-07-06 14:03 - 2014-07-06 14:04 - 02084352 _____ (Farbar) C:\Users\Belinda\Desktop\FRST64.exe
2014-06-25 13:15 - 2014-06-25 13:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-06-25 10:58 - 2014-06-25 10:58 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-06-23 07:41 - 2014-06-23 07:41 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-20 21:59 - 2014-06-20 22:03 - 00000000 ____D () C:\Windows\pss
2014-06-19 14:58 - 2014-07-09 10:39 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Adobe
2014-06-19 14:34 - 2014-06-19 14:34 - 00003664 ____N () C:\bootsqm.dat
2014-06-15 10:31 - 2014-06-15 10:34 - 00000000 ____D () C:\Users\Belinda\.gimp-2.8
2014-06-15 10:26 - 2014-06-15 10:26 - 00000856 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-06-15 10:25 - 2014-06-20 15:04 - 00000000 ____D () C:\Program Files\GIMP 2
2014-06-15 09:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-15 09:46 - 2014-07-09 10:45 - 00000000 ____D () C:\AdwCleaner
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 _____ () C:\autoexec.bat
2014-06-15 00:18 - 2014-06-20 15:06 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-15 00:00 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieUserList
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieSiteList
2014-06-14 17:01 - 2014-06-20 15:02 - 00000000 ____D () C:\ProgramData\MountainApp
2014-06-14 17:00 - 2014-07-10 13:26 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-06-14 17:00 - 2014-06-20 15:04 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:03 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-14 16:59 - 2014-06-20 15:02 - 00000000 ____D () C:\Users\Administrator
2014-06-14 16:59 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Packages
2014-06-14 16:08 - 2014-06-14 16:08 - 00003022 _____ () C:\Windows\System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F}
2014-06-13 13:19 - 2014-06-13 13:19 - 00000000 ____D () C:\Users\Belinda\K
2014-06-12 20:56 - 2014-07-10 18:43 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\PCDr
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Dell
2014-06-12 20:13 - 2014-06-15 00:12 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-12 20:13 - 2014-06-12 20:13 - 00000000 ____D () C:\ProgramData\PCDr
2014-06-12 18:38 - 2014-06-12 18:38 - 00000000 ____D () C:\Users\Belinda\AppData\Local\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Local\TuneUp Software
2014-06-12 18:25 - 2014-06-12 18:26 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\DVDVideoSoft
2014-06-12 17:51 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 17:51 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 17:51 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 17:51 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 17:51 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 17:51 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 17:51 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 17:51 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 17:51 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 17:51 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 17:51 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 17:51 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 17:51 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 17:51 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 14:14 - 2014-06-12 14:31 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TS3Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
==================== One Month Modified Files and Folders =======
2014-07-10 20:40 - 2014-07-10 20:39 - 00022228 _____ () C:\Users\Belinda\Desktop\FRST.txt
2014-07-10 20:39 - 2014-07-06 14:04 - 00000000 ____D () C:\FRST
2014-07-10 20:34 - 2013-03-29 11:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-10 20:32 - 2012-07-15 05:55 - 01173517 _____ () C:\Windows\WindowsUpdate.log
2014-07-10 18:59 - 2013-02-01 12:38 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-07-10 18:59 - 2012-09-29 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-07-10 18:56 - 2012-09-29 14:59 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\DVDVideoSoft
2014-07-10 18:48 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-10 18:48 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-10 18:43 - 2014-06-12 20:56 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-10 18:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-10 18:43 - 2009-07-14 06:51 - 00186007 _____ () C:\Windows\setupact.log
2014-07-10 18:42 - 2009-07-14 06:45 - 05100008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 18:36 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 18:35 - 2014-05-07 08:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 18:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 18:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 14:32 - 2013-04-23 11:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-10 14:32 - 2013-04-10 08:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 14:30 - 2013-07-17 10:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 14:28 - 2012-09-26 10:18 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 13:26 - 2014-06-14 17:00 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 13:24 - 2012-09-19 18:06 - 00000000 ____D () C:\Users\Belinda
2014-07-10 13:24 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-09 15:34 - 2013-03-29 11:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 15:34 - 2012-07-15 13:05 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 15:34 - 2012-07-15 13:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 10:52 - 2014-07-09 10:52 - 00000000 ____D () C:\Windows\ERUNT
2014-07-09 10:46 - 2010-11-21 05:47 - 00334270 _____ () C:\Windows\PFRO.log
2014-07-09 10:45 - 2014-06-15 09:46 - 00000000 ____D () C:\AdwCleaner
2014-07-09 10:41 - 2014-07-09 10:41 - 01016261 _____ (Thisisu) C:\Users\Belinda\Desktop\JRT.exe
2014-07-09 10:40 - 2014-07-09 10:40 - 01348263 _____ () C:\Users\Belinda\Desktop\adwcleaner_3.215.exe
2014-07-09 10:39 - 2014-06-19 14:58 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Adobe
2014-07-08 13:27 - 2014-07-08 12:56 - 00000000 ____D () C:\Qoobox
2014-07-08 13:26 - 2014-07-08 13:26 - 00038930 _____ () C:\ComboFix.txt
