Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.12.2014, 16:45   #1
antimalware6
 
gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch - Standard

gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch



Hi
ich brauche eure Hilfe
Habe mir einen kleinen Laptop in Ebay ersteigert und manchmal macht er programme von alleine auf . Habe ihn auch schon über die Recouvery Partition zurückgesetzt aber es kommt manchmal immer wieder vor !
Nach einem Boot über eine linux cd fuhr er sich von selbst wieder runter und das externe laufwerk laß die Disk auch nicht richtig !
Habe auch noch kein Service Pack installiert , da ich ihn erst zurückgesetzt habe !
Also hier die logs :
Code:
ATTFilter
Users shortcut scan result (x86) Version: 07-12-2014 01
Ran by julian at 2014-12-08 17:44:25
Running from C:\Users\julian\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\LiveUpdate.lnk -> C:\Windows\Installer\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}\LiveUpdate.exe_159D431DD2094A75A6EE2B7624A40520.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk -> C:\Program Files\Adobe\Acrobat.com\Acrobat.com.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-A91000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk -> C:\Program Files\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk -> C:\Windows\Installer\{95120000-00AF-0407-0000-0000000FF1CE}\ppvwicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Call.lnk -> C:\Program Files\Windows Live\Messenger\wlcstart.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety.lnk -> C:\Windows\Installer\{994223F3-A99B-4DDD-9E1D-0190A17C6860}\fssicon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Fotogalerie.lnk -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mail.lnk -> C:\Program Files\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Messenger .lnk -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Help.lnk -> C:\Program Files\UltraISO\ultraiso.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Readme.lnk -> C:\Program Files\UltraISO\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Revision History.lnk -> C:\Program Files\UltraISO\History.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO.lnk -> C:\Program Files\UltraISO\UltraISO.exe (EZB Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\Uninstall UltraISO.lnk -> C:\Program Files\UltraISO\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security\Trend Micro Internet Security deinstallieren.lnk -> C:\Program Files\Trend Micro\Internet Security\Remove.exe (Trend Micro Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security\Trend Micro Internet Security Hilfe.lnk -> C:\Program Files\Trend Micro\Internet Security\tmmain.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security\Trend Micro Internet Security Readme.lnk -> C:\Program Files\Trend Micro\Internet Security\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security\Trend Micro Support Diagnose-Toolkit.lnk -> C:\Program Files\Trend Micro\Internet Security\TISTOOL.exe (Trend Micro Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Erste Schritte.lnk -> C:\Windows\Installer\{39D0E034-1042-4905-BECB-5502909FCB7C}\gtngstrtd.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works-Datenbank.lnk -> C:\Windows\Installer\{39D0E034-1042-4905-BECB-5502909FCB7C}\wksdb.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works-Kalender.lnk -> C:\Windows\Installer\{39D0E034-1042-4905-BECB-5502909FCB7C}\WksCal.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works-Portfolio.lnk -> C:\Windows\Installer\{39D0E034-1042-4905-BECB-5502909FCB7C}\WksSb.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works-Start.lnk -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works-Tabellenkalkulation.lnk -> C:\Windows\Installer\{39D0E034-1042-4905-BECB-5502909FCB7C}\wksss.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works-Textverarbeitung.lnk -> C:\Windows\Installer\{39D0E034-1042-4905-BECB-5502909FCB7C}\WksWP.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office - 60 Day Trial.lnk -> C:\Program Files\Microsoft Office Suite Activation Assistant\OAA.exe (Digital River Inc. )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager\Intel® Matrix Storage Console.lnk -> C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park\Game Park Console.lnk -> C:\Program Files\ASUS\Game Park\GameConsole\GameParkConsole.exe (Oberon Media)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park\Chicken Invaders 2\Chicken Invaders 2.lnk -> C:\Program Files\ASUS\Game Park\Chicken Invaders 2\Launch.exe (Oberon Media Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park\Chicken Invaders 2\Instructions.lnk -> C:\Program Files\ASUS\Game Park\Chicken Invaders 2\readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park\Chicken Invaders 2\Uninstall.lnk -> C:\Program Files\ASUS\Game Park\Chicken Invaders 2\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebi.BookReader3J\ebi.BookReader3J.lnk -> C:\Program Files\EBI\ebi.BookReader3J\ebi.BookReader3J.exe (eBOOK Initiative Japan Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebi.BookReader3J\SupportR3.lnk -> C:\Program Files\EBI\ebi.BookReader3J\SupportR3.exe (eBOOK Initiative Japan Co., Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Cam\E-Cam.lnk -> C:\Program Files\E-Cam\E-CAM.exe (AzureWave)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Cam\Uninstall E-Cam.lnk -> C:\Program Files\InstallShield Installation Information\{185AFA7A-F63E-450B-94AA-011CAC18090E}\Uninstall\setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boingo\Find a Hotspot.lnk -> C:\Windows\Installer\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}\BoingoIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boingo\Special Offer from Boingo.lnk -> C:\Program Files\Boingo\Boingo Wi-Fi\Special Offer from Boingo.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LocaleMe\LocaleMe.lnk -> C:\Program Files\ASUS\LocaleMe\LocaleMe.exe (ASUS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LiveUpdate\Readme.lnk -> C:\Windows\Installer\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}\Help.exe_93534D1C82624E1CB79EB496AFE18AB9.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\FontResizer\FontResizer.lnk -> C:\Program Files\ASUS\FontResizer\FontResizer.exe (ASUSTek.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.lnk -> C:\Program Files\EeePC\SHE\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Eee Splendid\Eee Splendid.lnk -> C:\Program Files\ASUS\EPC\EeeSplendid\EeeSplendid.exe (ASUSTeK Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Eee Docking\Eee Docking.lnk -> C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Eee Docking\Uninstall Eee Docking.lnk -> C:\Program Files\ASUS\Eee Docking\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSUpdate for Eee PC\ASUSUpdate.lnk -> C:\Program Files\ASUS\ASUSUpdate for Eee PC\Update.exe (ASUSTeK Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSUpdate for Eee PC\Uninstall ASUSUpdate.lnk -> C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS VIBE\ASUS VIBE.lnk -> C:\Program Files\ASUS\ASUS VIBE\ASUS VIBE.exe (.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS VIBE\Uninstall.lnk -> C:\Program Files\ASUS\ASUS VIBE\1.0.173\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{56181BAC-39C2-474C-A66F-47F6C8399DAE}\PlayTasks\0\Play.lnk -> C:\Program Files\ASUS\Game Park\Chicken Invaders 2\Launch.exe (Oberon Media Inc.)
Shortcut: C:\Users\Default\Links\Desktop.lnk -> C:\Users\julian\Desktop ()
Shortcut: C:\Users\Default\Links\Downloads.lnk -> C:\Users\julian\Downloads ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (3).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (3).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\Links\Desktop.lnk -> C:\Users\julian\Desktop ()
Shortcut: C:\Users\julian\Links\Downloads.lnk -> C:\Users\julian\Downloads ()
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (3).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (4).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (2).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (3).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer (4).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\CDBurnerXP.lnk -> C:\Program Files\CDBurnerXP\cdbxpp.exe (Canneverbe Limited)
Shortcut: C:\Users\Public\Desktop\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk -> C:\Program Files\Microsoft Office Suite Activation Assistant\OAA.exe (Digital River Inc. )
Shortcut: C:\Users\Public\Desktop\Microsoft Works.lnk -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\UltraISO.lnk -> C:\Program Files\UltraISO\UltraISO.exe (EZB Systems, Inc.)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security\Trend Micro Internet Security.lnk -> C:\Program Files\Trend Micro\Internet Security\UfNavi.exe (Trend Micro Inc.) -> /a UfMNavi.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boingo\Boingo Wi-Fi.lnk -> C:\Windows\Installer\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}\BoingoIco.exe () -> -about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\FontResizer\Uninstall FontResizer.lnk -> C:\Program Files\InstallShield Installation Information\{17780F99-A9DF-450B-81B3-6781B20A17A8}\setup.exe (ASUSTek                                                      ) -> -runfromtemp -removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Eee Splendid\Uninstall.lnk -> C:\Program Files\InstallShield Installation Information\{6333FC29-BFE5-4024-AC78-958A1A7555D1}\setup.exe (Acresso Software Inc.                                        ) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (2).lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (3).lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (2).lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (3).lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player (4).lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Public\Desktop\Trend Micro Internet Security.lnk -> C:\Program Files\Trend Micro\Internet Security\UfNavi.exe (Trend Micro Inc.) -> /a UfMNavi.ini


