limasarie | 22.07.2014 11:18 | mbam.txt Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 22.07.2014
Suchlauf-Zeit: 11:34:42
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.07.22.02
Rootkit Datenbank: v2014.07.17.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Lisa Marie
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 343849
Verstrichene Zeit: 14 Min, 10 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe, 1968, Löschen bei Neustart, [3f4b1b871863dd5930e24ec2738e47b9]
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 52
PUP.Optional.Iminent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SProtection, In Quarantäne, [3f4b1b871863dd5930e24ec2738e47b9],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, In Quarantäne, [d7b3643e62193204dfa5ff5e7e8411ef],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, In Quarantäne, [d7b3643e62193204dfa5ff5e7e8411ef],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C58D664A-3DBC-4925-AE74-0382007DF113}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C58D664A-3DBC-4925-AE74-0382007DF113}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender.1, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject.1, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\INPROCSERVER32, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\CLASSES\TYPELIB\{A1669086-99CD-4735-9B7D-BD0ED4EF4893}, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\CLASSES\INTERFACE\{E563EA8B-7C40-4E55-AD48-EF3A1463F16C}, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E563EA8B-7C40-4E55-AD48-EF3A1463F16C}, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A1669086-99CD-4735-9B7D-BD0ED4EF4893}, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.OfferMosquito, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.OfferMosquito, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [a6e4940e413a58de8f590091907228d8],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [6822960cec8f3df99158f99803ff827e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, In Quarantäne, [d6b4a00284f70c2aab83c8900bf74cb4],
PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinkHandler, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, In Quarantäne, [3c4ef3af0a71e74ffc2fed0125dd41bf],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, In Quarantäne, [f6948f134b3040f653dee527aa5ad030],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [206a663c6a1104328d9ea64805fdc53b],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, In Quarantäne, [0d7d6042fa81b482989922ea1be9fe02],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\igdhbblpcellaljokkpfhcjlagemhgjl, In Quarantäne, [f8928b172a5150e6b17939b5b25037c9],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, In Quarantäne, [1d6dabf7c0bb2313149a329745bd34cc],
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA, In Quarantäne, [6525bae87efdba7c0ecd92722ed6f709],
PUP.Optional.ConduitSearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, In Quarantäne, [5e2c089a6615989ed07cab55b252fa06],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [cbbf871b740779bd4ede6d81f50d639d],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\IminentToolbar, In Quarantäne, [4347703299e2aa8c041a00efde2401ff],
PUP.Optional.SimpleNewTab.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SimpleNewTab, In Quarantäne, [e9a19e04106b5cda0faef4e00bf7e020],
PUP.Optional.OfferMosquito.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\gbmdkmlcnbapgegninelmjbfibaghdmk, In Quarantäne, [cbbf5c46423937ff605f02d2d52d0af6],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, In Quarantäne, [5337356d3b40a1956079429661a123dd],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [eaa03d65a2d96accaca1b7258d75ea16],
Registrierungswerte: 5
PUP.Optional.Iminent.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [1d6db0f2ed8e57dfb8c52a670ff3d927],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2633988149-1997347872-2226301095-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, In Quarantäne, [1d6db0f2ed8e57dfb8c52a670ff3d927],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, In Quarantäne, [1d6dabf7c0bb2313149a329745bd34cc]
PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA|MUpdBlock, {
"MASSUPDATE" : {
"CHROME_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 1
},
"FIREFOX_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 1
},
"IEXPLORE_BHO" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 4
}
}
}
, In Quarantäne, [6525bae87efdba7c0ecd92722ed6f709]
PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPROTECTION|ImagePath, C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe, In Quarantäne, [90fa80224536fe386235a65a58ace11f]
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 37
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\inst, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\inst\Bootstrapper, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\IminentToolbar, In Quarantäne, [5d2da3ff7a01b38335a0f6ae3ec4e818],
PUP.Optional.Iminent.A, C:\Program Files (x86)\IminentToolbar\1.8.28.3, In Quarantäne, [5d2da3ff7a01b38335a0f6ae3ec4e818],
PUP.Optional.Iminent.A, C:\Program Files (x86)\IminentToolbar\1.8.28.3\bh, In Quarantäne, [5d2da3ff7a01b38335a0f6ae3ec4e818],
PUP.Optional.OpenCandy, C:\Users\Lisa Marie\AppData\Roaming\OpenCandy, In Quarantäne, [a6e43b6736452610ba241a8a1ae87090],
PUP.Optional.OpenCandy, C:\Users\Lisa Marie\AppData\Roaming\OpenCandy\64F122A84FCA4AC3970B2366CB7E4C0F, In Quarantäne, [a6e43b6736452610ba241a8a1ae87090],