2014-07-08 13:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-08 13:25 - 2014-07-08 12:56 - 00000000 ____D () C:\Windows\erdnt
2014-07-08 13:19 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-08 13:18 - 2009-07-14 04:34 - 80216064 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-08 13:18 - 2009-07-14 04:34 - 20709376 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-08 13:18 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-08 13:18 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-08 13:18 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-08 12:56 - 2014-07-08 12:55 - 05216105 ____R (Swearware) C:\Users\Belinda\Desktop\ComboFix.exe
2014-07-07 19:57 - 2014-05-09 21:15 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Battle.net
2014-07-06 14:04 - 2014-07-06 14:03 - 02084352 _____ (Farbar) C:\Users\Belinda\Desktop\FRST64.exe
2014-07-06 13:55 - 2012-10-19 10:39 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Deployment
2014-07-04 06:03 - 2010-11-21 08:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-07-04 06:03 - 2010-11-21 08:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-07-04 06:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-30 23:39 - 2014-04-20 18:25 - 00001069 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2014-06-30 23:39 - 2014-04-20 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2014-06-30 08:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-30 04:09 - 2014-07-10 13:43 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 13:43 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 21:29 - 2014-01-13 21:04 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-29 12:44 - 2014-05-05 21:13 - 00000000 ___RD () C:\Users\Belinda\Dropbox
2014-06-29 12:43 - 2014-05-05 21:12 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\DropboxMaster
2014-06-29 12:43 - 2014-05-05 21:09 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Dropbox
2014-06-29 12:36 - 2012-09-19 19:30 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Skype
2014-06-25 13:15 - 2014-06-25 13:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-06-25 10:58 - 2014-06-25 10:58 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-06-25 10:58 - 2012-09-19 18:13 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Adobe
2014-06-24 08:20 - 2013-02-08 11:52 - 00000000 ____D () C:\Users\Belinda\.VirtualBox
2014-06-23 11:28 - 2013-01-24 13:32 - 00007671 _____ () C:\Users\Belinda\AppData\Local\Resmon.ResmonCfg
2014-06-23 11:15 - 2012-09-20 08:42 - 00000000 ____D () C:\Users\Belinda\SCHULE
2014-06-23 07:44 - 2012-09-20 15:29 - 00370688 ___SH () C:\Users\Belinda\Thumbs.db
2014-06-23 07:41 - 2014-06-23 07:41 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-20 22:14 - 2014-07-10 13:42 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 22:03 - 2014-06-20 21:59 - 00000000 ____D () C:\Windows\pss
2014-06-20 22:00 - 2012-10-18 18:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-20 21:56 - 2014-05-09 21:27 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-06-20 21:46 - 2014-05-09 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-20 21:39 - 2014-07-10 13:42 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 15:06 - 2014-06-15 00:18 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-20 15:05 - 2014-05-09 23:33 - 00000000 ____D () C:\Users\Belinda\AppData\Local\NVIDIA
2014-06-20 15:05 - 2014-05-09 21:15 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Battle.net
2014-06-20 15:05 - 2013-09-30 11:44 - 00000000 ____D () C:\Users\Decayde
2014-06-20 15:05 - 2013-04-10 08:06 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-20 15:05 - 2013-01-11 15:25 - 00000000 ____D () C:\Users\Gast
2014-06-20 15:05 - 2012-09-25 10:45 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Azureus
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 15:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-06-20 15:04 - 2014-06-15 10:25 - 00000000 ____D () C:\Program Files\GIMP 2
2014-06-20 15:04 - 2014-06-15 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio
2014-06-20 15:04 - 2014-06-14 17:00 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-20 15:04 - 2014-02-13 23:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Storybook
2014-06-20 15:04 - 2013-10-14 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-06-20 15:04 - 2013-10-10 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 15:04 - 2013-09-22 17:45 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-20 15:04 - 2013-08-09 01:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
2014-06-20 15:04 - 2013-03-03 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Storybook 4
2014-06-20 15:04 - 2012-11-24 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Screensaver
2014-06-20 15:04 - 2012-11-11 17:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-20 15:04 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-06-20 15:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-06-20 15:03 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Comodo
2014-06-20 15:03 - 2013-12-25 16:24 - 00000000 ____D () C:\Users\Decayde\AppData\Local\Google
2014-06-20 15:03 - 2013-02-15 08:55 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-06-20 15:03 - 2013-02-04 13:05 - 00000000 ____D () C:\Users\Belinda\dwhelper
2014-06-20 15:03 - 2012-10-19 10:40 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Google
2014-06-20 15:02 - 2014-06-14 17:01 - 00000000 ____D () C:\ProgramData\MountainApp
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Comodo
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-20 15:02 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Administrator
2014-06-20 15:02 - 2013-05-08 21:59 - 00000000 ____D () C:\Program Files\Smith Micro
2014-06-20 15:02 - 2013-02-09 11:24 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-20 15:02 - 2012-09-24 21:26 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-20 15:00 - 2013-04-10 08:01 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-20 15:00 - 2012-10-19 10:40 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-20 15:00 - 2012-07-15 13:46 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-06-20 15:00 - 2012-07-15 13:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-19 14:34 - 2014-06-19 14:34 - 00003664 ____N () C:\bootsqm.dat
