Feinschnitt | 04.01.2014 07:32 | FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2014 01
Ran by Jerome (administrator) on JEROME-NOTEBOOK on 02-01-2014 10:27:14
Running from C:\Users\Jerome\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avatron Software) C:\Program Files\Avatron\Air Display\AVTHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sonix) C:\Windows\vsnp2std.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Stoic Joker's Network) C:\Users\Jerome\Portable\T-Clock 2010 (build X - Release to DC)\T-Clock 2010 (build X - Release to DC)\x64\Clock.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271168 2012-03-26] (Microsoft Corporation)
HKLM\...\Run: [snp2std] - C:\Windows\vsnp2std.exe [675840 2006-09-15] (Sonix)
HKLM\...\Run: [Seagate Scheduler2 Service] - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [395152 2011-06-30] (Seagate)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [ClipboardMaster] - C:\Program Files (x86)\Jumping Bytes\Clipboard Master\ClipboardMaster.exe [2414272 2013-10-23] (Jumping Bytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKCU\...\Run: [Google Update] - C:\Users\Jerome\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-20] (Google Inc.)
MountPoints2: {b9a16a4a-1513-11e3-b17d-00269e432a45} - F:\AutoRun.exe
MountPoints2: {b9a16a5a-1513-11e3-b17d-00269e432a45} - F:\AutoRun.exe
Startup: C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stoic Joker's T-Clock 2010 x64.lnk
ShortcutTarget: Stoic Joker's T-Clock 2010 x64.lnk -> C:\Users\Jerome\Portable\T-Clock 2010 (build X - Release to DC)\T-Clock 2010 (build X - Release to DC)\x64\Clock.exe (Stoic Joker's Network)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
BootExecute: autocheck autochk * OODBSsdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.daum.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=extensa_5235&r=273601109306l03f3z115i47l5v317
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=extensa_5235&r=273601109306l03f3z115i47l5v317
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=extensa_5235&r=273601109306l03f3z115i47l5v317
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=extensa_5235&r=273601109306l03f3z115i47l5v317
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=extensa_5235&r=273601109306l03f3z115i47l5v317
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: GreatArcadeHits Add-on - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Users\Jerome\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll (GreatArcadeHits)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Jerome\AppData\Roaming\Mozilla\Firefox\Profiles\055hewcu.Minefield 64bit
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.myWebFace_2u.com/Plugin - C:\Program Files (x86)\myWebFace_2uEI\Installr\1.bin\NP2uEISB.dll (myWebFace)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/Photosynth,version=2.0 - C:\Program Files (x86)\Photosynth\npPhotosynthMozilla.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.633 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.633 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.633 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.633 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jerome\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jerome\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jerome\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{8ae13065-ef0a-4969-9fc6-1daeefbcc2b8}] - C:\Program Files (x86)\Jumping Bytes\Clipboard Master\Addons\FF\
FF Extension: Clipboard Master Add On - C:\Program Files (x86)\Jumping Bytes\Clipboard Master\Addons\FF\
FF HKCU\...\Firefox\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\Jerome\AppData\Local\GreatArcadeHits\gahff.xpi
FF Extension: GreatArcadeHits Add-on - C:\Users\Jerome\AppData\Local\GreatArcadeHits\gahff.xpi
FF Extension: GreatArcadeHits Add-on - C:\Users\Jerome\AppData\Local\GreatArcadeHits\gahff.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Jerome\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jerome\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Jerome\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (MetaProducts NPAPI plugin) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkijdmeepjhpenmighhaodgfoogncnlk\1.1.1_0\plugin/mpoe.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Photosynth\npPhotosynthMozilla.dll ()
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (myWebFace Installer Plugin Stub) - C:\Program Files (x86)\myWebFace_2uEI\Installr\1.bin\NP2uEISB.dll (myWebFace)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Clipboard Master) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjmkobmoajifikbeghaaeofijaimggh\2.7_0