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Online Order.url -> hxxp://www.ezbsystems.com/ultraiso/order.htm
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Web Site.url -> hxxp://www.ezbsystems.com/index.php
InternetURL: C:\Users\Default\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Default\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Default\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Default\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Default\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Default\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Default\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Default\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Default\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Default\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Default\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Default\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Default\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Default\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Default\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Default\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Default\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\julian\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\julian\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\julian\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\julian\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\julian\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\julian\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\julian\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\julian\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\julian\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\julian\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\julian\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\julian\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\julian\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\julian\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\julian\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\julian\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\julian\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\julian\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\julian\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\julian\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\julian\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315

==================== End of log =============================
         



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2014 01
Ran by julian at 2014-12-08 17:41:30
Running from C:\Users\julian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Enabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Trend Micro Internet Security (Enabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Personal Firewall (Enabled) {70A91CD9-303D-A217-A80E-6DEE136EDB2B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.1.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
ASUS VIBE (HKLM\...\ASUS VIBE) (Version: 1.0.173 - Ecareme, Inc.)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.03.06 - ASUSTeK Computer Inc.)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Chicken Invaders 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
ebi.BookReader3J (HKLM\...\{2651A51A-4EA2-4DF6-9F0D-43DDA7D2D6B1}) (Version: 3.70.5 - eBOOK Initiative Japan Co., Ltd.)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.2.3 - )
Eee Docking 3.6.0 (HKLM\...\Eee Docking_is1) (Version: 3.6.0 - ASUSTek Computer Inc.)
EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.2.0008 - ASUS)
EeeSplendid (Version: 5.1.2.0008 - ASUS) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden
Game Park Console (HKLM\...\{BB5E5F87-E939-4974-A006-2B4A2F60EEA3}_is1) (Version: 5.2.1.4 - Oberon Media, Inc.)
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.15 - AsusTek Computer)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.1929 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.19 - Asus)
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Dutch/Nederlands (HKLM\...\OMUI.nl-nl) (Version: 12.0.4518.1017 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - French/Français (HKLM\...\OMUI.fr-fr) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM\...\OMUI.de-de) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Italian/Italiano (HKLM\...\OMUI.it-it) (Version: 12.0.4518.1018 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 4.1 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.1.179 - Skype Technologies S.A.)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.10 - AsusTek Computer)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (Version: 17.50 - Trend Micro Inc.) Hidden
UltraISO Premium V9.62 (HKLM\...\UltraISO_is1) (Version:  - )
Update for Office System 2007 Setup (KB929722) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}) (Version:  - )
Windows Driver Package - Broadcom Bluetooth  (07/17/2009 6.2.0.9403) (HKLM\...\B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE) (Version: 07/17/2009 6.2.0.9403 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

07-12-2014 18:31:15 Windows 7 Service Pack 1

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {EBAAC4DF-FA51-43FA-9464-D8FA2F1F3046} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\windows\SYSTEM32\OOBE\SETUPSQM.EXE [2009-07-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (whitelisted) =============

2010-01-06 22:47 - 2009-08-19 02:35 - 00219136 _____ () C:\Windows\System32\AsusService.exe
2010-01-06 23:49 - 2009-09-15 02:05 - 00044312 _____ () C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
2009-08-22 09:55 - 2009-08-22 09:55 - 00163288 _____ () C:\Program Files\Trend Micro\Internet Security\UfPack.dll
2009-08-22 14:18 - 2009-08-22 14:18 - 00632968 _____ () C:\Program Files\Trend Micro\Internet Security\sqlite3.dll
2010-01-06 23:16 - 2009-11-17 22:47 - 00414384 _____ () C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
2009-08-28 00:38 - 2009-08-28 00:38 - 00803304 _____ () C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
2009-08-28 00:45 - 2009-08-28 00:45 - 00120808 _____ () C:\Program Files\Asus\LiveUpdate\ClientSocket.dll
2009-08-28 01:29 - 2009-08-28 01:29 - 00182240 _____ () C:\Program Files\Asus\LiveUpdate\Parser.dll
2009-08-28 01:22 - 2009-08-28 01:22 - 00161768 _____ () C:\Program Files\Asus\LiveUpdate\Enumeration.dll
2010-01-06 23:30 - 2009-12-30 00:28 - 00104960 _____ () C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3918902909-2888908710-2172423000-500 - Administrator - Disabled)
Gast (S-1-5-21-3918902909-2888908710-2172423000-501 - Limited - Disabled)
julian (S-1-5-21-3918902909-2888908710-2172423000-1000 - Administrator - Enabled) => C:\Users\julian