2014-06-19 11:43 - 2013-07-27 17:47 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-06-19 03:39 - 2014-07-10 13:41 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-10 13:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-10 13:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-10 13:42 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-10 13:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-10 13:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-10 13:42 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-10 13:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-10 13:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-10 13:42 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-10 13:42 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-10 13:42 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-10 13:42 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-10 13:42 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-10 13:42 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-10 13:42 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-10 13:42 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-10 13:42 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-10 13:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-10 13:42 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-10 13:42 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-10 13:42 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-10 13:42 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-10 13:42 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-10 13:42 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-10 13:42 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-10 13:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-10 13:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-10 13:42 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-10 13:42 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-10 13:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-10 13:42 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-10 13:42 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-10 13:42 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-10 13:42 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-10 13:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-10 13:42 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-10 13:42 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-10 13:42 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-10 13:42 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-10 13:42 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-10 13:42 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-10 13:42 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-10 13:42 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-10 13:42 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-10 13:42 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-10 13:42 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-10 13:42 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-10 13:42 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-10 13:42 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-10 13:42 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-10 13:42 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-10 13:42 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-10 13:42 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 04:18 - 2014-07-10 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-10 13:42 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-10 13:42 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-15 10:34 - 2014-06-15 10:31 - 00000000 ____D () C:\Users\Belinda\.gimp-2.8
2014-06-15 10:26 - 2014-06-15 10:26 - 00000856 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-06-15 09:47 - 2012-09-19 18:09 - 00000961 _____ () C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-15 00:19 - 2014-06-15 00:19 - 00000000 _____ () C:\autoexec.bat
2014-06-15 00:12 - 2014-06-12 20:13 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-06-15 00:12 - 2014-03-29 15:40 - 00002982 _____ () C:\Windows\System32\Tasks\{9CE87621-B0FF-4B20-BBC1-176D52210A67}
2014-06-15 00:12 - 2014-03-19 21:46 - 00002982 _____ () C:\Windows\System32\Tasks\{61C9DBC5-09D7-47A1-AF31-0DD4CB996EC2}
2014-06-14 23:51 - 2013-11-26 13:27 - 00003510 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Belinda-PC-Belinda
2014-06-14 23:51 - 2013-09-22 18:07 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-06-14 23:14 - 2013-12-30 17:52 - 00003094 _____ () C:\Windows\System32\Tasks\{08169894-71C7-41FE-8C59-3C26BB7B473D}
2014-06-14 23:14 - 2013-09-30 11:44 - 00003098 _____ () C:\Windows\System32\Tasks\{43426D0C-2840-40B1-885F-B5DAE5D333FF}
2014-06-14 23:14 - 2013-09-24 17:24 - 00003098 _____ () C:\Windows\System32\Tasks\{64698EA9-AC20-48D3-89FC-74686F1D8121}
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieUserList
2014-06-14 17:10 - 2014-06-14 17:10 - 00000000 __SHD () C:\Users\Belinda\AppData\Local\EmieSiteList
2014-06-14 16:59 - 2014-06-14 16:59 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Packages
2014-06-14 16:08 - 2014-06-14 16:08 - 00003022 _____ () C:\Windows\System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491}
2014-06-14 16:06 - 2014-06-14 16:06 - 00003022 _____ () C:\Windows\System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F}
2014-06-13 14:01 - 2013-09-22 18:07 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-06-13 13:59 - 2013-04-10 08:01 - 00000000 ____D () C:\Users\Belinda\AppData\Local\Microsoft Help
2014-06-13 13:19 - 2014-06-13 13:19 - 00000000 ____D () C:\Users\Belinda\K
2014-06-13 12:41 - 2014-01-02 01:59 - 00000000 ____D () C:\Users\Belinda\AppData\Roaming\vlc
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\PCDr
2014-06-12 20:14 - 2014-06-12 20:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Dell
2014-06-12 20:13 - 2014-06-12 20:13 - 00000000 ____D () C:\ProgramData\PCDr
2014-06-12 20:12 - 2014-01-13 20:37 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\Skype
2014-06-12 19:05 - 2012-09-29 15:01 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-12 18:38 - 2014-06-12 18:38 - 00000000 ____D () C:\Users\Belinda\AppData\Local\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TuneUp Software