CHR Extension: (YouTube) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Facebook Colour Changer) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpllmoilcakpgbeodibeifcfnndoheam\1.3.1_0
CHR Extension: (Adblock Plus) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Webpage Screenshot Capture) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\13.1_0
CHR Extension: (LoopDaLoop) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhambhgmoihmhbfjmmaciggnfcfkflo\0.2.1_0
CHR Extension: (Google Search) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (iCloud Bookmarks) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.0.24_0
CHR Extension: (bitly | \u2665 your bitmarks) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.89_0
CHR Extension: (Silver Bird Plus (Twitter Client)) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\kagejfgngcmkbaacpmcnbpkhmhoeccee\2.0.0.5_0
CHR Extension: (3Dnator) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgjpfdjhlimkkdgnecbgnefdafbcncc\2.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (MetaProducts Offline Explorer integration) - C:\Users\Jerome\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkijdmeepjhpenmighhaodgfoogncnlk\1.3.1_0
CHR HKLM-x32\...\Chrome\Extension: [agjmkobmoajifikbeghaaeofijaimggh] - C:\Program Files (x86)\Jumping Bytes\Clipboard Master\Addons\CR\ClipboardMaster.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [pkijdmeepjhpenmighhaodgfoogncnlk] - C:\Program Files (x86)\Offline Explorer Enterprise\mpoe.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Jerome\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S4 ABBYY.Licensing.FineReader.Corporate.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [814344 2009-12-19] (ABBYY)
R2 AVTHelper; C:\Program Files\Avatron\Air Display\AVTHelper.exe [216000 2012-09-24] (Avatron Software)
S4 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [850432 2009-02-27] ()
S4 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [191488 2009-02-27] ()
S4 BsMobileCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [143467 2009-02-27] ()
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-05-13] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-05-13] (BlueStack Systems, Inc.)
S4 Cepstral License Server; C:\Program Files (x86)\Cepstral\bin\CepstralLicSrv.exe [57344 2008-06-24] (Cepstral, LLC)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MCSWASVR; C:\Program Files\Telekom\Mediencenter\WebDAV.AdminService.exe [16016 2010-07-09] (Deutsche Telekom AG)
S4 Mobiola Wave Service; C:\Program Files (x86)\Common Files\SHAPE Services\Mobiola Wave Service\MobiolaWaveService.exe [125088 2011-02-16] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [12600 2012-03-26] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
S4 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [9728 2010-11-04] (Deutsche Telekom AG)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [291696 2012-03-26] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S4 ScrybeUpdater; C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S4 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4774208 2013-03-04] (RealVNC Ltd)
S4 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [x]
==================== Drivers (Whitelisted) ====================
S1 acedrv05; C:\Windows\system32\drivers\acedrv05.sys [136192 2010-09-06] ()
R3 AirDisplay; C:\Windows\System32\DRIVERS\AVVideoCard.sys [15808 2012-09-24] (Windows (R) Win 7 DDK provider)
R3 AirDisplayMirror; C:\Windows\System32\DRIVERS\AVVideoCardMirror.sys [15808 2012-09-24] (Windows (R) Win 7 DDK provider)
S3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [36872 2008-11-25] (IVT Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-05-13] (BlueStack Systems)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47880 2009-01-03] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24840 2009-01-07] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [35848 2008-12-07] ()
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [318152 2010-05-15] (EldoS Corporation)
S3 cpuz132; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz64.sys [19432 2009-03-07] (Windows (R) Codename Longhorn DDK provider)
S3 DxkgFilter; C:\Program Files (x86)\iDisplay\idisplay.sys [55720 2012-08-31] ()
R3 iDispService; C:\Windows\System32\DRIVERS\idisplayminiport.sys [14248 2012-08-31] (SHAPE Services)
S3 int15.sys; C:\Windows\System32\OEM\Factory\int15.sys [17952 2008-03-28] (Acer, Inc.)