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 07:13:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16385, Zeitstempel: 0x4a5bc69e
Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18, Zeitstempel: 0x4a613d79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001579a2
ID des fehlerhaften Prozesses: 0xa8c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (12/07/2014 02:04:42 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3976) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (12/07/2014 01:59:30 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9022a67f-58c9-4f5a-98ff-6db057b2e986}


System errors:
=============
Error: (12/08/2014 05:15:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (12/07/2014 09:23:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (12/07/2014 08:56:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (12/07/2014 08:20:22 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/07/2014 08:20:22 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/07/2014 08:20:10 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/07/2014 08:20:03 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (12/07/2014 08:19:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AsUpIO
discache
spldr
tmtdi
Wanarpv6

Error: (12/07/2014 08:19:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎12.‎2014 um 19:57:10 unerwartet heruntergefahren.

Error: (12/07/2014 07:01:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Oberon Media Game Console service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Atom(TM) CPU N450 @ 1.66GHz
Percentage of memory in use: 38%
Total physical RAM: 2038.18 MB
Available physical RAM: 1250.98 MB
Total Pagefile: 4076.36 MB
Available Pagefile: 3252.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:80 GB) (Free:58.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:59.03 GB) (Free:58.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 9F1192B6)
Partition 1: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=1B)
Partition 4: (Not Active) - (Size=17 MB) - (Type=EF)