2014-06-12 18:32 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Decayde\AppData\Local\TuneUp Software
2014-06-12 18:26 - 2014-06-12 18:25 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\DVDVideoSoft
2014-06-12 14:31 - 2014-06-12 14:14 - 00000000 ____D () C:\Users\Decayde\AppData\Roaming\TS3Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-12 14:14 - 2014-06-12 14:14 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
Some content of TEMP:
====================
C:\Users\Belinda\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-10 12:51
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Belinda at 2014-07-10 20:40:38
Running from C:\Users\Belinda\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 3.9 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock 2 (HKLM-x32\...\{4A8B461A-9336-4CF9-98F4-14DD38E673F0}) (Version: 1.00.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Crawler 3D Fireplace (HKLM-x32\...\{CDAFD956-97BE-443D-8EF7-F4F094EB5766}_SAV_3DFIREPLACE) (Version: - Crawler, LLC)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version: - Microsoft)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3E90B7F4-1817-4405-B4A5-E4EA5EC0E2B3}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage Remote (HKLM-x32\...\{2299EEBD-0A83-4B26-AA4A-057AE9E5BAE8}) (Version: 2.0.0.50 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.217 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.52 - Dell Inc.)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.5.623 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.39.604 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.39.604 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417015FF}) (Version: 7.0.150 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 15 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170150}) (Version: 1.7.0.150 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LINE (HKLM-x32\...\LINE) (Version: 3.7.0.34 - LINE Corporation)
Manga Studio (HKLM-x32\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Minecraft1.5.1 (HKLM-x32\...\Minecraft1.5.1) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Network Notepad 4.6.9 (HKLM-x32\...\Netnotep_is1) (Version: - Jason Green)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
Novell Vibe Desktop 64-bit 1.0 (HKLM\...\{CA0D6979-21D2-40C1-AC0B-A34F944EC45C}) (Version: 1.0.0.17399 - Novell, Inc.)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 4.1.22 (HKLM\...\{883F56F3-B9E7-4B07-8F6D-2BEF6291DF16}) (Version: 4.1.22 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
sAAvue on (HKLM-x32\...\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}) (Version: 2.2.0.1169 - save on) <==== ATTENTION
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.188 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.296 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9F71CF8-8310-4EFC-869F-47BC0FEE269D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{1BABB09A-AB4C-427F-B23C-76A278737988}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2500 - Broadcom Corporation)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-2 - BitNami)
==================== Restore Points =========================
25-06-2014 05:44:11 Windows Update
25-06-2014 11:37:34 Removed Adobe Download Assistant
28-06-2014 19:40:26 Windows Update
01-07-2014 20:46:26 Windows Update
04-07-2014 04:07:30 Microsoft Antimalware Checkpoint
06-07-2014 09:48:57 Windows Update
08-07-2014 11:00:51 ComboFix created restore point
09-07-2014 08:51:21 PROPLUS
10-07-2014 11:43:33 Windows Update
10-07-2014 12:23:50 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-07-08 13:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {162F0C4C-B0D3-4683-940A-72869FFA066B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {169F6838-AC82-4DD4-881A-F224CDF3DE93} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {18D90D48-9820-4C82-ADD6-505043C428BF} - System32\Tasks\{64698EA9-AC20-48D3-89FC-74686F1D8121} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {27FC83DA-DE75-4F5F-BF54-D584B3D81FF7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {45B45BA6-32FF-4A86-8A32-583775C8B3EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5DA4CBEF-078B-4640-9FC2-F124C3E05C8C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {60981396-8E41-4D14-BD86-F60B72C1034B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6925EB37-0F28-472D-95E7-D9586471DFEA} - System32\Tasks\{08169894-71C7-41FE-8C59-3C26BB7B473D} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.60.102/de/abandoninstall?page=tsBing
Task: {6A6511E9-8A7C-4FEF-9F52-439B7C86CCF6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {777F5872-2E8F-419B-98FD-B122A7B889D1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {7BE5822E-744A-4F79-B162-0B156BDDE393} - System32\Tasks\{D059BDD4-852F-49E5-91A8-11FE41D9189E} => Firefox.exe
Task: {8B5B67EF-4D31-40D2-8FD7-6BDBA2750880} - System32\Tasks\{61C9DBC5-09D7-47A1-AF31-0DD4CB996EC2} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-03-06] (Broadcom Corporation.)
Task: {954AFBB9-CACF-417C-9A1C-A094327BF52E} - System32\Tasks\{AF52A664-B800-4985-B684-3DB3775A4D4F} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {9FD839E7-6F57-4F3E-B803-BC397D8CF618} - System32\Tasks\{87B59C41-63AE-4EB4-9B61-36B6C5989F76} => Firefox.exe
Task: {B1E5B3C4-0901-424B-8521-721BD105AE1D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B4DD9B4B-FA90-42C8-859C-366F39AC7527} - System32\Tasks\{43426D0C-2840-40B1-885F-B5DAE5D333FF} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {BDF168E9-2C46-4A99-B159-0DBE815CD449} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-14] (PC-Doctor, Inc.)
Task: {DA4F2E1D-8512-414E-95F4-C5F987EC5BCB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {DF96CB30-1F76-4F55-85CF-5FECFFE0D917} - System32\Tasks\{C6238737-8183-47DD-9983-07AC2471B430} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {E2C8E010-D284-48DE-A85A-B70D31CAB5DB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1432196140-1771900234-4215042517-1004
Task: {E754DCF1-CBE1-43EB-AAD4-1B7A0A947C12} - System32\Tasks\{9CE87621-B0FF-4B20-BBC1-176D52210A67} => C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-03-06] (Broadcom Corporation.)
