| |
| |||||||
Log-Analyse und Auswertung: Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
21.08.2014, 17:09
| #1 |
| |  Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! hallo allerseits seit einiger zeit läuft mein lüfter auf hochtouren und bleibt auch bis zum runterfahren so. vorher hatte er nur die geschwindichkeit gewechselt wenn höhere bzw. weniger anforderungen anstanden. nun habe ich einen tread von RYDER gelesen und denke vielleicht hilft dies aber weiss mir nicht zu helfen und möchte auch nicht ohne ansage diese schritte durchführen!!! würde mich über hilfe SEHR freuen und könnte unter anleitung sicher noch nähere infos des problems schildern... VIELEN DANK IM VORAUS |
|
21.08.2014, 19:38
| #2 |
| /// the machine /// TB-Ausbilder    | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
27.08.2014, 01:29
| #3 |
| | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! Guude schrauber!!!
__________________Erstmal DANKE!!! Komme erst in einigen tagen an diesen techner und mach das dann so wie du gesagt hast!!! VIELEN DANK UN BIS DIE TAGE |
|
27.08.2014, 16:13
| #4 |
| /// the machine /// TB-Ausbilder | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! ok 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.09.2014, 22:57
| #5 |
| | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! SO ENDLISCH HABBISCH ZUGANG ZUM RESCHNER hier die KOMPLETTEN scanergebnisse !! incl. list bcd drivers MD5 SHORTCUT.txt ADDITION.txt 1) FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014
Ran by Muddi (administrator) on MUDDI-PC on 29-08-2014 17:54:38
Running from C:\Users\Muddi\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
( ) C:\Windows\System32\lxeccoms.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3691020185-3350912418-1631763551-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3691020185-3350912418-1631763551-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3691020185-3350912418-1631763551-1000\...\MountPoints2: {2da4d49d-3d1f-11e2-b126-806e6f6e6963} - D:\Setup.EXE
HKU\S-1-5-21-3691020185-3350912418-1631763551-1000\...\MountPoints2: {6abfb6a0-7da4-11e2-9b72-806e6f6e6963} - "F:\WD SmartWare.exe" autoplay=true
IFEO\bacs.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\ccleaner.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\gardenscapes.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\nvstlink.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\nvstview.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\taskmgr.exe: [Debugger] C:\Program Files\TuneUp Utilities 2014\PMLauncher.exe
IFEO\uninstall.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\unwise.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
Startup: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File)
BootExecute: autocheck autochk * ROBoot \??\C:\Windows\system32\ASOROSet.bin
GroupPolicyUsers\S-1-5-21-3691020185-3350912418-1631763551-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3691020185-3350912418-1631763551-1001\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE669EC706E58CE01
SearchScopes: HKCU - DefaultScope {5E0CDF7E-F654-4D7D-A6E8-F82DBDFD1D0B} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {5E0CDF7E-F654-4D7D-A6E8-F82DBDFD1D0B} URL = https://www.google.com/search?q={searchTerms}
BHO: Lexmark Symbolleiste -> {1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> C:\Program Files\Lexmark Toolbar\toolband.dll ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Lexmark -> {D2C5E510-BE6D-42CC-9F61-E4F939078474} -> C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
Toolbar: HKCU - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Muddi\AppData\Roaming\Mozilla\Firefox\Profiles\5jp1sb6h.default-1398477474415
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Muddi\AppData\Roaming\Mozilla\Firefox\Profiles\5jp1sb6h.default-1398477474415\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-29]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [804944 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-05] (Avira Operations GmbH & Co. KG)
S4 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [154624 2012-08-02] (Broadcom Corporation) [File not signed]
S2 lxecCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe [193192 2010-04-14] (Lexmark International, Inc.)
R2 lxec_device; C:\Windows\system32\lxeccoms.exe [598696 2010-04-14] ( )
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14657824 2013-11-29] (NVIDIA Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2014-07-16] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [35848 2014-07-15] (Avira Operations GmbH & Co. KG)
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10.sys [52096 2010-10-01] (Generic USB smartcard reader)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18944 2013-08-06] (Apple Inc.) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-10-30] (NVIDIA Corporation)
R3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-12-04] (Avira GmbH)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-05-01] ()
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2013-03-18] (Apple, Inc.) [File not signed]
S3 gkmixern; \??\C:\Users\Muddi\AppData\Local\Temp\gkmixern.sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\System32\drivers\aeaudio.sys 3CB6AE5435987B1F8C83FD2730479878
C:\Windows\system32\drivers\afd.sys D0B388DA1D111A34366E04EB4A5DD156
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgntflt.sys B0A63DD71CB0CB597D8BD5C364E73F7C
C:\Windows\System32\DRIVERS\avipbb.sys 05AF7CBF0BDA1571BBADC36703EB9CA4
C:\Windows\System32\DRIVERS\avkmgr.sys D8C712305F73CD34D1B344810E522728
C:\Windows\System32\DRIVERS\avnetflt.sys 336854ECAC313B5C6D1E5DBA324498AA
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys 744663C3183CE5A11308F20C7B90C63E
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 85449EEBE8F8EBD6481EFBF0F352B4EB
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 3583A5A8CC2E682BFFBD4630D0FEC08B
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 2B3BF55BA74EB8118F67AB2B450B8EA9
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys EB34CE31FABD4DC4343FD2AD16D2CAF9
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4120DA10AA42A9996F4575DB9E3E6E6E
C:\Windows\System32\Drivers\ksecpkg.sys D3964885F0A11ACF51DA3AAA776973B2
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\LVUSBSta.sys 23F8EF78BB9553E465A476F3CEE5CA18
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MHIKEY10.sys C1BF5FE1BD4D726685891BF9EAA9FDD5
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 21F4B24ACFC79A483515BD986DD9043F
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl.sys 9213AA35BCA94EB79D366DA254E4BDF5
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys C8DFF8D07755A66C7A4A738930F0FEAC
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda32v.sys 9F8EE4948B7ADD9D12F778F61A2758A4
C:\Windows\System32\DRIVERS\nvlddmkm.sys 8E3BD4ED84EEF035B1AF3F90141D13D1
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\System32\drivers\nvvad32v.sys F9D6D29A55C289B8AF0858C267BE7126
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\System32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LV302V32.SYS 4BB5AC2DD485B8EEFCCB977EE66A68AD
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\drivers\smwdm.sys 86D17B6760DD2B09E932FF101714E0DC
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\System32\DRIVERS\ssmdrv.sys A36EE93698802CD899F98BFD553D8185
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SWDUMon.sys FA399A4075520AB5158AF170792A63CD
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\Windows\System32\DRIVERS\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys C6A5FBD4977305E1FA23E02C042DB463
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys E5049C43601473B5A909058596111229
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys 6E421CCC57059B0186C6259CA3B6DFC9
C:\Windows\System32\DRIVERS\usbccgp.sys 0803FBA9FE829D61AE26EC0BCC910C46
C:\Windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041
C:\Windows\System32\DRIVERS\usbehci.sys D40855F89B69305140BBD7E9A3BA2DA6
C:\Windows\System32\DRIVERS\usbhub.sys EDF2DF71C4F1E13A6AC75F5224DE655A
C:\Windows\system32\drivers\usbohci.sys 9828C8D14CC2676421778F0DE638CF97
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys FC6B21DB4B5B398AB93DBE59CBF11036
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 800AABFD625EEFF899F7E5496BDE37AB
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam.sys D6EFAF429FD30C5DF613D220E344CCE7
C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 553F6CCD7C58EB98D4A8FBDAF283D7A9
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 18:15 - 2014-08-29 18:15 - 00023440 _____ () C:\Users\Muddi\Documents\Brief an Celine USA.odt
2014-08-29 18:13 - 2014-07-14 03:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-29 18:12 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 18:12 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-29 18:12 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-29 18:12 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-29 18:12 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-29 18:12 - 2014-07-25 15:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-29 18:12 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-29 18:12 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-29 18:12 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-29 18:12 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-29 18:12 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-29 18:12 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-29 18:12 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-29 18:12 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-29 18:12 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-29 18:12 - 2014-07-25 14:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-29 18:12 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-29 18:12 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-29 18:12 - 2014-07-25 13:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-29 18:12 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-29 18:12 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-29 18:12 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-29 18:12 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-29 18:12 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-29 18:12 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-29 18:12 - 2014-07-25 13:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-29 18:12 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-29 18:12 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-29 18:12 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-29 18:12 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-29 18:12 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-29 18:12 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-29 18:12 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-29 18:12 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-29 18:12 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-08-29 18:12 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-29 18:12 - 2014-06-03 11:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-29 18:12 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-29 18:12 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-29 18:12 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-29 18:12 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-08-29 18:12 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-08-29 18:12 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-08-29 18:12 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-08-29 18:12 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-08-29 18:12 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-08-29 18:11 - 2014-08-07 03:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-29 18:11 - 2014-08-07 03:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-29 18:11 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-29 17:55 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-29 17:55 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-29 17:55 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-29 17:55 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-29 17:48 - 2014-08-29 17:48 - 00066819 _____ () C:\Users\Muddi\Desktop\Shortcut.txt