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [31624 2008-07-02] (IVT Corporation.)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [42944 2010-11-06] (hxxp://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [52832 2013-01-24] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-22] (RapidSolution Software AG)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [29480 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [34336 2007-08-08] (RapidSolution Software AG)
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [12342656 2007-04-27] ()
S3 SNP2STD; C:\Windows\SysWow64\DRIVERS\snp2sxp.sys [12039552 2007-04-27] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-06-11] ()
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106408 2012-12-19] (Oracle Corporation)
S3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [17032 2008-01-21] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [42888 2009-01-08] (IVT Corporation.)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-02-01] (Acronis)
U3 a61gg1s8; C:\Windows\System32\Drivers\a61gg1s8.sys [0 ] (Microsoft Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [36360 2008-11-25] (IVT Corporation.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [36360 2008-11-25] (IVT Corporation.)
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2013-09-06] (Seiko Epson Corporation)
S3 USBCCID; system32\DRIVERS\usbccid.sys [x]
S3 xpvcom; System32\Drivers\xpvcom.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-02 10:27 - 2014-01-02 10:29 - 00029813 _____ C:\Users\Jerome\Desktop\FRST.txt
2014-01-02 10:27 - 2014-01-02 10:27 - 00000000 ____D C:\FRST
2014-01-02 10:26 - 2014-01-02 10:26 - 01931426 _____ (Farbar) C:\Users\Jerome\Desktop\FRST64.exe
2014-01-02 09:57 - 2014-01-02 10:03 - 22212754 _____ C:\Users\Jerome\Desktop\Cardiograph_Heart_Rate_Pulse_Measurement_using_your_iPhone_iPad_Camera_Track_the_Cardio_Fitness_of_your_Friends_and_Family__MacroPinch_Ltd.___v2.5.4_Univ_Shift_LP_os43_-Widow.rc302.ipa
2014-01-02 09:32 - 2014-01-02 09:32 - 00002306 _____ C:\Users\Jerome\Desktop\iTunes.txt
2014-01-02 08:39 - 2014-01-02 08:39 - 01902579 _____ C:\Users\Jerome\Desktop\cpu-z-164.zip
2014-01-02 07:31 - 2011-08-16 15:09 - 00000000 ____D C:\Users\Jerome\Desktop\MozBackup-1.5.1
2014-01-02 06:41 - 2014-01-02 06:41 - 00001750 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-02 06:39 - 2014-01-02 06:40 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-02 06:39 - 2014-01-02 06:40 - 00000000 ____D C:\Program Files\iTunes
2014-01-02 06:39 - 2014-01-02 06:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-02 06:39 - 2014-01-02 06:39 - 00000000 ____D C:\Program Files\iPod
2014-01-01 11:46 - 2014-01-01 11:46 - 00000000 _____ C:\Users\Jerome\Downloads\W7Ux64.Dez13-TRI.part23.rar.part
2014-01-01 08:05 - 2014-01-01 08:32 - 00000000 ____D C:\Users\Jerome\Downloads\Phase 10 (v1 7 LP os50) ipa
2014-01-01 03:49 - 2014-01-01 11:19 - 00000000 ____D C:\Users\Jerome\Downloads\W7Ux64 Dez13-TRI rar html
2014-01-01 00:56 - 2014-01-01 00:56 - 00001109 _____ C:\Users\Jerome\Desktop\EVEREST Home Edition.lnk
2014-01-01 00:56 - 2014-01-01 00:56 - 00001079 _____ C:\Users\Jerome\Desktop\PC Wizard 2010.lnk
2013-12-31 19:45 - 2013-12-31 19:51 - 00024907 _____ C:\Users\Jerome\AppData\Local\HWVendorDetection.log
2013-12-31 19:45 - 2013-12-31 19:45 - 02240512 _____ (Acer Inc.) C:\Users\Jerome\Desktop\HWVendorDetection.exe
2013-12-31 19:08 - 2014-01-02 08:15 - 00000000 ____D C:\Users\Jerome\Desktop\GPU-Z.0.7.5