Task: {EBE528AE-F1C7-497D-8F34-4C05B015E9E2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {EC5C1C3F-73E1-4AC7-B41C-A7DB05934789} - System32\Tasks\{CAEBA7BF-B00F-49A8-8F94-7D6C89BF0491} => C:\Program Files\Smith Micro\Manga Studio 5E\Manga Studio\Manga Studio.exe [2012-11-08] (Smith Micro)
Task: {F859CECB-B4B3-4301-BFE0-B28FDCE8352F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {F9FC3C86-2CD6-4EC7-BD71-615029A45AED} - System32\Tasks\AdobeAAMUpdater-1.0-Belinda-PC-Belinda => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FC1B8405-F529-4F78-A896-F8C1C585BEE1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-01-13 21:06 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-02-01 18:50 - 2014-02-01 18:50 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-07-15 05:56 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-08 14:03 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-06-10 13:21 - 2014-06-10 13:21 - 08892072 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-15 14:31 - 2012-03-27 03:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-06-24 15:45 - 2013-05-08 14:40 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2013-12-18 15:42 - 2014-05-20 04:44 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-14 11:57 - 2014-02-14 11:57 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\00a0b4a9df6e4abf30ae2af3624a77ce\IsdiInterop.ni.dll
2012-07-15 13:20 - 2012-02-01 23:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-15 13:22 - 2012-01-20 18:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-09 23:15 - 2014-06-20 21:45 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2014 06:43:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2014 01:27:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2014 01:26:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (07/10/2014 01:26:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (07/10/2014 01:26:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (07/10/2014 01:15:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/10/2014 06:47:15 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/10/2014 06:43:36 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.1.100192.168.137.0255.255.255.0
Error: (07/10/2014 06:43:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Kernel Information Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (07/10/2014 01:54:23 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/10/2014 01:42:16 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/10/2014 01:30:16 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (07/10/2014 01:29:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (07/10/2014 01:29:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (07/10/2014 01:26:24 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.1.100192.168.137.0255.255.255.0
Error: (07/10/2014 01:26:23 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Microsoft Office Sessions:
=========================
Error: (07/10/2014 06:43:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2014 01:27:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2014 01:26:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (07/10/2014 01:26:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (07/10/2014 01:26:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (07/10/2014 01:15:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-07-08 13:16:53.106
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-08 13:16:53.028
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-19 15:54:06.335
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.284
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.231
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 15:54:06.175
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.172\recup_dir.7\f2057664_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.698
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.648
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.598
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-10-19 14:37:26.548
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Belinda\Desktop\testdisk-6.14\recup_dir.1288\f36758352_MsMpEng.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 30%
Total physical RAM: 8063.41 MB
Available physical RAM: 5593.59 MB
Total Pagefile: 16125 MB
Available Pagefile: 13481.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:309.72 GB) (Free:67.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Server2012) (Fixed) (Total:156 GB) (Free:128.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7AF659C3)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=310 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=156 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
11.07.2014, 10:22
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | XML-Verarbeitungsfehler: nicht wohlgeformt Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.07.2014, 10:28
| #15 |
| | XML-Verarbeitungsfehler: nicht wohlgeformtCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 11.07.2014 Suchlauf-Zeit: 12:28:21 Logdatei: suchlauf.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.11.04 Rootkit Datenbank: v2014.07.09.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Belinda Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 399284 Verstrichene Zeit: 13 Min, 13 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 17 PUP.Optional.BestToolbar.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}, Keine Aktion durch Benutzer, [1f218b13d1aa9c9a7f1f57fad2301ae6], PUP.Optional.SweetIM.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, In Quarantäne, [78c8435b8eed50e6d69a510631d1fc04], PUP.Optional.Yontoo.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, In Quarantäne, [96aaff9f4c2fa88ee1b673dec33f5ba5], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\MySearch.MySearch, In Quarantäne, [ae92801e3c3f2e08c6ecdaddb44e35cb], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\MySearch.MySearch.2.1, In Quarantäne, [77c9cdd11e5d0c2a981a298e2bd7c43c], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MySearch.MySearch, In Quarantäne, [e65a841a9edd69cd19999a1d57ab42be], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MySearch.MySearch.2.1, In Quarantäne, [053b1e80bebd9a9c02b0ad0a11f1e61a], PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, In Quarantäne, [de62b1edbbc0bc7a81d2817b43c07090], PUP.Optional.DealPly.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, In Quarantäne, [4bf5346a2a519e982b36f0d452b0ce32], PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2ghost.com/Plugin, In Quarantäne, [3010336baecddc5add2aac337c86966a], PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2npapi.com/Plugin, In Quarantäne, [a49ceeb06714b383dda99e401be7b44c], PUP.Optional.Softonic.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [2719227c86f5eb4bee43369871910ef2], PUP.Optional.BProtector.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\BPROTECTSETTINGS, In Quarantäne, [59e7495587f4f0466e08fafe0ef5ba46], PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{269E5324-A81F-43B8-A8A5-829711DDBA00}, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], Registrierungswerte: 6 PUP.Optional.Softomate.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{CA3EB689-8F09-4026-AA10-B9534C691CE0}, In Quarantäne, [2020acf2f982d95d6028f55bc939db25], PUP.Optional.Softomate.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{CA3EB689-8F09-4026-AA10-B9534C691CE0}, In Quarantäne, [2020acf2f982d95d6028f55bc939db25], PUP.Optional.FindWide, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, hxxp://search.findwide.com/?guid={269E5324-A81F-43B8-A8A5-829711DDBA00}&serpv=22, In Quarantäne, [47f9adf15d1e1d1982efbb4b9f65d42c] PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, SIM, In Quarantäne, [de62b1edbbc0bc7a81d2817b43c07090] PUP.Optional.NextLive.A, HKU\S-1-5-21-1432196140-1771900234-4215042517-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\Decayde\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, In Quarantäne, [28183866a1dad264a02fe5fa936fb749] PUP.BProtector, HKU\S-1-5-21-1432196140-1771900234-4215042517-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {80c554b9-c7f8-4a21-9471-06d606da78a2}, In Quarantäne, [a997bde1f289c76f40e44ea79d6640c0] Registrierungsdaten: 3 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[1d2356482556f73f09cac4d7dc289a66] PUP.Optional.FindWide, HKU\S-1-5-21-1432196140-1771900234-4215042517-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.findwide.com/?guid={269E5324-A81F-43B8-A8A5-829711DDBA00}&serpv=22, Gut: (www.google.com), Schlecht: (hxxp://search.findwide.com/?guid={269E5324-A81F-43B8-A8A5-829711DDBA00}&serpv=22),Ersetzt,[dd6389156b109a9c8fa9dbb6ca3a13ed] PUP.Optional.FindWide, HKU\S-1-5-21-1432196140-1771900234-4215042517-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://search.findwide.com/?guid={269E5324-A81F-43B8-A8A5-829711DDBA00}&serpv=22, Gut: (www.google.com), Schlecht: (hxxp://search.findwide.com/?guid={269E5324-A81F-43B8-A8A5-829711DDBA00}&serpv=22),Ersetzt,[dc642d710576d6603dd67824679d5fa1] Ordner: 10 PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Common, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\Cache, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1702, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10841, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], Dateien: 63 PUP.Optional.Multiplug, C:\ProgramData\Adblocker\ipGBbCGV.exe, In Quarantäne, [2d13950991ea1422c1552273f11037c9], PUP.Optional.MultiPlug.A, C:\ProgramData\MountainApp\SW-Booster\SW-Booster.exe, In Quarantäne, [152b3c6223583ef8b527aa8eb24fd729], PUP.BundleInstaller.DW, C:\Users\Belinda\Downloads\hdplugin_firefox.exe, In Quarantäne, [0e320d91205b76c0c5d07794956ca65a], PUP.Optional.Amonetize, C:\Windows\Installer\50392f.msi, In Quarantäne, [91af4a540a7135017ce56331f809639d], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\passport.