==================== End Of Log ============================
         


Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2014 01
Ran by julian (administrator) on JULIAN-PC on 08-12-2014 17:38:35
Running from C:\Users\julian\Desktop
Loaded Profile: julian (Available profiles: julian)
Platform: Microsoft Windows 7 Starter  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Windows\System32\AsusService.exe
() C:\Program Files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
() C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
() C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
() C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
() C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
() C:\Program Files\ASUS\LiveUpdate\LiveUpdate.exe
(ASUS) C:\Windows\AsScrPro.exe
() C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\APRP\aprp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Toolbar\wltuser.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1021424 2009-10-17] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1024368 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [414384 2009-11-17] ()
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [803304 2009-08-28] ()
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3058304 2010-01-06] (ASUS)
HKLM\...\Run: [EeeSplendidAgent] => C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe [104960 2009-12-30] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM\...\Run: [Boingo Wi-Fi] => C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2014-12-07] ()
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-01-06] (ASUSTek Computer Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3918902909-2888908710-2172423000-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
HKU\S-1-5-21-3918902909-2888908710-2172423000-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKU\S-1-5-21-3918902909-2888908710-2172423000-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com
HKU\S-1-5-21-3918902909-2888908710-2172423000-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3918902909-2888908710-2172423000-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3918902909-2888908710-2172423000-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Skype add-on (mastermind) -> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3918902909-2888908710-2172423000-1000 -> &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusService; C:\Windows\System32\AsusService.exe [219136 2009-08-19] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-15] (Hewlett-Packard) [File not signed]
R2 OberonGameConsoleService; C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-15] (Hewlett-Packard) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [736040 2010-10-09] (Trend Micro Inc.)
R3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [345352 2009-08-22] (Trend Micro Inc.)
R3 TmPfw; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [497008 2009-08-22] (Trend Micro Inc.)
R3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [689416 2009-08-22] (Trend Micro Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11448 2009-07-06] ()
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82168 2013-11-21] (EZB Systems, Inc.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R3 tmactmon; C:\windows\System32\DRIVERS\tmactmon.sys [59472 2010-07-19] (Trend Micro Inc.)
R2 tmcomm; C:\windows\System32\DRIVERS\tmcomm.sys [163408 2010-07-19] (Trend Micro Inc.)
R3 tmevtmgr; C:\windows\System32\DRIVERS\tmevtmgr.sys [51792 2010-07-19] (Trend Micro Inc.)
R3 tmlwf; C:\windows\System32\DRIVERS\tmlwf.sys [146448 2009-08-22] (Trend Micro Inc.)
R2 tmpreflt; C:\windows\System32\DRIVERS\tmpreflt.sys [36624 2011-07-12] (Trend Micro Inc.)
R1 tmtdi; C:\windows\System32\DRIVERS\tmtdi.sys [89872 2009-08-22] (Trend Micro Inc.)
R3 tmwfp; C:\windows\System32\DRIVERS\tmwfp.sys [283152 2009-08-22] (Trend Micro Inc.)
R2 tmxpflt; C:\windows\System32\DRIVERS\tmxpflt.sys [262416 2011-07-12] (Trend Micro Inc.)
R2 vsapint; C:\windows\System32\DRIVERS\vsapint.sys [1405720 2011-07-12] (Trend Micro Inc.)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\DRIVERS\btwrchid.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-08 17:38 - 2014-12-08 17:40 - 00011087 _____ () C:\Users\julian\Desktop\FRST.txt
2014-12-08 17:35 - 2014-12-08 17:38 - 00000000 ____D () C:\FRST
2014-12-08 17:34 - 2014-12-08 17:34 - 01111040 _____ (Farbar) C:\Users\julian\Desktop\FRST.exe