2013-12-31 19:08 - 2014-01-02 08:10 - 00000000 ____D C:\Users\Jerome\Desktop\cpuz_x64 1.67.1
2013-12-31 19:08 - 2013-12-31 19:52 - 00000000 ____D C:\Users\Jerome\Desktop\TREIBER
2013-12-31 19:08 - 2013-12-31 19:08 - 00000000 ____D C:\Users\Jerome\Desktop\Neuer Ordner - Kopie
2013-12-31 18:48 - 2013-12-31 20:20 - 00001434 _____ C:\Users\Jerome\Desktop\TODO.txt
2013-12-31 18:44 - 2013-12-31 18:44 - 00000911 _____ C:\Users\Jerome\Desktop\FreeFileSync.lnk
2013-12-31 18:44 - 2013-12-31 18:44 - 00000000 ____D C:\Users\Jerome\Downloads\online detail png
2013-12-31 18:41 - 2013-12-31 18:41 - 00001832 _____ C:\Users\Jerome\Desktop\ImgBurn.lnk
2013-12-31 18:35 - 2013-12-31 18:35 - 00000000 ____D C:\Users\Jerome\AppData\Roaming\T-Mobile Internet Manager
2013-12-31 18:26 - 2014-01-01 10:40 - 00000000 ____D C:\Users\Jerome\Downloads\W7Ux64 Dez13-TRI
2013-12-31 18:11 - 2013-12-31 18:11 - 00002492 _____ C:\Users\Jerome\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-12-31 18:11 - 2013-12-31 18:11 - 00000000 ____D C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2013-12-31 18:11 - 2013-12-31 18:11 - 00000000 ____D C:\Users\Jerome\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-12-31 18:06 - 2013-12-31 18:06 - 02721168 _____ (Microsoft Corporation) C:\Users\Jerome\Desktop\Windows7-USB-DVD1024-tool.exe
2013-12-31 18:06 - 2013-12-31 18:06 - 02721168 _____ (Microsoft Corporation) C:\Users\Jerome\Desktop\Windows7-USB-DVD1024-tool(1).exe
2013-12-31 17:34 - 2013-12-31 17:34 - 00000000 ____D C:\Users\NEU\AppData\Roaming\Adobe
2013-12-31 17:20 - 2013-12-31 17:20 - 00000000 ____D C:\Users\NEU\AppData\Roaming\Jumping Bytes
2013-12-31 17:20 - 2013-12-31 17:20 - 00000000 ____D C:\Users\NEU\AppData\Local\Wondershare
2013-12-31 17:19 - 2013-12-31 17:19 - 00190576 _____ C:\Users\NEU\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-31 17:19 - 2013-12-31 17:19 - 00000000 ____D C:\Users\NEU\AppData\Roaming\Apple Computer
2013-12-31 17:19 - 2013-12-31 17:19 - 00000000 ____D C:\Users\NEU\AppData\Local\Apple Computer
2013-12-31 17:17 - 2013-12-31 17:17 - 00001412 _____ C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-12-31 17:16 - 2013-12-31 17:17 - 00001406 _____ C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-31 17:16 - 2013-12-31 17:17 - 00000000 ___RD C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-31 17:16 - 2013-12-31 17:17 - 00000000 ___RD C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-31 17:13 - 2013-12-31 17:16 - 00000000 ____D C:\Users\NEU
2013-12-31 17:13 - 2013-12-31 17:13 - 00000020 ___SH C:\Users\NEU\ntuser.ini
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Vorlagen
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Startmenü
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Netzwerkumgebung
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Lokale Einstellungen
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Eigene Dateien
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Druckumgebung
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Documents\Eigene Musik
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Documents\Eigene Bilder
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\AppData\Local\Verlauf
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\AppData\Local\Anwendungsdaten
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Anwendungsdaten
2013-12-31 17:13 - 2010-12-25 01:03 - 00000000 ____D C:\Users\NEU\AppData\Roaming\Macromedia