2014-08-29 17:47 - 2014-08-29 17:48 - 00021958 _____ () C:\Users\Muddi\Desktop\Addition.txt
2014-08-29 17:38 - 2014-08-29 17:54 - 00028455 _____ () C:\Users\Muddi\Desktop\FRST.txt
2014-08-29 17:38 - 2014-08-29 17:38 - 00000000 ____D () C:\Users\Muddi\Desktop\FRST-OlderVersion
2014-08-29 17:26 - 2014-08-29 17:26 - 15542373 _____ () C:\ProgramData\SPL8F5E.tmp
2014-08-29 17:20 - 2014-08-29 17:20 - 15542373 _____ () C:\ProgramData\SPLF656.tmp
2014-08-05 16:18 - 2014-08-05 16:18 - 00001921 _____ () C:\Users\Muddi\Desktop\zeusch vom nokia xl - Verknüpfung.lnk
2014-08-05 16:17 - 2014-08-05 16:17 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-08-05 16:17 - 2014-08-05 16:17 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-08-05 16:17 - 2014-08-05 16:17 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\OpenOffice
2014-08-05 16:16 - 2014-08-05 16:16 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-08-05 16:15 - 2014-08-05 16:16 - 00017004 _____ () C:\Users\Muddi\Documents\Texte zum Nachdenken...odt
2014-08-05 16:14 - 2014-08-05 16:14 - 00003728 _____ () C:\ProgramData\SPL16D0.tmp
2014-08-05 16:14 - 2014-08-05 15:27 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\Systweak
2014-08-05 16:13 - 2014-08-05 16:13 - 00000000 ____D () C:\Users\Joshi.Muddi-PC\AppData\Roaming\Systweak
2014-08-05 16:10 - 2014-08-05 16:10 - 00330853 _____ () C:\Users\Robbert\Downloads\RealTemp_370.zip
2014-08-05 16:10 - 2014-08-05 16:10 - 00000000 ____D () C:\Users\Robbert\Downloads\RealTemp_370
2014-08-05 16:09 - 2014-08-05 15:25 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-08-05 16:07 - 2014-08-05 16:08 - 164858324 _____ () C:\Users\Muddi\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-08-05 16:05 - 2014-08-05 16:05 - 01852090 _____ () C:\ProgramData\SPLD7BB.tmp
2014-08-05 16:05 - 2014-08-05 16:05 - 00013962 _____ () C:\Users\Muddi\Documents\GEZ Flehschreiben.odt
2014-08-05 15:57 - 2014-08-05 15:57 - 03978203 _____ () C:\ProgramData\SPLFB5B.tmp
2014-08-05 15:56 - 2014-08-29 17:21 - 00036344 _____ () C:\Windows\iis7.log
2014-08-05 15:55 - 2014-08-05 15:55 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-08-05 15:55 - 2014-08-05 15:55 - 00000000 ____D () C:\inetpub
2014-08-05 15:54 - 2014-08-05 15:54 - 01619171 _____ () C:\ProgramData\SPL7013.tmp
2014-08-05 15:49 - 2014-08-05 15:49 - 01044747 _____ () C:\ProgramData\SPLDA13.tmp
2014-08-05 15:46 - 2014-08-05 15:46 - 00000086 _____ () C:\lxecjswx.log
2014-08-05 15:45 - 2014-08-05 15:45 - 00164406 _____ () C:\ProgramData\SPL22F4.tmp
2014-08-05 15:37 - 2014-08-05 15:37 - 62113280 _____ () C:\Users\Muddi\Downloads\LEXMARK_Pro900_wcr_32_ge.exe
2014-08-05 15:37 - 2014-08-05 15:37 - 00001087 _____ () C:\Users\Muddi\Desktop\ET0020009A9F33 - Verknüpfung.lnk
2014-08-05 15:36 - 2014-08-05 15:36 - 00000086 _____ () C:\lxecPpx.log
2014-08-05 15:35 - 2014-08-05 16:19 - 00002212 _____ () C:\Windows\system32\ASOROSet.bin
2014-08-05 15:35 - 2014-08-05 16:19 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-08-05 15:35 - 2014-08-05 15:40 - 00002107 _____ () C:\ProgramData\lxec.log
2014-08-05 15:33 - 2014-08-05 15:33 - 00001232 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2014-08-05 15:33 - 2014-08-05 15:33 - 00001220 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2014-08-05 15:33 - 2014-08-05 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-05 15:32 - 2014-08-05 15:32 - 00000000 ____D () C:\Program Files\Glarysoft
2014-08-05 15:30 - 2014-08-05 15:30 - 04495528 _____ () C:\Users\Muddi\Downloads\AbsolutUninstaller_5.3.1.17.exe
2014-08-05 15:27 - 2014-08-05 15:27 - 00001150 _____ () C:\Users\Muddi\Desktop\Live PC Help.lnk
2014-08-05 15:27 - 2010-04-13 21:41 - 00442368 _____ ( ) C:\Windows\system32\lxeccoin.dll
2014-08-05 15:27 - 2009-11-26 10:47 - 00008694 _____ () C:\Windows\system32\lxeccommuilogo_rtl.bmp
2014-08-05 15:27 - 2009-11-26 10:47 - 00008694 _____ () C:\Windows\system32\lxeccommuilogo.bmp
2014-08-05 15:27 - 2009-11-09 09:59 - 00086016 _____ () C:\Windows\system32\lxecgcfg.dll
2014-08-05 15:27 - 2009-10-21 12:06 - 00294912 _____ () C:\Windows\system32\lxeccui.dll
2014-08-05 15:27 - 2009-06-08 02:20 - 00110592 _____ () C:\Windows\system32\lxeccuir.dll
2014-08-05 15:27 - 2009-01-20 11:32 - 00069152 _____ () C:\Windows\system32\lxecprpr.chm
2014-08-05 15:27 - 2008-04-30 08:32 - 00983121 _____ (Microsoft Corporation) C:\Windows\system32\lxk_gf.dll
2014-08-05 15:27 - 2008-03-05 04:55 - 00040960 _____ () C:\Windows\system32\lxecvs.dll
2014-08-05 15:26 - 2010-04-14 22:08 - 00213672 _____ (Lexmark International, Inc.) C:\Windows\system32\LXECwupd.exe
2014-08-05 15:26 - 2010-02-22 12:08 - 00372736 _____ (Lexmark International, Inc.) C:\Windows\system32\LXECwupd.dll
2014-08-05 15:25 - 2014-08-05 15:27 - 00000000 ____D () C:\Program Files\Lexmark
2014-08-05 15:25 - 2014-08-05 15:26 - 00000000 ____D () C:\Program Files\Lexmark Toolbar
2014-08-05 15:25 - 2014-08-05 15:25 - 01364531 _____ () C:\Users\Muddi\Downloads\adwcleaner_3.308.exe
2014-08-05 15:25 - 2014-08-05 15:25 - 00002005 _____ () C:\Users\Public\Desktop\Lexmark-Druckerstartseite starten.LNK
2014-08-05 15:25 - 2014-08-05 15:25 - 00001330 _____ () C:\Users\Public\Desktop\Besuchen sie Lexmark SmartSolutions.LNK
2014-08-05 15:25 - 2014-08-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
2014-08-05 15:25 - 2009-03-20 13:20 - 00007680 _____ (eaio) C:\Windows\system32\NativeCall.dll
2014-08-05 15:25 - 2006-12-06 11:19 - 00000044 ____H () C:\Windows\system32\lxecrwrd.ini
2014-08-05 15:24 - 2014-08-05 15:29 - 00217759 _____ () C:\Windows\system32\LexFiles.ulf
2014-08-05 15:24 - 2014-08-05 15:29 - 00000000 ____D () C:\Program Files\Lexmark Pro800-Pro900 Series
2014-08-05 15:24 - 2010-04-14 22:08 - 00598696 _____ ( ) C:\Windows\system32\lxeccoms.exe
2014-08-05 15:24 - 2010-04-14 22:08 - 00373416 _____ ( ) C:\Windows\system32\lxeccfg.exe
2014-08-05 15:24 - 2010-04-14 22:08 - 00324264 _____ ( ) C:\Windows\system32\lxecih.exe
2014-08-05 15:24 - 2010-04-14 20:37 - 00002059 _____ () C:\Windows\system32\lxec.loc
2014-08-05 15:24 - 2009-12-09 21:47 - 00643072 _____ ( ) C:\Windows\system32\lxecpmui.dll
2014-08-05 15:24 - 2009-12-09 21:43 - 01048576 _____ ( ) C:\Windows\system32\lxecserv.dll
2014-08-05 15:24 - 2009-12-09 21:41 - 00688128 _____ ( ) C:\Windows\system32\lxechbn3.dll
2014-08-05 15:24 - 2009-12-09 21:40 - 00847872 _____ ( ) C:\Windows\system32\lxecusb1.dll
2014-08-05 15:24 - 2009-12-09 21:37 - 00356352 _____ ( ) C:\Windows\system32\LXEChcp.dll
2014-08-05 15:24 - 2009-12-09 21:36 - 00577536 _____ ( ) C:\Windows\system32\lxeclmpm.dll
2014-08-05 15:24 - 2009-12-09 21:36 - 00372736 _____ ( ) C:\Windows\system32\lxeccomm.dll
2014-08-05 15:24 - 2009-12-09 21:35 - 00802816 _____ ( ) C:\Windows\system32\lxeccomc.dll
2014-08-05 15:24 - 2009-12-09 21:35 - 00364544 _____ ( ) C:\Windows\system32\lxecinpa.dll
2014-08-05 15:24 - 2009-12-09 21:35 - 00344064 _____ ( ) C:\Windows\system32\lxeciesc.dll
2014-08-05 15:24 - 2009-12-09 21:34 - 00331776 _____ () C:\Windows\system32\LXECinst.dll
2014-08-05 15:24 - 2009-11-26 10:52 - 00086184 _____ (Lexmark International) C:\Windows\system32\LXECcfg.dll
2014-08-05 15:24 - 2009-11-09 10:06 - 00262144 _____ () C:\Windows\system32\lxecinsb.dll
2014-08-05 15:24 - 2009-11-09 10:06 - 00253952 _____ () C:\Windows\system32\lxeccu.dll
2014-08-05 15:24 - 2009-11-09 10:06 - 00090112 _____ () C:\Windows\system32\lxeccub.dll
2014-08-05 15:24 - 2009-11-09 10:05 - 00323584 _____ () C:\Windows\system32\lxecins.dll
2014-08-05 15:24 - 2009-06-08 02:40 - 00114688 _____ () C:\Windows\system32\lxecinsr.dll
2014-08-05 15:24 - 2009-06-08 02:40 - 00057344 _____ () C:\Windows\system32\lxecjswr.dll
2014-08-05 15:24 - 2009-06-08 02:40 - 00036864 _____ () C:\Windows\system32\lxeccur.dll
2014-08-05 15:24 - 2009-06-08 02:36 - 00208896 _____ () C:\Windows\system32\lxecgrd.dll
2014-08-05 15:23 - 2014-08-05 15:24 - 00039111 _____ () C:\Users\Muddi\Downloads\Addition.txt
2014-08-05 15:23 - 2014-08-05 15:23 - 02977368 _____ () C:\ProgramData\SPL44E0.tmp
2014-08-05 15:23 - 2014-08-05 15:22 - 06089928 _____ (Microsoft Corporation) C:\Users\Muddi\Downloads\OneDriveSetup.exe
2014-08-05 15:22 - 2014-08-05 15:22 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Systweak
2014-08-05 15:22 - 2014-08-05 15:22 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-05 15:21 - 2014-08-05 15:24 - 00061041 _____ () C:\Users\Muddi\Downloads\FRST.txt
2014-08-05 15:21 - 2014-08-05 15:21 - 02977368 _____ () C:\ProgramData\SPL8519.tmp
2014-08-05 15:21 - 2014-08-05 15:21 - 00164406 _____ () C:\ProgramData\SPL852A.tmp
2014-08-05 15:21 - 2014-08-05 15:21 - 00000000 ____D () C:\Users\SYSTEM\AppData\Roaming\Pro800-Pro900 Series
2014-08-05 15:21 - 2014-08-05 15:21 - 00000000 ____D () C:\Users\SYSTEM\AppData\Roaming\Coverpgs
2014-08-05 15:21 - 2014-08-05 15:21 - 00000000 ____D () C:\Users\SYSTEM
2014-08-05 15:20 - 2014-08-29 17:54 - 00000000 ____D () C:\FRST
2014-08-05 15:20 - 2014-08-29 17:38 - 01096704 _____ (Farbar) C:\Users\Muddi\Desktop\FRST.exe
2014-08-05 15:20 - 2014-08-05 15:20 - 30861269 _____ () C:\ProgramData\SPLADB4.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLF675.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLF0C8.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLECC1.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLD958.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLBE7D.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 02977368 _____ () C:\ProgramData\SPLEAAE.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 02977368 _____ () C:\ProgramData\SPLDF05.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 02977368 _____ () C:\ProgramData\SPLD745.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 02977368 _____ () C:\ProgramData\SPL2A76.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 00016752 _____ () C:\Users\Muddi\Documents\Aegean Airline Hund.odt
2014-08-05 00:09 - 2014-08-05 00:09 - 30861269 _____ () C:\ProgramData\SPL5C9A.tmp
2014-08-04 22:33 - 2014-08-04 22:34 - 00000000 ____D () C:\Users\TEMP\Documents\dieses
2014-08-04 22:23 - 2014-08-04 22:23 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\OpenOffice.org
2014-08-04 21:08 - 2014-08-04 21:08 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Adobe
2014-08-04 20:52 - 2014-08-04 20:52 - 00000000 ____D () C:\Users\TEMP\Desktop\12x12TealLace1of2
2014-08-04 20:52 - 2014-08-04 20:52 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Apple Computer
2014-08-04 20:51 - 2014-08-04 20:51 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\TuneUp Software
2014-08-04 20:51 - 2014-08-04 20:51 - 00000000 ____D () C:\Users\TEMP\AppData\Local\TuneUp Software
2014-08-04 20:50 - 2014-08-04 22:51 - 15280545 _____ () C:\Users\TEMP\Desktop\12x12TealLace2of2.zip
2014-08-04 20:50 - 2014-08-04 20:50 - 18282991 _____ () C:\Users\TEMP\Desktop\12x12TealLace1of2.zip
2014-08-04 20:50 - 2014-08-04 20:50 - 00064024 _____ () C:\Users\TEMP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 20:34 - 2014-08-04 20:34 - 00000000 __SHD () C:\Users\TEMP\AppData\Local\EmieUserList
2014-08-04 20:34 - 2014-08-04 20:34 - 00000000 __SHD () C:\Users\TEMP\AppData\Local\EmieSiteList
2014-08-04 20:34 - 2014-08-04 20:34 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2014-08-04 20:33 - 2014-08-04 20:33 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Pro800-Pro900 Series
2014-08-04 20:33 - 2014-08-04 20:33 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Avira
2014-08-04 20:33 - 2014-08-04 20:33 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA Corporation
2014-08-04 20:31 - 2014-08-04 21:20 - 00000000 ____D () C:\Users\TEMP\AppData\Local\VirtualStore