2014-12-07 22:49 - 2014-12-08 17:25 - 00024576 _____ () C:\windows\WindowsUpdate.log
2014-12-07 22:49 - 2010-01-07 23:43 - 00000000 ____D () C:\Users\Default\AppData\Roaming\E-Cam
2014-12-07 22:49 - 2010-01-07 23:43 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\E-Cam
2014-12-07 22:49 - 2010-01-06 23:49 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Park
2014-12-07 22:49 - 2010-01-06 23:49 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Park
2014-12-07 22:49 - 2010-01-06 23:24 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2014-12-07 22:49 - 2010-01-06 23:24 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2014-12-07 22:49 - 2010-01-06 23:16 - 00067856 _____ () C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-07 22:49 - 2010-01-06 23:16 - 00067856 _____ () C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-07 22:49 - 2010-01-06 22:56 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-12-07 22:49 - 2010-01-06 22:56 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-12-07 22:49 - 2010-01-06 22:55 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-12-07 22:49 - 2010-01-06 22:55 - 00000000 ____D () C:\Users\Default\AppData\Local\Adobe
2014-12-07 22:49 - 2010-01-06 22:55 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-12-07 22:49 - 2010-01-06 22:55 - 00000000 ____D () C:\Users\Default User\AppData\Local\Adobe
2014-12-07 22:49 - 2010-01-06 22:53 - 00000000 ____D () C:\Users\Default\Documents\EBI
2014-12-07 22:49 - 2010-01-06 22:53 - 00000000 ____D () C:\Users\Default User\Documents\EBI
2014-12-07 22:49 - 2010-01-06 22:46 - 00000000 ____D () C:\Users\Default\Documents\Bluetooth Exchange Folder
2014-12-07 22:49 - 2010-01-06 22:46 - 00000000 ____D () C:\Users\Default\AppData\Local\Broadcom
2014-12-07 22:49 - 2010-01-06 22:46 - 00000000 ____D () C:\Users\Default User\Documents\Bluetooth Exchange Folder
2014-12-07 22:49 - 2010-01-06 22:46 - 00000000 ____D () C:\Users\Default User\AppData\Local\Broadcom
2014-12-07 22:49 - 2010-01-06 22:39 - 00000000 ____D () C:\Users\Default\AppData\Roaming\InstallShield
2014-12-07 22:49 - 2010-01-06 22:39 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\InstallShield
2014-12-07 22:45 - 2009-07-14 02:38 - 00383562 __RSH () C:\bootmgr
2014-12-07 21:49 - 2014-12-07 21:50 - 1412431872 _____ () C:\Users\julian\Desktop\linuxmint-17.1-cinnamon-32bit.iso
2014-12-07 20:45 - 2014-12-07 20:45 - 02949120 _____ () C:\Users\julian\Documents\drdos.img
2014-12-07 20:45 - 2014-12-07 20:45 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-12-07 20:42 - 2014-12-07 20:42 - 00001899 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-12-07 20:42 - 2014-12-07 20:42 - 00001849 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-12-07 20:42 - 2014-12-07 20:42 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Canneverbe Limited
2014-12-07 20:42 - 2014-12-07 20:42 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-12-07 20:32 - 2014-12-07 20:43 - 00000000 ____D () C:\Users\julian\Documents\1001PX-ASUS-1201
2014-12-07 20:31 - 2014-12-07 20:31 - 00419433 _____ () C:\Users\julian\Documents\1001PX-ASUS-1201.zip
2014-12-07 20:26 - 2014-12-07 20:26 - 00419433 _____ () C:\Users\julian\Downloads\1001PX-ASUS-1201.zip
2014-12-07 20:26 - 2014-12-07 20:26 - 00000000 ____D () C:\Users\julian\Downloads\1001PX-ASUS-1201
2014-12-07 20:24 - 2014-12-07 20:24 - 00000969 _____ () C:\Users\Public\Desktop\UltraISO.lnk
2014-12-07 20:24 - 2014-12-07 20:24 - 00000000 ____D () C:\Users\julian\Documents\My ISO Files
2014-12-07 20:24 - 2014-12-07 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
2014-12-07 20:24 - 2014-12-07 20:24 - 00000000 ____D () C:\Program Files\UltraISO
2014-12-07 20:24 - 2014-12-07 20:24 - 00000000 ____D () C:\Program Files\Common Files\EZB Systems
2014-12-07 19:29 - 2010-07-19 19:03 - 00059472 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmactmon.sys
2014-12-07 19:29 - 2010-07-19 19:03 - 00051792 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmevtmgr.sys
2014-12-07 19:29 - 2010-07-19 19:02 - 00163408 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmcomm.sys
2014-12-07 19:28 - 2014-12-07 19:28 - 00000000 ____D () C:\windows\system32\log
2014-12-07 19:28 - 2011-07-12 11:44 - 00262416 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmxpflt.sys
2014-12-07 19:28 - 2011-07-12 11:43 - 00036624 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmpreflt.sys