2013-12-31 17:13 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-31 17:13 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-31 17:00 - 2014-01-02 10:09 - 00000224 _____ C:\Windows\setupact.log
2013-12-31 17:00 - 2013-12-31 17:00 - 00000000 _____ C:\Windows\setuperr.log
2013-12-31 12:47 - 2013-12-31 12:47 - 08699272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-21 22:55 - 2013-12-21 22:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-09 19:24 - 2013-12-10 20:18 - 00000100 _____ C:\Windows\ParrotFlashWiz.INI
2013-12-09 18:48 - 2013-12-10 20:17 - 00000000 ____D C:\Program Files (x86)\Parrot Software Update Tool
2013-12-05 22:05 - 2013-12-05 22:05 - 00000000 ____D C:\Users\Jerome\dwhelper
2013-12-03 06:22 - 2013-12-03 07:06 - 00000000 ____D C:\Users\Jerome\Downloads\Threema (v1 7 2 v937 os50)-hamschti ipa
==================== One Month Modified Files and Folders =======
2014-01-02 10:32 - 2011-01-24 22:51 - 00000000 ____D C:\Users\Jerome\AppData\Roaming\vlc
2014-01-02 10:29 - 2014-01-02 10:27 - 00029813 _____ C:\Users\Jerome\Desktop\FRST.txt
2014-01-02 10:27 - 2014-01-02 10:27 - 00000000 ____D C:\FRST
2014-01-02 10:26 - 2014-01-02 10:26 - 01931426 _____ (Farbar) C:\Users\Jerome\Desktop\FRST64.exe
2014-01-02 10:21 - 2011-06-08 16:31 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2486777943-296773835-1515299602-1005UA.job
2014-01-02 10:17 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-02 10:17 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-02 10:14 - 2009-09-24 19:35 - 01196410 _____ C:\Windows\WindowsUpdate.log
2014-01-02 10:12 - 2011-03-25 19:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-02 10:09 - 2013-12-31 17:00 - 00000224 _____ C:\Windows\setupact.log
2014-01-02 10:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-02 09:59 - 2011-03-25 19:59 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-02 09:45 - 2013-02-01 18:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-02 09:32 - 2014-01-02 09:32 - 00002306 _____ C:\Users\Jerome\Desktop\iTunes.txt
2014-01-02 09:08 - 2013-10-03 10:04 - 00000276 _____ C:\Windows\Tasks\GreatArcadeHits.job
2014-01-02 08:39 - 2014-01-02 08:39 - 01902579 _____ C:\Users\Jerome\Desktop\cpu-z-164.zip
2014-01-02 08:17 - 2013-09-07 14:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2014-01-02 08:15 - 2013-12-31 19:08 - 00000000 ____D C:\Users\Jerome\Desktop\GPU-Z.0.7.5
2014-01-02 08:10 - 2013-12-31 19:08 - 00000000 ____D C:\Users\Jerome\Desktop\cpuz_x64 1.67.1
2014-01-02 07:57 - 2012-06-15 09:43 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2486777943-296773835-1515299602-1005UA.job
2014-01-02 07:57 - 2012-06-15 09:43 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2486777943-296773835-1515299602-1005Core.job
2014-01-02 07:16 - 2013-01-22 06:55 - 00000000 ____D C:\Users\Jerome\AppData\Local\A7CE3522-660B-466E-845A-824037B67E16.aplzod
2014-01-02 06:48 - 2011-06-24 07:30 - 00000000 ____D C:\Users\Jerome\AppData\Roaming\NetSpeedMonitor
2014-01-02 06:41 - 2014-01-02 06:41 - 00001750 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-02 06:40 - 2014-01-02 06:39 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-02 06:40 - 2014-01-02 06:39 - 00000000 ____D C:\Program Files\iTunes
2014-01-02 06:40 - 2014-01-02 06:39 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-02 06:39 - 2014-01-02 06:39 - 00000000 ____D C:\Program Files\iPod
2014-01-02 06:13 - 2013-01-22 00:07 - 00000000 ____D C:\Users\Jerome\AppData\Local\CrashDumps