2014-08-04 20:31 - 2014-08-04 21:08 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Adobe
2014-08-04 20:31 - 2014-08-04 20:33 - 00000000 ____D () C:\Users\TEMP
2014-08-04 20:31 - 2014-08-04 20:31 - 00001421 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 20:31 - 2014-08-04 20:31 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA
2014-08-04 20:31 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-04 20:31 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-04 02:14 - 2014-08-04 02:14 - 00398255 _____ () C:\ProgramData\SPLA67F.tmp
2014-08-04 02:11 - 2014-08-04 02:11 - 00040250 _____ () C:\Users\Muddi\Documents\Büstenhebe Bonprix.htm
2014-08-02 11:14 - 2014-08-29 17:25 - 00010428 _____ () C:\ProgramData\lxecJSW.log
2014-08-02 11:03 - 2014-08-05 15:38 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\Pro800-Pro900 Series
2014-07-31 19:03 - 2014-07-31 19:11 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\ArcSoft
2014-07-31 18:41 - 2014-08-05 15:35 - 00000504 _____ () C:\ProgramData\FastPics.log
2014-07-31 18:41 - 2014-07-31 18:41 - 26433600 _____ () C:\Users\Muddi\Downloads\Lexmark_Pro800-Pro900_Series_C082511_00_FWUpdate.exe
2014-07-31 18:41 - 2014-07-31 18:41 - 00000000 ____D () C:\ProgramData\Ezprint
2014-07-31 18:24 - 2014-08-29 17:26 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-07-31 18:10 - 2014-08-29 17:19 - 00031215 _____ () C:\ProgramData\lxecscan.log
2014-07-31 18:10 - 2014-07-31 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
2014-07-31 18:10 - 2014-07-31 18:10 - 00000000 ____D () C:\Program Files\Abbyy FineReader 6.0 Sprint
2014-07-31 18:09 - 2014-07-31 18:09 - 00000000 ____D () C:\ProgramData\Pro800-Pro900 Series
2014-07-31 18:09 - 2009-11-26 01:08 - 00049152 _____ () C:\Windows\system32\LXECPMON.DLL
2014-07-31 18:09 - 2009-11-26 01:08 - 00032768 _____ () C:\Windows\system32\LXECFXPU.DLL
2014-07-31 18:09 - 2009-11-26 01:02 - 00339968 _____ (Data Techniques, Inc.) C:\Windows\system32\IMGMAN32.DLL
2014-07-31 18:09 - 2009-11-26 01:02 - 00098345 _____ (Data Techniques, Inc.) C:\Windows\system32\IMHOST32.DLL
2014-07-31 18:09 - 2009-11-26 01:02 - 00098304 _____ (Data Techniques, Inc.) C:\Windows\system32\IM31XPNG.DEL
2014-07-31 18:09 - 2009-11-26 01:02 - 00069632 _____ (Data Techniques, Inc.) C:\Windows\system32\IM31XTIF.DEL
2014-07-31 18:09 - 2009-11-26 01:02 - 00049152 _____ (Data Techniques, Inc.) C:\Windows\system32\IM31IMG.DIL
2014-07-31 18:09 - 2009-01-13 08:15 - 04485120 _____ () C:\Windows\system32\LXECoem.dll
2014-07-31 18:04 - 2014-07-31 18:04 - 00000000 _____ () C:\ProgramData\LxWbGwLog.log
2014-07-31 18:04 - 2014-07-31 18:04 - 00000000 _____ () C:\ProgramData\cmn_upld.log
2014-07-31 18:04 - 2009-04-28 09:56 - 00024064 _____ () C:\Windows\system32\LXECsmr.dll
2014-07-31 18:04 - 2009-02-20 10:48 - 00299008 _____ () C:\Windows\system32\LXECsm.dll
2014-07-31 17:53 - 2014-07-31 17:53 - 00001982 _____ () C:\Users\Public\Desktop\ArcSoft ShowBiz.lnk
2014-07-31 17:53 - 2014-07-31 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft ShowBiz
2014-07-31 17:53 - 2014-07-31 17:53 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-07-31 17:53 - 2014-07-31 17:53 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-07-31 17:52 - 2014-07-31 17:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-31 17:52 - 2014-07-31 17:52 - 00000000 ____D () C:\Program Files\ArcSoft
2014-07-31 17:52 - 2007-04-19 09:39 - 00256768 _____ (Sample Corporation) C:\Windows\system32\MSLURT.dll
2014-07-31 17:52 - 2006-01-24 10:20 - 01645320 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2014-07-31 17:52 - 2005-07-16 02:35 - 00245408 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2014-07-31 17:52 - 2005-05-28 06:58 - 00393216 _____ (Sample Corporation) C:\Windows\system32\MSLUP60.dll
2014-07-31 17:38 - 2014-08-05 15:41 - 00000000 ____D () C:\Program Files\CONEXANT
2014-07-31 17:35 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 17:35 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 17:35 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 17:35 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 17:35 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 17:35 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 17:35 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 17:35 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 17:35 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-30 23:25 - 2014-07-30 23:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-30 19:21 - 2014-08-29 17:19 - 00025019 _____ () C:\Windows\setupact.log
2014-07-30 19:21 - 2014-08-29 17:19 - 00014526 _____ () C:\Windows\PFRO.log
2014-07-30 19:21 - 2014-07-30 19:21 - 00000000 _____ () C:\Windows\setuperr.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 18:19 - 2012-12-04 16:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-29 18:17 - 2014-03-01 10:51 - 00000000 ____D () C:\Windows\rescache
2014-08-29 18:15 - 2014-08-29 18:15 - 00023440 _____ () C:\Users\Muddi\Documents\Brief an Celine USA.odt
2014-08-29 18:05 - 2012-12-03 10:09 - 01776252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-29 18:03 - 2013-08-16 05:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-29 18:01 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-29 17:59 - 2012-12-04 14:44 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-29 17:54 - 2014-08-29 17:38 - 00028455 _____ () C:\Users\Muddi\Desktop\FRST.txt
2014-08-29 17:54 - 2014-08-05 15:20 - 00000000 ____D () C:\FRST
2014-08-29 17:48 - 2014-08-29 17:48 - 00066819 _____ () C:\Users\Muddi\Desktop\Shortcut.txt
2014-08-29 17:48 - 2014-08-29 17:47 - 00021958 _____ () C:\Users\Muddi\Desktop\Addition.txt
2014-08-29 17:38 - 2014-08-29 17:38 - 00000000 ____D () C:\Users\Muddi\Desktop\FRST-OlderVersion
2014-08-29 17:38 - 2014-08-05 15:20 - 01096704 _____ (Farbar) C:\Users\Muddi\Desktop\FRST.exe
2014-08-29 17:37 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\tracing
2014-08-29 17:33 - 2013-03-22 01:11 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-29 17:27 - 2009-07-14 06:34 - 00024416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 17:27 - 2009-07-14 06:34 - 00024416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 17:26 - 2014-08-29 17:26 - 15542373 _____ () C:\ProgramData\SPL8F5E.tmp
2014-08-29 17:26 - 2014-07-31 18:24 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-08-29 17:25 - 2014-08-02 11:14 - 00010428 _____ () C:\ProgramData\lxecJSW.log
2014-08-29 17:24 - 2013-03-22 01:11 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-29 17:23 - 2012-12-03 10:01 - 01583845 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 17:21 - 2014-08-05 15:56 - 00036344 _____ () C:\Windows\iis7.log
2014-08-29 17:20 - 2014-08-29 17:20 - 15542373 _____ () C:\ProgramData\SPLF656.tmp
2014-08-29 17:20 - 2013-07-25 12:02 - 00286616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 17:20 - 2012-12-04 01:25 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-29 17:19 - 2014-07-31 18:10 - 00031215 _____ () C:\ProgramData\lxecscan.log
2014-08-29 17:19 - 2014-07-30 19:21 - 00025019 _____ () C:\Windows\setupact.log
2014-08-29 17:19 - 2014-07-30 19:21 - 00014526 _____ () C:\Windows\PFRO.log
2014-08-29 17:19 - 2014-05-01 20:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-29 17:19 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 17:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-08-29 17:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-23 03:46 - 2014-08-29 18:12 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-08-29 18:12 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-07 03:43 - 2014-08-29 18:11 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:39 - 2014-08-29 18:11 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 16:30 - 2009-07-14 04:03 - 00172032 _____ () C:\Windows\system32\config\SAM.bak
2014-08-05 16:19 - 2014-08-05 15:35 - 00002212 _____ () C:\Windows\system32\ASOROSet.bin
2014-08-05 16:19 - 2014-08-05 15:35 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-08-05 16:19 - 2013-07-29 11:59 - 00064024 _____ () C:\Users\Muddi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-05 16:18 - 2014-08-05 16:18 - 00001921 _____ () C:\Users\Muddi\Desktop\zeusch vom nokia xl - Verknüpfung.lnk
2014-08-05 16:17 - 2014-08-05 16:17 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-08-05 16:17 - 2014-08-05 16:17 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-08-05 16:17 - 2014-08-05 16:17 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\OpenOffice
2014-08-05 16:16 - 2014-08-05 16:16 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-08-05 16:16 - 2014-08-05 16:15 - 00017004 _____ () C:\Users\Muddi\Documents\Texte zum Nachdenken...odt
2014-08-05 16:15 - 2012-12-04 04:22 - 00000000 ____D () C:\Program Files\OpenOffice.org 3
2014-08-05 16:14 - 2014-08-05 16:14 - 00003728 _____ () C:\ProgramData\SPL16D0.tmp
2014-08-05 16:14 - 2014-07-09 12:21 - 00000000 ____D () C:\Users\Robbert\AppData\Local\VirtualStore
2014-08-05 16:13 - 2014-08-05 16:13 - 00000000 ____D () C:\Users\Joshi.Muddi-PC\AppData\Roaming\Systweak
2014-08-05 16:10 - 2014-08-05 16:10 - 00330853 _____ () C:\Users\Robbert\Downloads\RealTemp_370.zip
2014-08-05 16:10 - 2014-08-05 16:10 - 00000000 ____D () C:\Users\Robbert\Downloads\RealTemp_370
2014-08-05 16:08 - 2014-08-05 16:07 - 164858324 _____ () C:\Users\Muddi\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-08-05 16:08 - 2014-07-09 12:22 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Apple Computer
2014-08-05 16:08 - 2013-01-17 14:30 - 02363380 _____ () C:\Users\Muddi\Desktop\Bett für Rewe.odt
2014-08-05 16:05 - 2014-08-05 16:05 - 01852090 _____ () C:\ProgramData\SPLD7BB.tmp
2014-08-05 16:05 - 2014-08-05 16:05 - 00013962 _____ () C:\Users\Muddi\Documents\GEZ Flehschreiben.odt
2014-08-05 16:05 - 2014-02-07 12:44 - 00000000 ____D () C:\Users\Muddi\.android
2014-08-05 16:05 - 2013-02-24 12:11 - 00000000 ____D () C:\Program Files\Free FLV Converter
2014-08-05 16:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-05 16:04 - 2014-07-09 13:14 - 00000000 ____D () C:\Users\Robbert\AppData\Local\Apple Computer
2014-08-05 15:59 - 2014-01-05 15:12 - 00000000 ____D () C:\ProgramData\Western Digital
2014-08-05 15:57 - 2014-08-05 15:57 - 03978203 _____ () C:\ProgramData\SPLFB5B.tmp
2014-08-05 15:56 - 2014-02-07 12:39 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-05 15:55 - 2014-08-05 15:55 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-08-05 15:55 - 2014-08-05 15:55 - 00000000 ____D () C:\inetpub
2014-08-05 15:54 - 2014-08-05 15:54 - 01619171 _____ () C:\ProgramData\SPL7013.tmp
2014-08-05 15:54 - 2013-02-11 20:34 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\Apple Computer
2014-08-05 15:52 - 2014-07-24 12:20 - 00064024 _____ () C:\Users\Robbert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-05 15:51 - 2013-02-07 15:36 - 00000000 ____D () C:\ProgramData\Apple
2014-08-05 15:49 - 2014-08-05 15:49 - 01044747 _____ () C:\ProgramData\SPLDA13.tmp
2014-08-05 15:48 - 2013-12-19 23:46 - 00000000 ____D () C:\Users\Muddi\AppData\Local\Windows Live
2014-08-05 15:48 - 2013-12-13 18:24 - 00000000 ____D () C:\AdwCleaner
2014-08-05 15:48 - 2013-12-08 00:04 - 00000000 ____D () C:\Users\Robbert
2014-08-05 15:48 - 2012-12-03 18:14 - 00000000 ____D () C:\Users\Muddi
2014-08-05 15:46 - 2014-08-05 15:46 - 00000086 _____ () C:\lxecjswx.log
2014-08-05 15:45 - 2014-08-05 15:45 - 00164406 _____ () C:\ProgramData\SPL22F4.tmp
2014-08-05 15:41 - 2014-07-31 17:38 - 00000000 ____D () C:\Program Files\CONEXANT
2014-08-05 15:41 - 2014-03-01 10:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-05 15:41 - 2012-12-23 17:55 - 00000000 ____D () C:\Program Files\QuickTime
2014-08-05 15:41 - 2012-12-05 18:15 - 00000000 ____D () C:\Program Files\Paint.NET
2014-08-05 15:41 - 2012-12-04 04:04 - 00000000 ____D () C:\Program Files\Notepad++
2014-08-05 15:41 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-05 15:41 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-05 15:40 - 2014-08-05 15:35 - 00002107 _____ () C:\ProgramData\lxec.log