2014-12-07 19:28 - 2011-07-12 11:09 - 01405720 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\vsapint.sys
2014-12-07 19:26 - 2014-12-07 19:26 - 00000000 ____D () C:\windows\system32\EventProviders
2014-12-07 19:26 - 2014-12-07 19:26 - 00000000 ____D () C:\007ff52cf6e993380a
2014-12-07 19:24 - 2014-12-07 19:25 - 563934504 _____ (Microsoft Corporation) C:\Users\julian\Desktop\windows6.1-KB976932-x86.exe
2014-12-07 19:02 - 1999-03-06 13:38 - 00006144 _____ () C:\windows\system32\Drivers\ASUSHWIO.SYS
2014-12-07 14:09 - 2014-12-07 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2014-12-07 14:04 - 2014-12-07 14:04 - 00000000 ____D () C:\windows\ConfigSetRoot
2014-12-07 14:04 - 2014-12-07 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boingo
2014-12-07 14:04 - 2014-12-07 14:04 - 00000000 ____D () C:\ProgramData\GoBoingo
2014-12-07 14:04 - 2014-12-07 14:04 - 00000000 ____D () C:\Program Files\Boingo
2014-12-07 14:03 - 2014-12-07 14:03 - 00002569 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
2014-12-07 14:03 - 2014-12-07 14:03 - 00001147 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk
2014-12-07 14:03 - 2014-12-07 14:03 - 00001135 _____ () C:\Users\Public\Desktop\Microsoft Works.lnk
2014-12-07 14:03 - 2014-12-07 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2014-12-07 14:01 - 2014-12-07 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-12-07 14:01 - 2009-08-05 22:48 - 00054632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fssfltr.sys
2014-12-07 14:00 - 2014-12-07 14:00 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-12-07 14:00 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2014-12-07 13:59 - 2014-12-07 14:00 - 00029401 _____ () C:\windows\DirectX.log
2014-12-07 13:59 - 2014-12-07 13:59 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-12-07 13:58 - 2014-12-07 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-12-07 13:58 - 2014-12-07 14:01 - 00000000 ____D () C:\Program Files\Windows Live
2014-12-07 13:58 - 2014-12-07 13:58 - 00000000 ____D () C:\Program Files\Windows Live SkyDrive
2014-12-07 13:56 - 2014-12-07 13:56 - 00000071 _____ () C:\windows\oobe.log
2014-12-07 13:56 - 2014-12-07 13:56 - 00000000 ____D () C:\windows\WLlog
2014-12-07 13:56 - 2014-12-07 13:56 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
2014-12-07 13:54 - 2014-12-07 13:54 - 00000000 _SHDL () C:\Users\julian\Startmenü
2014-12-07 13:54 - 2014-12-07 13:54 - 00000000 _SHDL () C:\Users\julian\Netzwerkumgebung
2014-12-07 13:54 - 2014-12-07 13:54 - 00000000 _SHDL () C:\Users\julian\Druckumgebung
2014-12-07 13:54 - 2014-12-07 13:54 - 00000000 _SHDL () C:\Users\julian\Documents\Eigene Musik
2014-12-07 13:54 - 2014-12-07 13:54 - 00000000 _SHDL () C:\Users\julian\Documents\Eigene Bilder
2014-12-07 13:54 - 2014-12-07 13:54 - 00000000 _SHDL () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-12-07 13:54 - 2014-12-07 13:54 - 00000000 _SHDL () C:\Users\julian\AppData\Local\Verlauf
2014-12-07 13:54 - 2014-12-07 13:54 - 00000000 ____D () C:\Users\julian\AppData\Local\VirtualStore
2014-12-07 13:53 - 2014-12-07 20:45 - 00079136 _____ () C:\Users\julian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-07 13:53 - 2014-12-07 14:04 - 00001413 _____ () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-07 13:53 - 2014-12-07 13:54 - 00000000 ____D () C:\Users\julian
2014-12-07 13:53 - 2010-01-07 23:43 - 00000000 ____D () C:\Users\julian\AppData\Roaming\E-Cam
2014-12-07 13:53 - 2010-01-06 23:49 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Park
2014-12-07 13:53 - 2010-01-06 23:24 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Adobe
2014-12-07 13:53 - 2010-01-06 22:56 - 00000000 ____D () C:\Users\julian\AppData\Local\Microsoft Help
2014-12-07 13:53 - 2010-01-06 22:55 - 00000000 ____D () C:\Users\julian\AppData\Roaming\Macromedia
2014-12-07 13:53 - 2010-01-06 22:55 - 00000000 ____D () C:\Users\julian\AppData\Local\Adobe
2014-12-07 13:53 - 2010-01-06 22:53 - 00000000 ____D () C:\Users\julian\Documents\EBI
2014-12-07 13:53 - 2010-01-06 22:46 - 00000000 ____D () C:\Users\julian\Documents\Bluetooth Exchange Folder
2014-12-07 13:53 - 2010-01-06 22:39 - 00000000 ____D () C:\Users\julian\AppData\Roaming\InstallShield
2014-12-07 13:53 - 2009-07-14 05:53 - 00000020 ___SH () C:\Users\julian\ntuser.ini
2014-12-07 13:53 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-07 13:53 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-07 13:52 - 2014-12-07 13:52 - 00000000 __SHD () C:\Recovery