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\TNT2UserPS.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\Autorun.inf, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\crx.tar, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\GameApps.ini, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\GameConsole.exe, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\GameEngine.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\GLOBALUNINSTALL.TNT, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\hmac.1.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\iestage2.1.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\IEToolbar.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\IEToolbar64.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\INSTALL.TNT, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\LastSession.log, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\log.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\MinecraftShims64.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\npTNT2.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\npTNT2Ghost.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\PARTNER.TNT, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\passport64.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\pinnedSearch.htm, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\pinnedSearch_FindWide.htm, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\progress.1.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\regsvr.1.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\RemoteSkin.wms, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\sqlite.1.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\tnt2chrome.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\TNT2UserPS64.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\TntMagicDel.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\UnInjLib.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\UnInjLib64.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\UNINSTALL.TNT, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\UninstallDlg.1.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\untar.1.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\UPDATE.TNT, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\xpi.tar, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\2.0.0.1702\zipunzip.1.dll, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Common\GameConsole.exe, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Common\pinnedSearch.htm, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\icon.ico, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\inst.ini, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\LastSession.log, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\os10841.xml, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\PARTNER.1.TNT, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\partner.dat, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\runt.ini, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\tnt_32x32.png, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\toolbar10841@findwide.com.xpi, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\yah10841.xml, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\Cache\9272262bbd60e7676a5afab5416ef7cb, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\Cache\ac7829f5a96db79589f0014e26c21af1, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Users\Decayde\AppData\Local\TNT2\Profiles\10841\Cache\e00c254ae55a4ba7b4eebbe03f39152c, In Quarantäne, [3808316d0378fe3831d8148b30d2fc04], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS.dll, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\TNT2UserPS64.dll, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1702\IEToolbar.dll, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\2.0.0.1702\IEToolbar64.dll, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10841\passport.dll, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], PUP.Optional.TidyNetwork.A, C:\Program Files (x86)\TNT2\Profiles\10841\passport64.dll, In Quarantäne, [a49c0f8ff68561d5e327455a60a28779], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=19ea06ebcc028742a79ec65308c2d2e1
# engine=19130
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-12 03:08:37
# local_time=2014-07-12 05:08:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 9197022 76428139 0 0
# scanned=532940
# found=282
# cleaned=0
# scan_time=57882
sh=D9BB873F96FE43E6133457662C6165B9A33BBBD5 ft=1 fh=51c159ee4e572ea1 vn="Variante von Win32/Adware.AddLyrics.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\AddLyrics\alcsur.exe.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=E12820C3C449E8DF12132666647822B9FE266BA3 ft=1 fh=661cdf041cef5cb3 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\Installer.dll.vir"
sh=E99D65BD24FAF328D7314F02B98EE8C3BD793B77 ft=1 fh=8661b13c20727ec0 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\InstallerLibrary.dll.vir"
sh=B11B91F706EA1AFD3D4D625201192EAB850FD3CE ft=1 fh=04b2478a5da86198 vn="MSIL/Adware.Proxomoto.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\InstallFirefoxExtension.dll.vir"
sh=5BD97BEAE0E1E79B233B821DA6813A831B5075FB ft=1 fh=5310de0062903084 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\NewVersionUploader.exe.vir"
sh=49DEEED4E6B0E6134D47A582E209511FCBFD2B72 ft=1 fh=14e2fb72d7f3d82c vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\WindowsUpdater.exe.vir"
sh=E99D65BD24FAF328D7314F02B98EE8C3BD793B77 ft=1 fh=8661b13c20727ec0 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\backup\InstallerLibrary.dll.vir"
sh=0DAFA42039405F8D49A6790180194076BD57C833 ft=1 fh=c71c001147036410 vn="Variante von Win32/AdWare.MultiPlug.N Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\saave, one\MW42pns2.dll.vir"
sh=61CB4B5228E6253863391EF3346C2F9920DBC554 ft=1 fh=c71c00112b13579c vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\saave, one\MW42pns2.x64.dll.vir"
sh=0DAFA42039405F8D49A6790180194076BD57C833 ft=1 fh=c71c001147036410 vn="Variante von Win32/AdWare.MultiPlug.N Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\sAAvue on\wrl3SYa.dll.vir"
sh=61CB4B5228E6253863391EF3346C2F9920DBC554 ft=1 fh=c71c00112b13579c vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\sAAvue on\wrl3SYa.x64.dll.vir"
sh=32F99788C6D45851A067C84FFFA1116E54CA3EF3 ft=1 fh=c71c00116263307f vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SW-Booster\Assistant.dll.vir"
sh=1B26B0B47757F786A8FEE44847BDBB959DD19A58 ft=1 fh=e26ac01139d0474f vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SW-Booster\AssistantSvc.dll.vir"
sh=AE4B3ECB491AEF6D1594361E820A6FCC8EF44E3E ft=1 fh=c71c0011d35ff60a vn="Variante von Win64/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SW-Booster\Assistant_x64.dll.vir"
sh=564160696ED3A767BEB3A5B77DA5107F05EBCBA4 ft=1 fh=62fd1985c73163e4 vn="Variante von Win32/Adware.Yontoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\YontooIEClient.dll.vir"