2014-08-05 15:38 - 2014-08-02 11:03 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\Pro800-Pro900 Series
2014-08-05 15:37 - 2014-08-05 15:37 - 62113280 _____ () C:\Users\Muddi\Downloads\LEXMARK_Pro900_wcr_32_ge.exe
2014-08-05 15:37 - 2014-08-05 15:37 - 00001087 _____ () C:\Users\Muddi\Desktop\ET0020009A9F33 - Verknüpfung.lnk
2014-08-05 15:36 - 2014-08-05 15:36 - 00000086 _____ () C:\lxecPpx.log
2014-08-05 15:35 - 2014-07-31 18:41 - 00000504 _____ () C:\ProgramData\FastPics.log
2014-08-05 15:33 - 2014-08-05 15:33 - 00001232 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2014-08-05 15:33 - 2014-08-05 15:33 - 00001220 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2014-08-05 15:33 - 2014-08-05 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-05 15:32 - 2014-08-05 15:32 - 00000000 ____D () C:\Program Files\Glarysoft
2014-08-05 15:30 - 2014-08-05 15:30 - 04495528 _____ () C:\Users\Muddi\Downloads\AbsolutUninstaller_5.3.1.17.exe
2014-08-05 15:29 - 2014-08-05 15:24 - 00217759 _____ () C:\Windows\system32\LexFiles.ulf
2014-08-05 15:29 - 2014-08-05 15:24 - 00000000 ____D () C:\Program Files\Lexmark Pro800-Pro900 Series
2014-08-05 15:27 - 2014-08-05 16:14 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\Systweak
2014-08-05 15:27 - 2014-08-05 15:27 - 00001150 _____ () C:\Users\Muddi\Desktop\Live PC Help.lnk
2014-08-05 15:27 - 2014-08-05 15:25 - 00000000 ____D () C:\Program Files\Lexmark
2014-08-05 15:26 - 2014-08-05 15:25 - 00000000 ____D () C:\Program Files\Lexmark Toolbar
2014-08-05 15:25 - 2014-08-05 16:09 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-08-05 15:25 - 2014-08-05 15:25 - 01364531 _____ () C:\Users\Muddi\Downloads\adwcleaner_3.308.exe
2014-08-05 15:25 - 2014-08-05 15:25 - 00002005 _____ () C:\Users\Public\Desktop\Lexmark-Druckerstartseite starten.LNK
2014-08-05 15:25 - 2014-08-05 15:25 - 00001330 _____ () C:\Users\Public\Desktop\Besuchen sie Lexmark SmartSolutions.LNK
2014-08-05 15:25 - 2014-08-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
2014-08-05 15:24 - 2014-08-05 15:23 - 00039111 _____ () C:\Users\Muddi\Downloads\Addition.txt
2014-08-05 15:24 - 2014-08-05 15:21 - 00061041 _____ () C:\Users\Muddi\Downloads\FRST.txt
2014-08-05 15:23 - 2014-08-05 15:23 - 02977368 _____ () C:\ProgramData\SPL44E0.tmp
2014-08-05 15:23 - 2013-06-27 03:03 - 00007606 _____ () C:\Users\Muddi\AppData\Local\Resmon.ResmonCfg
2014-08-05 15:23 - 2012-12-04 13:07 - 00013436 _____ () C:\Windows\system32\lvcoinst.log
2014-08-05 15:22 - 2014-08-05 15:23 - 06089928 _____ (Microsoft Corporation) C:\Users\Muddi\Downloads\OneDriveSetup.exe
2014-08-05 15:22 - 2014-08-05 15:22 - 00000000 ____D () C:\Users\Robbert\AppData\Roaming\Systweak
2014-08-05 15:22 - 2014-08-05 15:22 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-05 15:22 - 2009-07-14 04:03 - 49545216 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-08-05 15:22 - 2009-07-14 04:03 - 21495808 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-08-05 15:22 - 2009-07-14 04:03 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-08-05 15:21 - 2014-08-05 15:21 - 02977368 _____ () C:\ProgramData\SPL8519.tmp
2014-08-05 15:21 - 2014-08-05 15:21 - 00164406 _____ () C:\ProgramData\SPL852A.tmp
2014-08-05 15:21 - 2014-08-05 15:21 - 00000000 ____D () C:\Users\SYSTEM\AppData\Roaming\Pro800-Pro900 Series
2014-08-05 15:21 - 2014-08-05 15:21 - 00000000 ____D () C:\Users\SYSTEM\AppData\Roaming\Coverpgs
2014-08-05 15:21 - 2014-08-05 15:21 - 00000000 ____D () C:\Users\SYSTEM
2014-08-05 15:20 - 2014-08-05 15:20 - 30861269 _____ () C:\ProgramData\SPLADB4.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLF675.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLF0C8.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLECC1.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLD958.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 03978203 _____ () C:\ProgramData\SPLBE7D.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 02977368 _____ () C:\ProgramData\SPLEAAE.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 02977368 _____ () C:\ProgramData\SPLDF05.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 02977368 _____ () C:\ProgramData\SPLD745.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 02977368 _____ () C:\ProgramData\SPL2A76.tmp
2014-08-05 15:20 - 2014-08-05 15:20 - 00016752 _____ () C:\Users\Muddi\Documents\Aegean Airline Hund.odt
2014-08-05 15:20 - 2013-03-22 01:11 - 00000000 ____D () C:\Program Files\Google
2014-08-05 15:20 - 1980-01-04 00:06 - 00008192 _____ () C:\Windows\system32\WDPABKP.dat
2014-08-05 15:19 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-05 00:09 - 2014-08-05 00:09 - 30861269 _____ () C:\ProgramData\SPL5C9A.tmp
2014-08-04 22:51 - 2014-08-04 20:50 - 15280545 _____ () C:\Users\TEMP\Desktop\12x12TealLace2of2.zip
2014-08-04 22:34 - 2014-08-04 22:33 - 00000000 ____D () C:\Users\TEMP\Documents\dieses
2014-08-04 22:23 - 2014-08-04 22:23 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\OpenOffice.org
2014-08-04 21:20 - 2014-08-04 20:31 - 00000000 ____D () C:\Users\TEMP\AppData\Local\VirtualStore
2014-08-04 21:08 - 2014-08-04 21:08 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Adobe
2014-08-04 21:08 - 2014-08-04 20:31 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Adobe
2014-08-04 20:52 - 2014-08-04 20:52 - 00000000 ____D () C:\Users\TEMP\Desktop\12x12TealLace1of2
2014-08-04 20:52 - 2014-08-04 20:52 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Apple Computer
2014-08-04 20:51 - 2014-08-04 20:51 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\TuneUp Software
2014-08-04 20:51 - 2014-08-04 20:51 - 00000000 ____D () C:\Users\TEMP\AppData\Local\TuneUp Software
2014-08-04 20:50 - 2014-08-04 20:50 - 18282991 _____ () C:\Users\TEMP\Desktop\12x12TealLace1of2.zip
2014-08-04 20:50 - 2014-08-04 20:50 - 00064024 _____ () C:\Users\TEMP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 20:34 - 2014-08-04 20:34 - 00000000 __SHD () C:\Users\TEMP\AppData\Local\EmieUserList
2014-08-04 20:34 - 2014-08-04 20:34 - 00000000 __SHD () C:\Users\TEMP\AppData\Local\EmieSiteList
2014-08-04 20:34 - 2014-08-04 20:34 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2014-08-04 20:33 - 2014-08-04 20:33 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Pro800-Pro900 Series
2014-08-04 20:33 - 2014-08-04 20:33 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Avira
2014-08-04 20:33 - 2014-08-04 20:33 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA Corporation
2014-08-04 20:33 - 2014-08-04 20:31 - 00000000 ____D () C:\Users\TEMP
2014-08-04 20:31 - 2014-08-04 20:31 - 00001421 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 20:31 - 2014-08-04 20:31 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-08-04 20:31 - 2014-08-04 20:31 - 00000000 ____D () C:\Users\TEMP\AppData\Local\NVIDIA
2014-08-04 02:14 - 2014-08-04 02:14 - 00398255 _____ () C:\ProgramData\SPLA67F.tmp
2014-08-04 02:11 - 2014-08-04 02:11 - 00040250 _____ () C:\Users\Muddi\Documents\Büstenhebe Bonprix.htm
2014-08-01 01:16 - 2014-08-29 18:12 - 00307384 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-31 19:11 - 2014-07-31 19:03 - 00000000 ____D () C:\Users\Muddi\AppData\Roaming\ArcSoft
2014-07-31 18:41 - 2014-07-31 18:41 - 26433600 _____ () C:\Users\Muddi\Downloads\Lexmark_Pro800-Pro900_Series_C082511_00_FWUpdate.exe
2014-07-31 18:41 - 2014-07-31 18:41 - 00000000 ____D () C:\ProgramData\Ezprint
2014-07-31 18:10 - 2014-07-31 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
2014-07-31 18:10 - 2014-07-31 18:10 - 00000000 ____D () C:\Program Files\Abbyy FineReader 6.0 Sprint
2014-07-31 18:10 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-07-31 18:09 - 2014-07-31 18:09 - 00000000 ____D () C:\ProgramData\Pro800-Pro900 Series
2014-07-31 18:04 - 2014-07-31 18:04 - 00000000 _____ () C:\ProgramData\LxWbGwLog.log
2014-07-31 18:04 - 2014-07-31 18:04 - 00000000 _____ () C:\ProgramData\cmn_upld.log
2014-07-31 17:53 - 2014-07-31 17:53 - 00001982 _____ () C:\Users\Public\Desktop\ArcSoft ShowBiz.lnk
2014-07-31 17:53 - 2014-07-31 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft ShowBiz
2014-07-31 17:53 - 2014-07-31 17:53 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-07-31 17:53 - 2014-07-31 17:53 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-07-31 17:52 - 2014-07-31 17:52 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-31 17:52 - 2014-07-31 17:52 - 00000000 ____D () C:\Program Files\ArcSoft
2014-07-30 23:25 - 2014-07-30 23:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-30 19:21 - 2014-07-30 19:21 - 00000000 _____ () C:\Windows\setuperr.log
Some content of TEMP:
====================
C:\Users\Celine\AppData\Local\Temp\avgnt.exe
C:\Users\Celine\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Celine\AppData\Local\Temp\SIntf16.dll
C:\Users\Celine\AppData\Local\Temp\SIntf32.dll
C:\Users\Celine\AppData\Local\Temp\SIntfNT.dll
C:\Users\Joshi.Muddi-PC\AppData\Local\Temp\avgnt.exe
C:\Users\Joshi.Muddi-PC\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Joshi.Muddi-PC\AppData\Local\Temp\Shockwave_Installer_FF-1.exe
C:\Users\Joshi.Muddi-PC\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Joshi.Muddi-PC\AppData\Local\Temp\SIntf16.dll
C:\Users\Joshi.Muddi-PC\AppData\Local\Temp\SIntf32.dll
C:\Users\Joshi.Muddi-PC\AppData\Local\Temp\SIntfNT.dll
C:\Users\Muddi\AppData\Local\Temp\avgnt.exe
C:\Users\Muddi\AppData\Local\Temp\CleanSchedule.exe
C:\Users\Muddi\AppData\Local\Temp\KUIU.EXE
C:\Users\Muddi\AppData\Local\Temp\Quarantine.exe
C:\Users\Robbert\AppData\Local\Temp\avgnt.exe
C:\Users\TEMP\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {current}
resumeobject {149c2396-3d1f-11e2-a1d9-000ffe2f926d}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {149c2398-3d1f-11e2-a1d9-000ffe2f926d}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {149c2396-3d1f-11e2-a1d9-000ffe2f926d}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {149c2398-3d1f-11e2-a1d9-000ffe2f926d}
device ramdisk=[C:]\Recovery\149c2398-3d1f-11e2-a1d9-000ffe2f926d\Winre.wim,{149c2399-3d1f-11e2-a1d9-000ffe2f926d}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\149c2398-3d1f-11e2-a1d9-000ffe2f926d\Winre.wim,{149c2399-3d1f-11e2-a1d9-000ffe2f926d}
systemroot \windows
nx OptIn
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {149c2396-3d1f-11e2-a1d9-000ffe2f926d}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae No
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows-Speicherdiagnose
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {149c2399-3d1f-11e2-a1d9-000ffe2f926d}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\149c2398-3d1f-11e2-a1d9-000ffe2f926d\boot.sdi
LastRegBack: 2014-08-29 18:07
==================== End Of Log ============================
2)FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-09-2014
Ran by Muddi at 2014-08-29 17:55:30
Running from C:\Users\Muddi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Absolute Uninstaller 5.3.1.17 (HKLM\...\Absolute Uninstaller) (Version: 5.3.1.17 - Glarysoft Ltd)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Antivirus Pro (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
ArcSoft ShowBiz (HKLM\...\{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}) (Version: - ArcSoft)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{0AEF4677-C1BE-489C-A5BA-85382F8DA38B}) (Version: 15.4.13.1 - Broadcom Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
FiniteLight (HKLM\...\FiniteLight) (Version: - )
Fotogalerie (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Gardenscapes™ (HKLM\...\Gardenscapes™) (Version: 32.0.0.0 - Shockwave.com)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 17 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Lexmark (HKLM\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lexmark Pro800-Pro900 Series (HKLM\...\Lexmark Pro800-Pro900 Series) (Version: - Lexmark International, Inc.)