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-08 17:24 - 2009-07-14 05:39 - 00044035 _____ () C:\windows\setupact.log
2014-12-08 17:23 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-12-08 17:20 - 2009-07-26 02:49 - 00680010 _____ () C:\windows\system32\perfh010.dat
2014-12-08 17:20 - 2009-07-26 02:49 - 00124006 _____ () C:\windows\system32\perfc010.dat
2014-12-08 17:20 - 2009-07-26 02:39 - 00681356 _____ () C:\windows\system32\perfh013.dat
2014-12-08 17:20 - 2009-07-26 02:39 - 00129608 _____ () C:\windows\system32\perfc013.dat
2014-12-08 17:20 - 2009-07-25 08:50 - 03894956 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-08 17:15 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-07 22:49 - 2009-07-25 08:27 - 00005767 _____ () C:\windows\TSSysprep.log
2014-12-07 22:49 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-12-07 22:46 - 2009-07-14 05:34 - 00003806 _____ () C:\windows\DtcInstall.log
2014-12-07 22:45 - 2009-07-14 05:57 - 00029696 ___SH () C:\windows\system32\config\BCD-Template.LOG
2014-12-07 22:45 - 2009-07-14 05:52 - 00032768 _____ () C:\windows\system32\config\BCD-Template
2014-12-07 21:51 - 2009-07-14 05:34 - 00010000 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 21:51 - 2009-07-14 05:34 - 00010000 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 19:14 - 2010-01-06 22:48 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-12-07 14:09 - 2010-01-06 22:49 - 00001936 _____ () C:\Users\Public\Desktop\Trend Micro Internet Security.lnk
2014-12-07 14:09 - 2010-01-06 22:47 - 00000000 ____D () C:\Program Files\Trend Micro
2014-12-07 14:07 - 2009-07-14 05:33 - 00333144 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-07 14:03 - 2010-01-06 22:58 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-12-07 14:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-07 13:59 - 2009-07-14 05:52 - 00000000 ____D () C:\windows\system32\restore
2014-12-07 13:52 - 2009-07-25 09:25 - 00000000 ____D () C:\windows\panther