2014-01-02 01:21 - 2011-06-08 16:31 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2486777943-296773835-1515299602-1005Core.job
2014-01-01 12:07 - 2010-02-11 21:08 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9492FEAE-3E7C-4DEC-8DC0-50649D66B5EF}
2014-01-01 11:46 - 2014-01-01 11:46 - 00000000 _____ C:\Users\Jerome\Downloads\W7Ux64.Dez13-TRI.part23.rar.part
2014-01-01 01:38 - 2013-11-05 02:52 - 00000000 ____D C:\Users\Jerome\Desktop\ABLAGE 2013.11.05
2014-01-01 01:01 - 2010-11-05 19:37 - 00000000 ___RD C:\Users\Jerome\Eigene Musik NEW
2014-01-01 00:56 - 2014-01-01 00:56 - 00001109 _____ C:\Users\Jerome\Desktop\EVEREST Home Edition.lnk
2014-01-01 00:56 - 2014-01-01 00:56 - 00001079 _____ C:\Users\Jerome\Desktop\PC Wizard 2010.lnk
2014-01-01 00:45 - 2010-04-14 09:12 - 51722752 ___SH C:\Users\Jerome\Desktop\Thumbs.db
2014-01-01 00:36 - 2013-02-01 13:38 - 00000000 ____D C:\Users\Jerome\.VirtualBox
2013-12-31 20:20 - 2013-12-31 18:48 - 00001434 _____ C:\Users\Jerome\Desktop\TODO.txt
2013-12-31 19:52 - 2013-12-31 19:08 - 00000000 ____D C:\Users\Jerome\Desktop\TREIBER
2013-12-31 19:51 - 2013-12-31 19:45 - 00024907 _____ C:\Users\Jerome\AppData\Local\HWVendorDetection.log
2013-12-31 19:45 - 2013-12-31 19:45 - 02240512 _____ (Acer Inc.) C:\Users\Jerome\Desktop\HWVendorDetection.exe
2013-12-31 19:08 - 2013-12-31 19:08 - 00000000 ____D C:\Users\Jerome\Desktop\Neuer Ordner - Kopie
2013-12-31 18:44 - 2013-12-31 18:44 - 00000911 _____ C:\Users\Jerome\Desktop\FreeFileSync.lnk
2013-12-31 18:44 - 2013-12-31 18:44 - 00000000 ____D C:\Users\Jerome\Downloads\online detail png
2013-12-31 18:41 - 2013-12-31 18:41 - 00001832 _____ C:\Users\Jerome\Desktop\ImgBurn.lnk
2013-12-31 18:35 - 2013-12-31 18:35 - 00000000 ____D C:\Users\Jerome\AppData\Roaming\T-Mobile Internet Manager
2013-12-31 18:11 - 2013-12-31 18:11 - 00002492 _____ C:\Users\Jerome\Desktop\Windows 7 USB DVD Download Tool.lnk
2013-12-31 18:11 - 2013-12-31 18:11 - 00000000 ____D C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2013-12-31 18:11 - 2013-12-31 18:11 - 00000000 ____D C:\Users\Jerome\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-12-31 18:06 - 2013-12-31 18:06 - 02721168 _____ (Microsoft Corporation) C:\Users\Jerome\Desktop\Windows7-USB-DVD1024-tool.exe
2013-12-31 18:06 - 2013-12-31 18:06 - 02721168 _____ (Microsoft Corporation) C:\Users\Jerome\Desktop\Windows7-USB-DVD1024-tool(1).exe
2013-12-31 17:34 - 2013-12-31 17:34 - 00000000 ____D C:\Users\NEU\AppData\Roaming\Adobe
2013-12-31 17:20 - 2013-12-31 17:20 - 00000000 ____D C:\Users\NEU\AppData\Roaming\Jumping Bytes
2013-12-31 17:20 - 2013-12-31 17:20 - 00000000 ____D C:\Users\NEU\AppData\Local\Wondershare
2013-12-31 17:19 - 2013-12-31 17:19 - 00190576 _____ C:\Users\NEU\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-31 17:19 - 2013-12-31 17:19 - 00000000 ____D C:\Users\NEU\AppData\Roaming\Apple Computer
2013-12-31 17:19 - 2013-12-31 17:19 - 00000000 ____D C:\Users\NEU\AppData\Local\Apple Computer
2013-12-31 17:17 - 2013-12-31 17:17 - 00001412 _____ C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-12-31 17:17 - 2013-12-31 17:16 - 00001406 _____ C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-31 17:17 - 2013-12-31 17:16 - 00000000 ___RD C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-31 17:17 - 2013-12-31 17:16 - 00000000 ___RD C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-31 17:16 - 2013-12-31 17:13 - 00000000 ____D C:\Users\NEU
2013-12-31 17:13 - 2013-12-31 17:13 - 00000020 ___SH C:\Users\NEU\ntuser.ini