Lexmark Symbolleiste (HKLM\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.3.37.0 - )
MAGIX Foto Designer 7 (HKLM\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Zoo Tycoon (HKLM\...\Zoo Tycoon 1.0) (Version: - )
Movie Maker (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 10.10.5 (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.10.5 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.12 - NVIDIA Corporation)
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Photo Gallery (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SHIELD Streaming (Version: 1.6.75 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.122 - TuneUp Software) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Communications Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
29-08-2014 15:47:05 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01909F85-6339-4EF6-988F-19DB59FC1081} - System32\Tasks\{CD02A5FE-F1B4-48BE-A0FF-81513542E346} => C:\Program Files\Playrix Entertainment\Gardenscapes\Gardenscapes.exe
Task: {0D9AD536-F0E8-47A4-9915-8452F876A5F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-22] (Google Inc.)
Task: {2188C9CB-B146-4714-880C-396F7EA10191} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {294BBF5B-B4B8-4058-BA0C-D535567FF2EC} - System32\Tasks\{95964A46-D1B7-4F68-9399-E75D0BFC61F0} => C:\Program Files\Shockwave.com\Gardenscapes\Gardenscapes.exe [2012-03-29] (shockwave.com)
Task: {35A26F75-DDF2-408B-B8E7-969F66D29337} - System32\Tasks\{511D3B3B-D370-4F23-8343-BCCB3CB0BF3C} => C:\Program Files\FLV Player\FLVPlayer.exe
Task: {4F33419A-ADEE-4B68-9F22-CBE1E12BB803} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {50ADCF9D-E49F-4EF1-9671-40E642B7F757} - System32\Tasks\{22401929-30A5-4154-81A3-22D3FC6C228D} => C:\Program Files\Shockwave.com\Gardenscapes\Gardenscapes.exe [2012-03-29] (shockwave.com)
Task: {5DC47397-6DBE-44A1-9CD7-9E73C6A5C3BC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {72CD834B-9123-4A00-8743-7F3DF8B573D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-22] (Google Inc.)
Task: {7BF7CF16-1CEF-495B-8134-D00ADE02168C} - System32\Tasks\{77C51E6A-8AF7-4041-8F9F-6064659B43C9} => C:\Program Files\Playrix Entertainment\Gardenscapes\Gardenscapes.exe
Task: {82DB1498-8B4A-4510-96A5-ED36CA165C88} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {C7AC463E-3983-4F8C-8232-1B25C2478D21} - System32\Tasks\{6DE07D5B-433B-4BF8-BB47-01721748793F} => C:\Program Files\Playrix Entertainment\Gardenscapes\Gardenscapes.exe
Task: {C9A77B44-FB3F-4DF5-969B-B83CF7A51208} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3691020185-3350912418-1631763551-1002
Task: {D6CBA14D-57F6-40CC-9A9B-83371C6E967D} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2012-11-30] ()
Task: {D8F875B8-DB62-41E5-A18A-ECE41FF5A9C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: {E905248B-8670-475C-9299-5BC9EFA792EB} - System32\Tasks\{777770AF-4A2D-4CE7-A670-C8B6761468A7} => C:\Program Files\Playrix Entertainment\Gardenscapes\Gardenscapes.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-12-14 13:09 - 2014-03-04 14:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-07-31 18:09 - 2009-11-26 01:08 - 00049152 _____ () C:\Windows\System32\LXECPMON.DLL
2014-07-31 18:09 - 2009-01-13 08:15 - 04485120 _____ () C:\Windows\System32\LXECOEM.DLL
2014-08-05 15:29 - 2009-11-04 15:14 - 00157696 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxecdrpp.dll
2014-07-16 10:24 - 2014-07-16 10:24 - 00585528 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2008-05-22 04:27 - 2008-05-22 04:27 - 00372736 _____ () C:\Program Files\Lexmark Toolbar\toolband.dll
2008-05-22 04:28 - 2008-05-22 04:28 - 00458752 _____ () C:\Program Files\Lexmark Toolbar\resource.dll
2014-07-30 23:25 - 2014-07-30 23:25 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: lxec_device => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: WDBackup => 2
MSCONFIG\Services: WDDriveService => 2
MSCONFIG\startupreg: EzPrint => "C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe"
MSCONFIG\startupreg: Lexmark Pro800-Pro900 Series Fax Server => "C:\Program Files\Lexmark Pro800-Pro900 Series\fm3032.exe" /s
MSCONFIG\startupreg: lxecmon.exe => "C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe"
==================== Faulty Device Manager Devices =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (08/29/2014 05:29:36 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (08/29/2014 05:19:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (08/29/2014 05:19:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (08/29/2014 05:19:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (08/29/2014 05:19:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
System errors:
=============
Error: (08/29/2014 05:21:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/29/2014 05:20:12 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.0.100192.168.137.0255.255.255.0
Error: (08/29/2014 05:20:12 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/29/2014 05:20:12 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (08/29/2014 05:19:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/29/2014 05:19:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht.
Error: (08/29/2014 05:21:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (08/29/2014 05:20:13 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.0.100192.168.137.0255.255.255.0
Error: (08/29/2014 05:20:13 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (08/29/2014 05:19:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (08/29/2014 05:29:36 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (08/29/2014 05:19:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (08/29/2014 05:19:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (08/29/2014 05:19:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (08/29/2014 05:19:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (08/29/2014 05:19:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz
Percentage of memory in use: 43%
Total physical RAM: 2047.51 MB
Available physical RAM: 1147.51 MB
Total Pagefile: 4095.02 MB
Available Pagefile: 2715.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1882.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.41 GB) (Free:17.34 GB) NTFS
Drive d: (Pro800-Pro900 Se) (CDROM) (Total:0.57 GB) (Free:0 GB) CDFS
Drive h: (Volume) (Fixed) (Total:1397.26 GB) (Free:943.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 000777FB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 609ECC19)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
is ja gans schee viel zeusch :O VIELEN DANK IM VORAUS!!! ps.: vielleicht isses wischdisch?? die uhrzeit/datum vestellt sich immer von selbst bzw. bleibt immer auf einem tag/stunde stehn/wiederholt sich dauernd und täglich grüsst das murmeltier  GUUDE |
|
04.09.2014, 22:58
| #6 |
| | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! 3) Users shortcut scan result (x86) Version: 03-09-2014 Ran by Muddi at 2014-08-29 17:56:18 Running from C:\Users\Muddi\Desktop Boot Mode: Normal ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\TuneUp Software\TuneUp Utilities 2014\StartUp Manager\Deaktivierte Objekte Alle Benutzer\Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk -> C:\Program Files\Glarysoft\Absolute Uninstaller 5\unInstaller.exe (Glarysoft Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.lnk -> C:\Program Files\Adobe\Photoshop 7.0\ImageReady.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.lnk -> C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files\Audacity\audacity.exe (The Audacity Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk -> C:\Program Files\TuneUp Utilities 2014\Integrator.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety.lnk -> C:\Windows\Installer\{84B11E58-A3BC-404F-AA08-23062374CBD2}\fssicon.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\TuneUp Utilities 2014.lnk -> C:\Program Files\TuneUp Utilities 2014\Integrator.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\TuneUp Utilities Hilfe.lnk -> C:\ProgramData\TuneUp Software\TuneUp Utilities 2014\de-DE\main_vista_7.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp 1-Klick-Wartung.lnk -> C:\Program Files\TuneUp Utilities 2014\OneClick.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Browser Cleaner.lnk -> C:\Program Files\TuneUp Utilities 2014\BrowserCleaner.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Disk Cleaner.lnk -> C:\Program Files\TuneUp Utilities 2014\DiskCleaner.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Disk Doctor.lnk -> C:\Program Files\TuneUp Utilities 2014\DiskDoctor.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Disk Space Explorer.lnk -> C:\Program Files\TuneUp Utilities 2014\DiskExplorer.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Drive Defrag.lnk -> C:\Program Files\TuneUp Utilities 2014\DriveDefrag.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Duplicate Finder.lnk -> C:\Program Files\TuneUp Utilities 2014\DuplicateFinder.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Economy-Modus.lnk -> C:\Program Files\TuneUp Utilities 2014\EnergyOptimizer.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Optimierungsbericht.lnk -> C:\Program Files\TuneUp Utilities 2014\Report.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Process Manager.lnk -> C:\Program Files\TuneUp Utilities 2014\ProcessManager.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Program Deactivator.lnk -> C:\Program Files\TuneUp Utilities 2014\ProgramDeactivator.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Registry Cleaner.lnk -> C:\Program Files\TuneUp Utilities 2014\RegistryCleaner.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Registry Defrag.lnk -> C:\Program Files\TuneUp Utilities 2014\RegistryDefrag.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Registry Editor.lnk -> C:\Program Files\TuneUp Utilities 2014\RegistryEditor.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Repair Wizard.lnk -> C:\Program Files\TuneUp Utilities 2014\RepairWizard.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Rescue Center.lnk -> C:\Program Files\TuneUp Utilities 2014\RescueCenter.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Setting Center.lnk -> C:\Program Files\TuneUp Utilities 2014\SettingCenter.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Shortcut Cleaner.lnk -> C:\Program Files\TuneUp Utilities 2014\ShortcutCleaner.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Shredder.lnk -> C:\Program Files\TuneUp Utilities 2014\Shredder.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp StartUp Manager.lnk -> C:\Program Files\TuneUp Utilities 2014\StartUpManager.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp StartUp Optimizer.lnk -> C:\Program Files\TuneUp Utilities 2014\StartupOptimizer.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Styler.lnk -> C:\Program Files\TuneUp Utilities 2014\Styler.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp System Control.lnk -> C:\Program Files\TuneUp Utilities 2014\SystemControl.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp System Information.lnk -> C:\Program Files\TuneUp Utilities 2014\SystemInformation.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Undelete.lnk -> C:\Program Files\TuneUp Utilities 2014\Undelete.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Uninstall Manager.lnk -> C:\Program Files\TuneUp Utilities 2014\UninstallManager.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Update Wizard.lnk -> C:\Program Files\TuneUp Utilities 2014\UpdateWizard.exe (TuneUp Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SibGame\Magic Block\Uninstall Magic Block.lnk -> C:\Program Files\SibGame\Magic Block\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shockwave.com\Gardenscapes\End User License Agreement.lnk -> C:\Program Files\Shockwave.com\Gardenscapes\eula.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shockwave.com\Gardenscapes\Gardenscapes.lnk -> C:\Program Files\Shockwave.com\Gardenscapes\Gardenscapes.exe (shockwave.com) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime - Bitte lesen.