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2009-07-25 08:27

==================== End Of Log ============================
         
Danke im vorraus!

Alt 08.12.2014, 17:00   #2
schrauber
/// the machine
/// TB-Ausbilder
 

gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch - Standard

gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch



Hi,

geht die Fehlerbeschreibung etwas genauer? Was für Programme?Wann? Wenn Du was vorher machst?
__________________

__________________

Alt 08.12.2014, 17:21   #3
antimalware6
 
gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch - Standard

gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch



Es ist eigentlich egal was ich mache .
Letzens ging vor meinen Augen die Systemsteuerung auf obwohl ich garnichts getan habe .
Dann ging letztens als ich abwesend war der Internet Explorer auf . Aber mir ist es einfach unerklärlich , warum er sich über eine linux live cd nach dem boot wieder heruntergefahren hat . Hoffe du kannst mir mit diesem Problem helfen

MFG und Guten Abend
__________________

Alt 09.12.2014, 11:00   #4
schrauber
/// the machine
/// TB-Ausbilder
 

gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch - Standard

gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch



Zitat:
warum er sich über eine linux live cd nach dem boot wieder heruntergefahren hat
Das kann viele Gründe haben. Treiber, Hardware, sonst was.

Wenn sich irgendwas öffnet am rechner, geht es dann auch weiter?

Ergo öffnet sich nur Systemsteuerung, oder der Browser, aber sonst nix? Oder wird nach Öffnen des Browsers auch noch ne Seite angesteuert?


Klemm mal ein externes Keyboard an und teste.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch
adobe, adware, computer, cpu, defender, device driver, dll, ebay, eeepc, excel, firewall, flash player, iexplore.exe, initiative, install.exe, installation, internet, performance, rundll, scan, security, server, services.exe, software, super, svchost.exe, system, windows, winlogon.exe



Ähnliche Themen: gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch


  1. Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch
    Log-Analyse und Auswertung - 22.09.2015 (22)
  2. Laptop fährt nicht mehr herunter und führt sich selbst wieder aus
    Alles rund um Windows - 16.03.2015 (43)
  3. Atomkraftwerke: Südkorea führt Übungen zur Hacker-Abwehr durch
    Nachrichten - 22.12.2014 (0)
  4. PC nach Multiuser immernoch verunreinigt? / vorher battlefield 3 PC
    Plagegeister aller Art und deren Bekämpfung - 21.12.2014 (1)
  5. Windows 8.1: Maleware nach formatieren immernoch vorhanden
    Log-Analyse und Auswertung - 07.07.2014 (11)
  6. Laptop lahm, hängt oft, führt Sachen nicht aus oder fährt runter (Windows XP)
    Log-Analyse und Auswertung - 22.11.2013 (21)
  7. Immernoch Probleme nach Entfernung von GVU Trojaner....!
    Plagegeister aller Art und deren Bekämpfung - 13.09.2013 (17)
  8. Rechner führt häufig automatischen Neustart durch
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (33)
  9. Grafikkartentreiber nach stundenlangen Suchen immernoch unbekannt
    Alles rund um Windows - 31.08.2012 (3)
  10. Brüssel führt Umfrage zur Internetsicherheit durch
    Nachrichten - 23.07.2012 (0)
  11. Nach 5 Stunden immernoch nicht clean...
    Log-Analyse und Auswertung - 21.05.2011 (1)
  12. HijackThis: Dateien nach fixen immernoch vorhanden
    Log-Analyse und Auswertung - 20.05.2010 (1)
  13. Virus nach Neuinstallation von Win XP immernoch da
    Plagegeister aller Art und deren Bekämpfung - 17.12.2009 (4)
  14. Virus nach formatieren immernoch da?
    Log-Analyse und Auswertung - 29.05.2009 (2)
  15. PC führt selbständig neustarts durch
    Alles rund um Windows - 05.10.2008 (1)
  16. Brauche dringend Hilfe - Pc führt ständig einen Neustart durch
    Plagegeister aller Art und deren Bekämpfung - 26.07.2008 (10)
  17. PC führt Neustart durch
    Plagegeister aller Art und deren Bekämpfung - 04.06.2005 (2)

Zum Thema gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch - Hi ich brauche eure Hilfe Habe mir einen kleinen Laptop in Ebay ersteigert und manchmal macht er programme von alleine auf . Habe ihn auch schon über die Recouvery Partition - gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch...
Archiv
Du betrachtest: gebrauchter Laptop führt nach zuruecksetzen immernoch eigenhändig Sachen durch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.