sh=A696C5A0D50145AFDE3D3A71F70B1C3006AC2199 ft=1 fh=da0003b6601dbc17 vn="Variante von Win32/Adware.MultiPlug.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\MagniPic\51161bffd2674.dll.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1170.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run12DD.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run147C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run15B4.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run16DE.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1835.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1AD3.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1B6F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1CF6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1DAD.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1E1F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1E7B.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1E98.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run1F94.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run20DD.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run23F8.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2483.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run24DE.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run252D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run25DB.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run26F3.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2741.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2762.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2860.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2A0E.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2A4A.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2B3D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2B48.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2B57.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run2D98.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3066.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run32C6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run346B.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run367F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run36EB.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3735.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run39C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run39E4.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3ACF.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3D03.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3DA.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3DF4.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3E02.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3E7A.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3EB7.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run3FB0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run402F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run406C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run420E.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4227.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run427E.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run42BC.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run434A.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run455D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4608.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4694.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run48F6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4923.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4BEF.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4C11.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4C2C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4FE8.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run4FF6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5227.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run52B4.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run52D5.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5386.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5395.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5543.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run55E0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run56D6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run57B0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run57B9.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run58E0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5978.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5B7D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5D3C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5D81.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5E98.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run5EE.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run61B3.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run61F0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run624E.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run62AC.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run65F3.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run67BA.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run67C9.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run6927.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run6A8.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run6AD5.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run6AF6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run6B42.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run6E31.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run6F59.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7034.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run710F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run713C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7208.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7217.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run742A.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run75FD.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7746.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7957.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7A9E.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7B2C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7CC.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7D5C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7DDA.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run7F4E.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8077.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run81D0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run81D3.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8352.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run83F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run849D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run84C9.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run85C6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run86A1.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run879A.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8870.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8871.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8920.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run89BD.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8A60.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8CD8.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8E.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8E6C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run8FD3.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run92FE.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run930E.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run940B.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9418.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9705.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9A5B.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9C23.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9C43.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9CA0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9CCE.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9F4F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9FB4.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\run9FBB.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA02.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA26B.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA2C7.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA565.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA5BC.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA5EF.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA651.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA881.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA8FF.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runA99D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runAB9C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runABFB.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runAF75.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runAF93.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB1D6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB200.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB285.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB4B.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB4F1.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB556.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB56D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB5CA.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runB5EA.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runBA7D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runBB07.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runBB6.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runBC9.