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\RichText.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\QTPlayer.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Base.lnk -> C:\Program Files\OpenOffice 4\program\sbase.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Calc.lnk -> C:\Program Files\OpenOffice 4\program\scalc.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Draw.lnk -> C:\Program Files\OpenOffice 4\program\sdraw.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Impress.lnk -> C:\Program Files\OpenOffice 4\program\simpress.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Math.lnk -> C:\Program Files\OpenOffice 4\program\smath.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice Writer.lnk -> C:\Program Files\OpenOffice 4\program\swriter.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0\OpenOffice.lnk -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\FiniteLight.lnk -> C:\Program Files\FiniteLight\FLight.EXE () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon\Zoo Tycoon Info.lnk -> C:\Program Files\Microsoft Games\Zoo Tycoon\Info.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\ Malwarebytes Anti-Malware .lnk -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Foto Designer 7\MAGIX Foto Designer 7.lnk -> C:\Program Files\MAGIX\Foto_Designer_7\XtremePhoto.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Foto Designer 7\Service und Support\Lizenzbedingungen.lnk -> C:\Program Files\MAGIX\Foto_Designer_7\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Foto Designer 7\Service und Support\MAGIX Foto Designer 7 deinstallieren.lnk -> C:\Program Files\Common Files\MAGIX Services\Uninstall\{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}\Foto_Designer_7_silver_de-DE_setup.exe (MAGIX AG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Foto Designer 7\Service und Support\MAGIX Online Services.lnk -> C:\Program Files\MAGIX\Foto_Designer_7\Online Services Info\index_0407.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Foto Designer 7\Service und Support\Support.lnk -> C:\Program Files\MAGIX\Foto_Designer_7\support.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Foto Designer 7\Dokumentation\MAGIX Foto Designer 7 Handbuch.lnk -> C:\Program Files\MAGIX\Foto_Designer_7\Manual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Foto Designer 7\Dokumentation\MAGIX Foto Designer 7 Hilfe.lnk -> C:\Program Files\MAGIX\Foto_Designer_7\pa.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark\Lexmark-Druckerstartseite.LNK -> C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark\Pro900 Series\Benutzerhandbuch anzeigen.LNK -> C:\Program Files\Lexmark Pro800-Pro900 Series\LXECuser.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files\IrfanView\i_about.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files\IrfanView\i_languages.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files\IrfanView\i_plugins.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files\IrfanView\i_options.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.35.lnk -> C:\Program Files\IrfanView\i_view32.exe (Irfan Skiljan) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files\IrfanView\i_view32.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\Uninstall IrfanView.lnk -> C:\Program Files\IrfanView\iv_uninstall.exe (Irfan Skiljan, IrfanView) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files\IrfanView\i_changes.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk -> C:\Program Files\Google\Google Earth\client\googleearth.exe (Google) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft\Absolute Uninstaller\Absolute Uninstaller.lnk -> C:\Program Files\Glarysoft\Absolute Uninstaller 5\unInstaller.exe (Glarysoft Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft\Absolute Uninstaller\Uninstall.lnk -> C:\Program Files\Glarysoft\Absolute Uninstaller 5\uninst.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft\Absolute Uninstaller\Website.lnk -> C:\Program Files\Glarysoft\Absolute Uninstaller 5\Absolute Uninstaller.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Converter.lnk -> C:\Program Files\DivX\DivX Plus Converter\DivXConverterLauncher.exe (DivX, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Player.lnk -> C:\Program Files\DivX\DivX Plus Player\DivX Plus Player.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom\Broadcom Advanced Control Suite 4.lnk -> C:\Program Files\Broadcom\BACS\BACS.exe (Broadcom Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Antivirus Suite Hilfe.lnk -> C:\Program Files\Avira\AntiVir Desktop\avwin.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Antivirus Suite starten.lnk -> C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira im Internet.lnk -> C:\Program Files\Avira\AntiVir Desktop\weblink.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Readme anzeigen.lnk -> C:\Program Files\Avira\AntiVir Desktop\readme.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft ShowBiz\ArcSoft ShowBiz.lnk -> C:\Program Files\ArcSoft\TotalMedia ShowBiz\TMShowBiz.exe (ArcSoft, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\IIS Manager.lnk -> C:\Windows\System32\inetsrv\InetMgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint\ABBYY FineReader 6.0 Sprint.lnk -> C:\Windows\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\_SHCT_Sprint.exe.exe (InstallShield Software Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint\Benutzerhandbuch.lnk -> C:\Program Files\Abbyy FineReader 6.0 Sprint\Sprint2.chm () Shortcut: C:\Users\Celine\Links\Desktop.lnk -> C:\Users\Muddi\Desktop () Shortcut: C:\Users\Celine\Links\Downloads.lnk -> C:\Users\Muddi\Downloads () Shortcut: C:\Users\Celine\Desktop\Clickomania.lnk -> C:\progs\games\click\Click.exe (Matthias Schüssler) Shortcut: C:\Users\Celine\Desktop\Fatman Blocks.lnk -> C:\Program Files\Games\Another Day\Fatman Blocks\FatmanBlocks.exe () Shortcut: C:\Users\Celine\Desktop\Magic Block.lnk -> C:\Program Files\SibGame\Magic Block\Magic Block.exe (SibGame) Shortcut: C:\Users\Celine\Desktop\OpenOffice.org Writer.lnk -> C:\Program Files\OpenOffice.org 3\program\swriter.exe (No File) Shortcut: C:\Users\Celine\Desktop\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\Desktop\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Inc.) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Inc.) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Celine\AppData\Local\Microsoft\Windows\GameExplorer\{D58C22CD-B1A5-430E-B46E-44CCE7261F96}\PlayTasks\0\Spielen.lnk -> C:\Program Files\Microsoft Games\Zoo Tycoon\zoo.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\SuperTrentyGuy\Super TrentyGuy starten.lnk -> C:\spiele\supertrentyguy\Super Trentyguy.exe () Shortcut: C:\Users\Joshi.Muddi-PC\SuperTrentyGuy\SuperTrentyGuy Deinstallation.lnk -> C:\spiele\supertrentyguy\UNINSTALL.EXE () Shortcut: C:\Users\Joshi.Muddi-PC\SuperPac\SuperPac Deinstallation.lnk -> C:\spiele\test\UNINSTALL.EXE () Shortcut: C:\Users\Joshi.Muddi-PC\SuperPac\Superpac starten.lnk -> C:\spiele\test\superpac.exe () Shortcut: C:\Users\Joshi.Muddi-PC\Links\Desktop.lnk -> C:\Users\Muddi\Desktop () Shortcut: C:\Users\Joshi.Muddi-PC\Links\Downloads.lnk -> C:\Users\Muddi\Downloads () Shortcut: C:\Users\Joshi.Muddi-PC\Desktop\Bescheinigung Rente Celine 001 - Verknüpfung.lnk -> C:\Users\Joshi.Muddi-PC\Pictures\2013-10-22 Bescheinigung Rente Celine\Bescheinigung Rente Celine 001.tif () Shortcut: C:\Users\Joshi.Muddi-PC\Desktop\Clickomania.lnk -> C:\progs\games\click\Click.exe (Matthias Schüssler) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard101(DE)\Uninstall Wizard101.lnk -> C:\ProgramData\Wizard101(DE)\unins000.exe () Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard101(DE)\Wizard101.lnk -> C:\ProgramData\Wizard101(DE)\Wizard101.exe () Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Inc.) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\Users\Joshi.Muddi-PC\AppData\Local\Microsoft\Windows\GameExplorer\{DA5DF841-A1DC-4CB2-8E36-05B9869A6956}\PlayTasks\0\Spielen.lnk -> C:\Program Files\Microsoft Games\Zoo Tycoon\zoo.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\Links\Desktop.lnk -> C:\Users\Muddi\Desktop () Shortcut: C:\Users\Muddi\Links\Downloads.lnk -> C:\Users\Muddi\Downloads () Shortcut: C:\Users\Muddi\Desktop\Audacity.lnk -> C:\Program Files\Audacity\audacity.exe (The Audacity Team) Shortcut: C:\Users\Muddi\Desktop\DivX Movies.lnk -> C:\Users\Muddi\Videos\DivX Movies () Shortcut: C:\Users\Muddi\Desktop\Foto im Herzen Africas - Verknüpfung.lnk -> C:\Users\Joshi.Muddi-PC\Documents\Foto im Herzen Africas.odt () Shortcut: C:\Users\Muddi\Desktop\PlayReady - Verknüpfung.lnk -> C:\ProgramData\Microsoft\PlayReady () Shortcut: C:\Users\Muddi\Desktop\zeusch vom nokia xl - Verknüpfung.lnk -> C:\Users\Muddi\Pictures\zeusch vom nokia xl () Shortcut: C:\Users\Muddi\Desktop\Spiele\Blobb´s Abenteuer 1 (2).lnk -> C:\Windows\Spiele\blobb1\blobb1.exe (Europress Software) Shortcut: C:\Users\Muddi\Desktop\Spiele\Blobb´s Abenteuer 1.lnk -> C:\Windows\Spiele\blobb1\blobb1.exe (Europress Software) Shortcut: C:\Users\Muddi\Desktop\Spiele\Clickomania.lnk -> C:\progs\games\click\Click.exe (Matthias Schüssler) Shortcut: C:\Users\Muddi\Desktop\Spiele\CornWolf starten.lnk -> C:\spiele\cornwolf\CORNWOLF.exe (Macromedia, Inc.) Shortcut: C:\Users\Muddi\Desktop\Spiele\Fatman Blocks.lnk -> C:\Program Files\Games\Another Day\Fatman Blocks\FatmanBlocks.exe () Shortcut: C:\Users\Muddi\Desktop\Spiele\FiniteLight (2).lnk -> C:\Program Files\FiniteLight\FLight.EXE () Shortcut: C:\Users\Muddi\Desktop\Spiele\FiniteLight (3).lnk -> C:\Program Files\FiniteLight\FLight.EXE () Shortcut: C:\Users\Muddi\Desktop\Spiele\FiniteLight.lnk -> C:\Program Files\FiniteLight\FLight.EXE () Shortcut: C:\Users\Muddi\Desktop\Spiele\Magic Block.lnk -> C:\Program Files\SibGame\Magic Block\Magic Block.exe (SibGame) Shortcut: C:\Users\Muddi\Desktop\Spiele\SuperTrentyGuy\Super TrentyGuy starten.lnk -> C:\spiele\supertrentyguy\Super Trentyguy.exe () Shortcut: C:\Users\Muddi\Desktop\Spiele\SuperTrentyGuy\SuperTrentyGuy Deinstallation.lnk -> C:\spiele\supertrentyguy\UNINSTALL.EXE () Shortcut: C:\Users\Muddi\Desktop\Spiele\SuperPac\SuperPac Deinstallation.lnk -> C:\spiele\test\UNINSTALL.EXE () Shortcut: C:\Users\Muddi\Desktop\Spiele\SuperPac\Superpac starten.lnk -> C:\spiele\test\superpac.exe () Shortcut: C:\Users\Muddi\Desktop\Spiele\PucKmAn v1.1t\PucKmAn v1.1t Deinstallation.lnk -> C:\TEST\UNINSTALL.EXE () Shortcut: C:\Users\Muddi\Desktop\Spiele\PucKmAn v1.1t\PucKmAn v1.1t starten.lnk -> C:\TEST\puckman1.1t.exe () Shortcut: C:\Users\Muddi\Desktop\Spiele\Fatman Blocks\Fatman Blocks.lnk -> C:\Program Files\Games\Another Day\Fatman Blocks\FatmanBlocks.exe () Shortcut: C:\Users\Muddi\Desktop\Spiele\Fatman Blocks\Uninstall Fatman Blocks.lnk -> C:\Program Files\Games\Another Day\Fatman Blocks\unins000.exe () Shortcut: C:\Users\Muddi\Desktop\Spiele\Cornwolf\Cornwolf Deinstallation.lnk -> C:\spiele\cornwolf\UNINSTALL.EXE () Shortcut: C:\Users\Muddi\Desktop\Spiele\Cornwolf\CornWolf starten.lnk -> C:\spiele\cornwolf\CORNWOLF.exe (Macromedia, Inc.) Shortcut: C:\Users\Muddi\AppData\Roaming\TuneUp Software\TU2013\StartUp Manager\Deaktivierte Objekte\OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programmgruppe\Pac ManHattan starten.lnk -> C:\spiele\test\PacManHattan.exe () Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programmgruppe\Programmgruppe Deinstallation.lnk -> C:\spiele\test\UNINSTALL.EXE () Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Uninstall Blobb´s Abenteuer 1.lnk -> C:\Windows\Spiele\blobb1\uninstal.exe () Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> H:\Dropbox\Dropbox () Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Absolute Uninstaller.lnk -> C:\Program Files\Glarysoft\Absolute Uninstaller 5\unInstaller.exe (Glarysoft Ltd) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe () Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Malwarebytes Anti-Malware .lnk -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TuneUp Utilities - Startoberfläche.lnk -> C:\Program Files\TuneUp Utilities 2014\Integrator.exe (TuneUp Software) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Avira Control Center.lnk -> C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) Shortcut: C:\Users\Muddi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Muddi\AppData\Local\Microsoft\Windows\GameExplorer\{62FAB9E6-AF87-4383-B5FA-8607088A5948}\PlayTasks\0\Spielen.lnk -> C:\Program Files\Microsoft Games\Zoo Tycoon\zoo.