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Vorlagen
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Startmenü
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Netzwerkumgebung
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Lokale Einstellungen
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Eigene Dateien
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Druckumgebung
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Documents\Eigene Musik
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Documents\Eigene Bilder
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\AppData\Local\Verlauf
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\AppData\Local\Anwendungsdaten
2013-12-31 17:13 - 2013-12-31 17:13 - 00000000 _SHDL C:\Users\NEU\Anwendungsdaten
2013-12-31 17:00 - 2013-12-31 17:00 - 00000000 _____ C:\Windows\setuperr.log
2013-12-31 12:53 - 2013-02-01 18:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 12:50 - 2012-05-31 18:55 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-31 12:50 - 2011-05-22 07:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-31 12:47 - 2013-12-31 12:47 - 08699272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-31 11:31 - 2010-05-09 22:49 - 00007650 _____ C:\Users\Jerome\AppData\Local\Resmon.ResmonCfg
2013-12-24 07:08 - 2010-09-16 12:26 - 00000000 ____D C:\Users\Jerome\AppData\Roaming\WindSolutions
2013-12-24 06:40 - 2010-09-16 12:26 - 00000000 ____D C:\ProgramData\WindSolutions
2013-12-24 05:52 - 2012-05-21 05:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 22:56 - 2013-12-21 22:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 07:03 - 2009-09-25 05:29 - 00779976 _____ C:\Windows\system32\perfh007.dat
2013-12-20 07:03 - 2009-09-25 05:29 - 00180920 _____ C:\Windows\system32\perfc007.dat
2013-12-20 07:03 - 2009-07-14 06:13 - 01846380 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-10 21:24 - 2010-12-29 04:26 - 00000000 ____D C:\Users\Jerome\AppData\Roaming\Dropbox
2013-12-10 21:24 - 2010-01-21 15:03 - 00000000 ___RD C:\Users\Jerome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-10 20:18 - 2013-12-09 19:24 - 00000100 _____ C:\Windows\ParrotFlashWiz.INI
2013-12-10 20:17 - 2013-12-09 18:48 - 00000000 ____D C:\Program Files (x86)\Parrot Software Update Tool
2013-12-10 20:16 - 2010-12-29 04:33 - 00000000 ___RD C:\Users\Jerome\Dropbox
2013-12-08 01:16 - 2011-06-08 16:31 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2486777943-296773835-1515299602-1005UA
2013-12-08 01:16 - 2011-06-08 16:31 - 00003704 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2486777943-296773835-1515299602-1005Core
2013-12-05 22:05 - 2013-12-05 22:05 - 00000000 ____D C:\Users\Jerome\dwhelper
2013-12-05 22:05 - 2010-01-21 15:01 - 00000000 ___RD C:\Users\Jerome
2013-12-03 20:54 - 2011-03-25 19:59 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 20:54 - 2011-03-25 19:59 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-03 14:01 - 2013-09-17 01:30 - 00000000 ___RD C:\Users\Jerome\Mediencenter
2013-12-03 07:06 - 2013-12-03 06:22 - 00000000 ____D C:\Users\Jerome\Downloads\Threema (v1 7 2 v937 os50)-hamschti ipa
2013-12-03 06:18 - 2013-08-06 06:37 - 00000000 ____D C:\Program Files (x86)\JDownloader
Some content of TEMP:
====================
C:\Users\Jerome\AppData\Local\Temp\AMPing.exe
C:\Users\Jerome\AppData\Local\Temp\InstallManager_BAB_BAB.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-13 19:25
==================== End Of Log ============================ --- --- --- |