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runBD5.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runBE23.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runBE42.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC130.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC17C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC1DA.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC20B.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC507.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC535.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC6AC.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC778.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC792.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runC7E4.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runCA84.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runCAAD.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runCB89.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runCD6F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runCDCE.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runCFC0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD09A.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD0F9.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD1F8.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD3B5.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD4B0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD5F5.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD6D0.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD78D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD8C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runD9CE.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runDD0A.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE024.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE11C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE228.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE262.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE341.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE36F.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE62C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE75.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE78A.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE7D2.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE8FB.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runE957.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runEACD.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runEC63.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runECA3.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runECA4.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runF09D.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runF0C7.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runF2AC.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runF2F9.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runF5B8.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runF8D3.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runFB04.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runFBBF.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runFC4C.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runFD35.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runFD5B.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runFEEA.tmp.vir"
sh=2A66DF9B2896C82E7F0ED2692674B76C3FD817E1 ft=1 fh=19a25d7f65819511 vn="Win32/GenUpdater evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Premium\MagniPic\runFF68.tmp.vir"
sh=E24B4CC99746C2EE4F0670C9BF0EE5858E1738B9 ft=1 fh=c71c001116ef4e94 vn="Variante von Win32/AdWare.MultiPlug.Y Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\saave, one\QHfXQaL7K.exe.vir"
sh=E24B4CC99746C2EE4F0670C9BF0EE5858E1738B9 ft=1 fh=c71c001116ef4e94 vn="Variante von Win32/AdWare.MultiPlug.Y Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\sAAvue on\I91M6wNX.exe.vir"
sh=B859E1E3C5F38DA8EA82D4940325EC60B19FF339 ft=1 fh=30f7fbf806dee4f1 vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"
sh=48EF8B4E06E0F1D3C06C4D6E1EA2B6CE48AA5231 ft=1 fh=ac26df35aa8ade69 vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll.vir"
sh=08A0C25B0BF40535697C1C584ACCDA490D6BC882 ft=1 fh=dbe7f66a50ce49ed vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Belinda\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Decayde\AppData\Local\genienext\nengine.dll.vir"
sh=AC82245E65CED68F2DD9DFDB4957C086B62FEE7B ft=1 fh=6d576f33683d15d6 vn="Variante von Win32/Amonetize.AC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Decayde\AppData\Local\SwvUpdater\Updater.exe.vir"
sh=99F97AD369E8621AB4D17DF53E80E60FEE99C727 ft=1 fh=42567613b862d846 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Decayde\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Decayde\AppData\Roaming\newnext.me\nengine.dll.vir"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Decayde\AppData\Roaming\OpenCandy\213788EABC2443CBACD3014CBE1DB047\sp-downloader.exe.vir"
sh=7C620D1FDA9B0BCB94387A0E5AFD2565B2FB5B08 ft=1 fh=0ea7a7a2438ec590 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Decayde\AppData\Roaming\OpenCandy\213788EABC2443CBACD3014CBE1DB047\Whitesmoke_directN_p1v1.exe.vir"
sh=444329E675A61AB752AAC433DFEC3DAAA0A26C6A ft=0 fh=0000000000000000 vn="Win32/DealPly.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2_0\background.html.vir"
sh=0DAFA42039405F8D49A6790180194076BD57C833 ft=1 fh=c71c001147036410 vn="Variante von Win32/AdWare.MultiPlug.N Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Adblocker\FHLhBbH.dll"
sh=61CB4B5228E6253863391EF3346C2F9920DBC554 ft=1 fh=c71c00112b13579c vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Adblocker\FHLhBbH.x64.dll"
sh=C2CA3F383B4B06C9B2BB64291C4F07AA2DFFC72D ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{38C18ABB-07FE-4C18-AEF3-4FDCE322A84D}\Custom.dll"
sh=0DAFA42039405F8D49A6790180194076BD57C833 ft=1 fh=c71c001147036410 vn="Variante von Win32/AdWare.MultiPlug.N Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\MySearch\W.dll.vir"
sh=61CB4B5228E6253863391EF3346C2F9920DBC554 ft=1 fh=c71c00112b13579c vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\MySearch\W.x64.dll.vir"
sh=E12820C3C449E8DF12132666647822B9FE266BA3 ft=1 fh=661cdf041cef5cb3 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\Installer.dll.vir"
sh=E99D65BD24FAF328D7314F02B98EE8C3BD793B77 ft=1 fh=8661b13c20727ec0 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\InstallerLibrary.dll.vir"
sh=49DEEED4E6B0E6134D47A582E209511FCBFD2B72 ft=1 fh=14e2fb72d7f3d82c vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe.vir"
sh=C2CA3F383B4B06C9B2BB64291C4F07AA2DFFC72D ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{38C18ABB-07FE-4C18-AEF3-4FDCE322A84D}\Custom.dll"
sh=40A1F493FA09E9118A1D7212A5B2C46139974A73 ft=1 fh=636b72ecd8c1df3d vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Anwendungen\ka\iLividSetupV1.exe"
sh=051BCD3EBC2B5BC7533CDA34908304123C74FED2 ft=1 fh=d75091e48776c739 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\FreeDiscBurner.exe"
sh=897FD37A4F97BA9BBC92108AA1FB16C970EACBF0 ft=1 fh=58662848aaacab1c vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\FreeYouTubeDownload.exe"
sh=E8CD33623287C08C7CC3662A042E45522654BB30 ft=1 fh=7cd3b160b0dbd4bd vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\FreeYouTubeToMP3Converter37.exe"
sh=96AB69B66F81C713B4F917FDDFC92C60688D9FB1 ft=1 fh=12eba75a92e729e0 vn="Win32/Malavida.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\microsoft-word-windows-malavida(1).exe"
sh=96AB69B66F81C713B4F917FDDFC92C60688D9FB1 ft=1 fh=12eba75a92e729e0 vn="Win32/Malavida.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\microsoft-word-windows-malavida.exe"
sh=B19098FD6DC0A1EDC0244F31ACA21358DDBDDC34 ft=1 fh=0c0f4b1dd173d29e vn="Win32/DownloadAdmin.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\dwhelper\Downloads\vlcmediaplayer-setup.exe"
sh=2C3EAE40B15EFE5D158A9FF5938EBD4305CC3914 ft=1 fh=e37004eca22b5506 vn="Win32/DownloadAdmin.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\K\vlcmediaplayer-setup.exe"
sh=8398427DEE8FECAF5BC25B22C826FC2DC6DF9747 ft=1 fh=81c159dc949cee29 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Decayde\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NBXNFQH8\SPSetup[1].exe"
sh=E689A1B1A32152588C06B8D628C10EF8188A87C1 ft=1 fh=b6869269092690bd vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Decayde\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOYFE1LY\spstub[1].exe"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gast\AppData\LocalLow\ClipGrab\ldrtbCli0.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gast\AppData\LocalLow\ClipGrab\tbCli0.dll"
sh=C2CA3F383B4B06C9B2BB64291C4F07AA2DFFC72D ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="E:\Users\All Users\InstallMate\{38C18ABB-07FE-4C18-AEF3-4FDCE322A84D}\Custom.dll"
|
|
Linear-Darstellung