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Absolute Uninstaller.lnk -> C:\Program Files\Glarysoft\Absolute Uninstaller 5\unInstaller.exe (Glarysoft Ltd) Shortcut: C:\Users\Public\Desktop\ArcSoft ShowBiz.lnk -> C:\Program Files\ArcSoft\TotalMedia ShowBiz\TMShowBiz.exe (ArcSoft, Inc.) Shortcut: C:\Users\Public\Desktop\Google Earth.lnk -> C:\Program Files\Google\Google Earth\client\googleearth.exe (Google) Shortcut: C:\Users\Public\Desktop\Lexmark-Druckerstartseite starten.LNK -> C:\Program Files\Lexmark\Dashboard\LX__Dashboard.exe () Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation) Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files\QuickTime\QuickTimePlayer.exe (Apple Inc.) Shortcut: C:\Users\Public\Desktop\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe () Shortcut: C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk -> C:\Program Files\TuneUp Utilities 2014\OneClick.exe (TuneUp Software) Shortcut: C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk -> C:\Program Files\TuneUp Utilities 2014\Integrator.exe (TuneUp Software) Shortcut: C:\Users\Robbert\Links\Desktop.lnk -> C:\Users\Muddi\Desktop () Shortcut: C:\Users\Robbert\Links\Downloads.lnk -> C:\Users\Muddi\Downloads () Shortcut: C:\Users\Robbert\Desktop\adwcleaner_3.0.1.5 - Verknüpfung.lnk -> C:\Users\Muddi\Downloads\adwcleaner_3.0.1.5.exe (No File) Shortcut: C:\Users\Robbert\Desktop\FLV Player.lnk -> C:\Program Files\FLV Player\FLVPlayer.exe (No File) Shortcut: C:\Users\Robbert\Desktop\Leseprobe irmsche - Verknüpfung.lnk -> C:\Users\Muddi\Downloads\Leseprobe irmsche.doc (No File) Shortcut: C:\Users\Robbert\Desktop\PlayReady - Verknüpfung.lnk -> C:\ProgramData\Microsoft\PlayReady () Shortcut: C:\Users\Robbert\Desktop\VideoCacheView - Verknüpfung.lnk -> C:\Users\Muddi\Downloads\videocacheview267\VideoCacheView.exe (No File) Shortcut: C:\Users\Robbert\Desktop\videocacheview267 - Verknüpfung.lnk -> C:\Users\Muddi\Downloads\videocacheview267.zip (No File) Shortcut: C:\Users\Robbert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Robbert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\Links\Desktop.lnk -> C:\Users\Muddi\Desktop () Shortcut: C:\Users\TEMP\Links\Downloads.lnk -> C:\Users\Muddi\Downloads () Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\TEMP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\Alle Funktionen\TuneUp Live-Optimierung.lnk -> C:\Program Files\TuneUp Utilities 2014\SettingCenter.exe (TuneUp Software) -> /live ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shockwave.com\Gardenscapes\Uninstall.lnk -> C:\Program Files\Shockwave.com\Gardenscapes\UNWISE.EXE (Altiris) -> "C:\PROGRA~1\SHOCKW~1.COM\GARDEN~1\INSTALL.LOG" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deinstallieren.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /i {111EE7DF-FC45-40C7-98A7-753AC46B12FB} /qf ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\FiniteLight Uninstall.lnk -> C:\Windows\GPInstall.exe (Qsc) -> "/UNINST=C:\Program Files\FiniteLight\UnInst.log" "/APPNAME=FiniteLight" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon\Deinstallieren.lnk -> C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE (Microsoft Corporation) -> /runtemp ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Zoo Tycoon\Zoo Tycoon.lnk -> C:\Program Files\Microsoft Games\Zoo Tycoon\zoo.exe (Microsoft Corporation) -> ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark\Pro900 Series\Lexmark Pro900 Series deinstallieren.LNK -> C:\Program Files\Lexmark Pro800-Pro900 Series\Install\x86\instgui.exe ( ) -> /u MODEL="Pro900 Series" PRODUCT_CODE="4444301" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth deinstallieren.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth im DirectX-Modus starten.lnk -> C:\Program Files\Google\Google Earth\client\googleearth.exe (Google) -> -setDX ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth im OpenGL-Modus starten.lnk -> C:\Program Files\Google\Google Earth\client\googleearth.exe (Google) -> -setOGL ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Codec-Einstellungen.lnk -> C:\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=decoder ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Nach Updates suchen.lnk -> C:\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Registrieren.lnk -> C:\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=registration ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff ShortcutWithArgument: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Celine\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Celine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Joshi.Muddi-PC\Desktop\Zoo Tycoon.lnk -> C:\Program Files\Microsoft Games\Zoo Tycoon\zoo.exe (Microsoft Corporation) -> ShortcutWithArgument: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff ShortcutWithArgument: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Users\Muddi\Desktop\Spiele\Zoo Tycoon.lnk -> C:\Program Files\Microsoft Games\Zoo Tycoon\zoo.exe (Microsoft Corporation) -> ShortcutWithArgument: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff ShortcutWithArgument: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Muddi\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto: ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\TEMP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap\WinPcap Web Site.url -> hxxp://www.winpcap.org/ InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014\TuneUp Software Webseite.url -> hxxp://www.tuneup.de InternetURL: C:\Users\Celine\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742 InternetURL: C:\Users\Celine\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700 InternetURL: C:\Users\Celine\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681 InternetURL: C:\Users\Celine\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682 InternetURL: C:\Users\Celine\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680 InternetURL: C:\Users\Celine\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659 InternetURL: C:\Users\Celine\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640 InternetURL: C:\Users\Celine\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636 InternetURL: C:\Users\Celine\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635 InternetURL: C:\Users\Celine\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630 InternetURL: C:\Users\Celine\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186 InternetURL: C:\Users\Celine\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520 InternetURL: C:\Users\Celine\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813 InternetURL: C:\Users\Celine\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629 InternetURL: C:\Users\Celine\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406 InternetURL: C:\Users\Celine\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893 InternetURL: C:\Users\Celine\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893 InternetURL: C:\Users\Celine\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\Celine\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\Joshi\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\Joshi\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\Joshi.Muddi-PC\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\Joshi.Muddi-PC\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\Joshi.Muddi-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard101(DE)\Wizard101 Website.url -> hxxp://www.wizard101.de InternetURL: C:\Users\Muddi\Favorites\Auswärtiges Amt - Reise- und Sicherheitshinweise - USA - Vereinigte Staaten Reise- und Sicherheitshinweise.url -> hxxp://www.auswaertiges-amt.de/DE/Laenderinformationen/00-SiHi/UsaVereinigteStaatenSicherheit.html?nn=362966#doc335722bodyText3 InternetURL: C:\Users\Muddi\Favorites\Boxspringbett Ramona II Home24.url -> hxxp://www.home24.de/solutions/boxspringbett-ramona-ii-140-x-200cm-braun InternetURL: C:\Users\Muddi\Favorites\Das Sweet On Satin Restraints Set von Bettie Page online bei Amorelie.de kaufen..url -> hxxp://www.amorelie.de/erotik-accessoires/bondage/fesseln-handschellen/bettie-page-sweet-on-satin-restraints-set/ InternetURL: C:\Users\Muddi\Favorites\Designated Sponsor List Participants J-1 Visa.url -> hxxp://j1visa.state.gov/participants/how-to-apply/sponsor-search/?program=Secondary%20School%20Student&state=any InternetURL: C:\Users\Muddi\Favorites\Ein US-Visum beantragen Einen Termin vereinbaren - Deutschland (Deutsch).url -> hxxp://ustraveldocs.com/de_de/de-niv-appointmentschedule.asp InternetURL: C:\Users\Muddi\Favorites\Ein US-Visum beantragen Wartezeiten für Interviewtermine - Deutschland (Deutsch).url -> hxxp://www.ustraveldocs.com/de_de/de-niv-waittimeinfo.asp#section3 InternetURL: C:\Users\Muddi\Favorites\Elterngruppe Erwachsenengruppe ADS Hyperaktivität Frankfurt.url -> hxxp://www.ads-hyperaktivitaet.de/Eltern_Ffm/Einladung/einladung.html InternetURL: C:\Users\Muddi\Favorites\Frankfurt am Main Reisepass.url -> hxxp://www.frankfurt.de/sixcms/detail.php?id=2778&_ffmpar[_id_inhalt]=58141 InternetURL: C:\Users\Muddi\Favorites\Futonbett Sumatra Home24.url -> hxxp://www.home24.de/rauch/futonbett-sumatra-140-x-200cm-vintage-braun InternetURL: C:\Users\Muddi\Favorites\GAPP - Goethe-Institut .url -> hxxp://www.goethe.de/ins/us/lp/prj/gapp/enindex.htm?wt_sc=gapp InternetURL: C:\Users\Muddi\Favorites\https--cgifederal.secure.force.com-SiteLoginrefURL=http%3A%2F%2Fcgifederal.secure.force.com%2F.url -> https://cgifederal.secure.force.com/SiteLogin?refURL=http%3A%2F%2Fcgifederal.secure.force.com%2F InternetURL: C:\Users\Muddi\Favorites\MALM Bettgestell hoch - 140x200 cm, - - IKEA.url -> hxxp://www.ikea.com/de/de/catalog/products/S09929231/#/S49929229 InternetURL: C:\Users\Muddi\Favorites\MALM Bettgestell hoch - 140x200 cm, Lattenrost - IKEA.url -> hxxp://www.ikea.com/de/de/catalog/products/S09929231/#/S69023042 InternetURL: C:\Users\Muddi\Favorites\Nonimmigrant Visa - Instructions Page.url -> https://ceac.state.gov/genniv/ InternetURL: C:\Users\Muddi\Favorites\Nonimmigrant Visa - SEVIS Information.url -> https://ceac.state.gov/GenNIV/General/complete/complete_ExchangeVisitorStudentVisa.aspx?node=ExchangeVisitor3 InternetURL: C:\Users\Muddi\Favorites\Photo Requirements.url -> hxxp://travel.state.gov/content/visas/english/general/photos.html InternetURL: C:\Users\Muddi\Favorites\Schools and Programs.url -> hxxp://www.ice.gov/sevis/schools/ InternetURL: C:\Users\Muddi\Favorites\Spitzen Reizwäsche - Dessous Set.url -> https://www.fancy-dresses.de/detail/index/sArticle/140# InternetURL: C:\Users\Muddi\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742 InternetURL: C:\Users\Muddi\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700 InternetURL: C:\Users\Muddi\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681 InternetURL: C:\Users\Muddi\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682 InternetURL: C:\Users\Muddi\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680 InternetURL: C:\Users\Muddi\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659 InternetURL: C:\Users\Muddi\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640 InternetURL: C:\Users\Muddi\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636 InternetURL: C:\Users\Muddi\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635 InternetURL: C:\Users\Muddi\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630 InternetURL: C:\Users\Muddi\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186 InternetURL: C:\Users\Muddi\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520 InternetURL: C:\Users\Muddi\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813 InternetURL: C:\Users\Muddi\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629 InternetURL: C:\Users\Muddi\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406 InternetURL: C:\Users\Muddi\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893 InternetURL: C:\Users\Muddi\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893 InternetURL: C:\Users\Muddi\Favorites\Links\https--cgifederal.secure.force.com-.url -> https://cgifederal.secure.force.com/ InternetURL: C:\Users\Muddi\Favorites\Links\So wird der Bundestag gewählt tagesschau.url -> hxxp://www.tagesschau.de/wahl/hintergruende/wahlrecht162.html InternetURL: C:\Users\Muddi\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\Muddi\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\Robbert\Favorites\Amazon.de Einkaufswagen.url -> hxxp://www.amazon.de/gp/aw/c InternetURL: C:\Users\Robbert\Favorites\Containerbestellung 24, Abfallcontainer für Frankfurt am Main (Kreisfreie Stadt), Ihr Containerdienst Schramm - Recycling.url -> https://www.containerbestellung24.de/shop/06412_ihre_angaben.html InternetURL: C:\Users\Robbert\Favorites\Druckluftversorgung.url -> hxxp://www.arteka.de/druckluftversorgung-sandstrahlen.html InternetURL: C:\Users\Robbert\Favorites\Facebook.url -> https://m.facebook.com/?refsrc=http%3A%2F%2Fwww.facebook.com%2F&_rdr InternetURL: C:\Users\Robbert\Favorites\Frisch von Feld und Hof in Frankfurt am Main.url -> hxxp://www.frankfurt.de/sixcms/media.php/738/Direktvermarkter_bf_2011.pdf InternetURL: C:\Users\Robbert\Favorites\Kreative Betongestaltung.url -> hxxp://www.noeplast.com/start.asp?lang=de InternetURL: C:\Users\Robbert\Favorites\Kroatisch Übersetzer.url -> hxxp://webtranslation.paralink.com/translations.asp InternetURL: C:\Users\Robbert\Favorites\Laminat Musterbestelleung.url -> https://www.laminat-vertrieb.de/content?coID=9 InternetURL: C:\Users\Robbert\Favorites\Pressluftschläuche, gelb und glatt (Schlauchtechnik) - Strahltechnik bei arteka.de.url -> hxxp://www.arteka.de/Schlauchtechnik/Pressluftschlaeuche-gelb-und-glatt.html InternetURL: C:\Users\Robbert\Favorites\Sightseers.url -> hxxp://m.youtube.com/#/watch?v=L4fT3uiCaeA&desktop_uri=%2Fwatch%3Fv%3DL4fT3uiCaeA&gl=DE InternetURL: C:\Users\Robbert\Favorites\VGF Ebbelwei-Expreß - Fahrplan - Preise.url -> hxxp://ebbelwei-express.com/html/fahrplan_preise_p354.html InternetURL: C:\Users\Robbert\Favorites\Vozni red autobusa - Turistička zajednica mjesta Ugljan.url -> hxxp://www.ugljan.hr/index.php?option=com_content&view=article&id=146&Itemid=595&lang=hr InternetURL: C:\Users\Robbert\Favorites\Wie ist das Originalrezept von Laudanum- (Rezepte, medizin, biologie).url -> hxxp://www.gutefrage.net/frage/wie-ist-das-originalrezept-von-laudanum InternetURL: C:\Users\Robbert\Favorites\Zadar portal.url -> hxxp://www.zadarportal.com/ InternetURL: C:\Users\Robbert\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\Robbert\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 InternetURL: C:\Users\TEMP\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice InternetURL: C:\Users\TEMP\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315 ==================== End of log =============================  Wahnsinn wieviel zeusch |
|
05.09.2014, 20:07
| #7 |
| /// the machine /// TB-Ausbilder | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.09.2014, 20:14
| #8 |
| | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! Ok! Dann abber am besten vom internet getrennt dengisch 😉 Bis denne  |
|
06.09.2014, 13:55
| #9 |
| /// the machine /// TB-Ausbilder | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! nö
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.09.2014, 10:14
| #10 |
| | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! so dannema des ganse anner zeusch hier  Combofix Logfile: Code:
ATTFilter ComboFix 14-09-05.01 - Muddi 08.09.2014 11:55:14.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.2048.1145 [GMT 2:00]
ausgeführt von:: c:\users\Muddi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Outdated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Outdated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\WinPCap
c:\program files\WinPCap\install.log
c:\programdata\SPL16D0.tmp
c:\programdata\SPL22F4.tmp
c:\programdata\SPL2A76.tmp
c:\programdata\SPL44E0.tmp
c:\programdata\SPL5C9A.tmp
c:\programdata\SPL7013.tmp
c:\programdata\SPL8519.tmp
c:\programdata\SPL852A.tmp
c:\programdata\SPL8F5E.tmp
c:\programdata\SPLA67F.tmp
c:\programdata\SPLADB4.tmp
c:\programdata\SPLBE7D.tmp
c:\programdata\SPLD745.tmp
c:\programdata\SPLD7BB.tmp
c:\programdata\SPLD958.tmp
c:\programdata\SPLDA13.tmp
c:\programdata\SPLDF05.tmp
c:\programdata\SPLEAAE.tmp
c:\programdata\SPLECC1.tmp
c:\programdata\SPLF0C8.tmp
c:\programdata\SPLF656.tmp
c:\programdata\SPLF675.tmp
c:\programdata\SPLFB5B.tmp
c:\windows\ST6UNST.000
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\wininit.ini
H:\Autorun.inf
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-08-08 bis 2014-09-08 ))))))))))))))))))))))))))))))
.
.
2014-09-08 10:09 . 2014-09-08 10:09 -------- d-----w- c:\users\Gast\AppData\Local\temp
2014-09-08 10:09 . 2014-09-08 10:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-08 10:09 . 2014-09-08 10:09 -------- d-----w- c:\users\Celine\AppData\Local\temp
2014-09-08 10:09 . 2014-09-08 10:09 -------- d-----w- c:\users\Robbert\AppData\Local\temp
2014-08-29 16:13 . 2014-07-14 01:42 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-29 16:11 . 2014-08-07 01:43 412160 ----a-w- c:\windows\system32\aepdu.dll
2014-08-29 16:11 . 2014-08-07 01:39 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-08-29 15:55 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-29 15:55 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-29 15:55 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
2014-08-29 15:55 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-29 15:30 . 2014-08-29 15:30 -------- d-----w- c:\program files\Roadkil.Net
2014-08-29 15:29 . 2014-08-29 15:29 -------- d-----w- c:\users\Muddi\AppData\Roaming\Abelssoft
2014-08-29 15:29 . 2014-08-29 15:29 -------- d-----w- c:\programdata\XDMessagingv4
2014-08-29 15:29 . 2014-08-29 15:29 -------- d-----w- c:\users\Muddi\AppData\Local\Abelssoft
2014-08-29 15:29 . 2014-08-29 15:29 -------- d-----w- c:\program files\CHIP Updater
2014-08-29 15:29 . 2011-05-13 10:16 493056 ----a-w- c:\windows\system32\dhRichClient3.dll
2014-08-29 15:29 . 2011-03-25 18:42 338432 ----a-w- c:\windows\system32\sqlite36_engine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-05 13:21 . 2012-07-17 14:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-07-16 08:24 . 2013-10-30 02:42 36664 ----a-w- c:\windows\system32\TURegOpt.exe
2014-07-16 08:24 . 2014-07-26 10:53 25400 ----a-w- c:\windows\system32\authuitu.dll
2014-07-16 08:24 . 2014-07-26 10:53 36152 ----a-w- c:\windows\system32\uxtuneup.dll
2014-07-15 10:04 . 2013-05-02 11:20 35848 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-10 15:19 . 2012-12-04 14:54 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-10 15:19 . 2012-12-04 14:54 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-02 03:11 . 2014-08-05 13:36 8217224 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4D428D5C-57C6-42BD-8E98-5FEF3B7985D2}\mpengine.dll
2014-06-26 10:33 . 2012-12-04 02:30 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-18 01:51 . 2014-07-09 10:34 646144 ----a-w- c:\windows\system32\osk.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-08-05 751184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0ROBoot \??\c:\windows\system32\ASOROSet.bin
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
2010-05-17 14:14 148280 ----a-w- c:\program files\Lexmark Pro800-Pro900 Series\ezprint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark Pro800-Pro900 Series Fax Server]
2010-05-17 14:14 316072 ----a-w- c:\program files\Lexmark Pro800-Pro900 Series\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxecmon.exe]
2010-05-17 14:14 770728 ----a-w- c:\program files\Lexmark Pro800-Pro900 Series\lxecmon.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WSHelperSetup.exe"=c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"ShadowPlay"=c:\windows\system32\rundll32.exe c:\windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
"WSHelperSetup.exe"=c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
"Wondershare Helper Compact.exe"=c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
"Lexmark Pro800-Pro900 Series Fax Server"="c:\program files\Lexmark Pro800-Pro900 Series\fm3032.exe" /s
"EzPrint"="c:\program files\Lexmark Pro800-Pro900 Series\ezprint.exe"
"lxecmon.exe"="c:\program files\Lexmark Pro800-Pro900 Series\lxecmon.exe"
.
R2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe [2010-04-14 193192]
R3 gkmixern;gkmixern;c:\users\Muddi\AppData\Local\Temp\gkmixern.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-07-25 108032]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10.sys [2010-10-01 52096]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2013-08-06 18944]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2014-05-01 13464]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-13 1343400]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R4 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2012-08-02 154624]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-10 37352]
S2 AntiVirMailService;Avira Email-Schutz;c:\program files\Avira\AntiVir Desktop\avmailc7.exe [2014-08-05 804944]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-08-05 430160]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\avwebg7.exe [2014-08-05 1021520]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys [2014-07-15 35848]
S2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe [2010-04-14 598696]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-29 14657824]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [2014-07-16 1781048]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-10-30 34080]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [2013-09-18 12320]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
LPDService REG_MULTI_SZ LPDSVC
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-04 15:19]
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-21 23:11]
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-21 23:11]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = localhost:8080
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Muddi\AppData\Roaming\Mozilla\Firefox\Profiles\5jp1sb6h.default-1398477474415\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-3691020185-3350912418-1631763551-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-3691020185-3350912418-1631763551-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-3691020185-3350912418-1631763551-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3691020185-3350912418-1631763551-1000)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-3691020185-3350912418-1631763551-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-3691020185-3350912418-1631763551-1000)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3691020185-3350912418-1631763551-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-09-08 12:14:29
ComboFix-quarantined-files.txt 2014-09-08 10:14
.
Vor Suchlauf: 17 Verzeichnis(se), 18.855.690.240 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 19.878.031.360 Bytes frei
.
- - End Of File - - BEAC4EA66F3723AD7E70BCC4A9963BEB
A36C5E4F47E84449FF07ED3517B43A31 uhrzeit stimmt nich aber is wohl nich schlimm odder!??! "code tags" is nich des was ich wüsst was es is :/ |
|
08.09.2014, 19:11
| #11 |
| /// the machine /// TB-Ausbilder | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.09.2014, 19:41
| #12 |
| | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! Eieiei Das is ja was im argen  Fahr morsche in urlaub un komm de 22zischsde widder .. Dann gibtz frisches 😃 DANGE ERSMA UN GUUDE AUS FRANKFURT RB |
|
09.09.2014, 20:26
| #13 |
| /// the machine /// TB-Ausbilder | Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE! |
| 32bit, anforderungen, anleitung, cpu, durchführen, einiger, freue, gen, hilfe, hilft, home, home premium, höhere, infos, leitung, lüfter, lüfter läuft ständig, premium, problems, runterfahren, schritte, weniger |
WARNUNG an die MITLESER: 
Linear-Darstellung