PUP.Optional.OpenCandy, C:\Users\Lisa Marie\AppData\Roaming\OpenCandy\8C38F7015E834020A57F8ECD8942ECC1, In Quarantäne, [a6e43b6736452610ba241a8a1ae87090],
PUP.Optional.SimpleNewTab.A, C:\Users\Lisa Marie\AppData\Local\simple_new_tab, In Quarantäne, [9febd1d1ea91d660fe0a486c946ebb45],
PUP.Optional.SimpleNewTab.A, C:\Users\Lisa Marie\AppData\Local\simple_new_tab\htmls, In Quarantäne, [9febd1d1ea91d660fe0a486c946ebb45],
PUP.Optional.OfferMosquito.A, C:\Users\Lisa Marie\AppData\Roaming\OfferMosquito, In Quarantäne, [f7930d95ccafbd796b9ea80cf70b4cb4],
PUP.Optional.OfferMosquito.A, C:\Users\Lisa Marie\AppData\Local\ext_offermosquito, In Quarantäne, [008a455dd9a292a498728c2860a2fa06],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect\UI, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
Dateien: 100
PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe, Löschen bei Neustart, [3f4b1b871863dd5930e24ec2738e47b9],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll, In Quarantäne, [1a702d75aecd1e1841ce464b30d2d030],
PUP.Optional.OfferMosquito, C:\Users\Lisa Marie\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll, In Quarantäne, [bcce29791a61e254eb6e6df147bb12ee],
PUP.Optional.Conduit.A, C:\Users\Lisa Marie\AppData\Roaming\OpenCandy\64F122A84FCA4AC3970B2366CB7E4C0F\sp-downloader.exe, In Quarantäne, [4b3fa4fe8af1d75f32a5d450768be51b],
PUP.Optional.Conduit.A, C:\Users\Lisa Marie\AppData\Local\Temp\nsn570A.exe, In Quarantäne, [8505c2e0a2d9053173098efc9b66b64a],
PUP.Optional.Conduit.A, C:\Users\Lisa Marie\AppData\Local\Temp\nspC42C.exe, In Quarantäne, [7b0f0a98483364d245371a70f70a13ed],
PUP.Optional.Conduit.A, C:\Users\Lisa Marie\AppData\Local\Temp\nsr47B7.exe, In Quarantäne, [2763c0e289f2c571611bef9b06fb35cb],
PUP.Optional.Conduit.A, C:\Users\Lisa Marie\AppData\Local\Temp\nsvBA57.exe, In Quarantäne, [ec9ee0c2bebdbc7a304cd3b74db410f0],
PUP.Optional.GenericExt.A, C:\Users\Lisa Marie\AppData\Local\Temp\igdhbblpcellaljokkpfhcjlagemhgjl6ff5106\minibarchrome.exe, In Quarantäne, [1476237fef8ceb4bf55a41fc17e9c33d],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsoD67F.exe, In Quarantäne, [f595782a5229c96dcbb1800a679ad42c],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsrEA76.exe, In Quarantäne, [95f5e2c0dd9ece68a2da5e2c58a949b7],
PUP.Optional.OfferMosquito.A, C:\Users\Lisa Marie\AppData\Local\omesuperv.exe, In Quarantäne, [7119e9b9e398171f1a587aa443bd01ff],
PUP.Optional.OfferMosquito.A, C:\Users\Lisa Marie\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll, In Quarantäne, [305a940e6d0e68ce640eef2f9c64fc04],
PUP.Optional.OfferMosquito.A, C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default\extensions\om@offermosquito.com.xpi, In Quarantäne, [7614831f6b102c0af0d0aa2afe0420e0],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml, In Quarantäne, [4545eab85c1f3501277801ebc73bfa06],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\SearchTheWeb.xml, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\iminent.mmplayer.swf, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\StartWeb.xml, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\USearch.xml, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\WinkHandler.exe, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\inst\main.ico, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\inst\SearchTheWeb.ico, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\inst\Universely.ico, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\inst\Bootstrapper\CustomActionsIminent.dll, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\inst\Bootstrapper\MetroConfig.JSON, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.Iminent.A, C:\Program Files (x86)\Iminent\inst\Bootstrapper\uninstall.exe, In Quarantäne, [a5e5f5adafccc175ccce926ea55f926e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [8406267cd6a5c67086d649c4f80ca25e],
PUP.Optional.OpenCandy, C:\Users\Lisa Marie\AppData\Roaming\OpenCandy\8C38F7015E834020A57F8ECD8942ECC1\TuneUpUtilities2014_de-DE.exe, In Quarantäne, [a6e43b6736452610ba241a8a1ae87090],
PUP.Optional.SimpleNewTab.A, C:\Users\Lisa Marie\AppData\Local\simple_new_tab\simple_new_tab.dll, In Quarantäne, [9febd1d1ea91d660fe0a486c946ebb45],
PUP.Optional.SimpleNewTab.A, C:\Users\Lisa Marie\AppData\Local\simple_new_tab\htmls\index.html, In Quarantäne, [9febd1d1ea91d660fe0a486c946ebb45],
PUP.Optional.OfferMosquito.A, C:\Users\Lisa Marie\AppData\Local\ext_offermosquito\atl100.dll, In Quarantäne, [008a455dd9a292a498728c2860a2fa06],
PUP.Optional.OfferMosquito.A, C:\Users\Lisa Marie\AppData\Local\ext_offermosquito\msvcr100d.dll, In Quarantäne, [008a455dd9a292a498728c2860a2fa06],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
PUP.Optional.SearchProtect.A, C:\Users\Lisa Marie\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [35551f83b7c4b680f2c4b40628daf60a],
Physische Sektoren: 0
(No malicious items detected)
(end) adwcleaner Code:
Ordner Gelöscht : C:\Users\Lisa Marie\AppData\Local\Software
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gelöscht : C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default\searchplugins\search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\SearchTheWeb.xml
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Fifth
Datei Gelöscht : C:\WINDOWS\System32\Tasks\OMESupervisor
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Snoozer]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7C78C08-3CC7-416F-B827-7C1785ABBDA8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\OfferMosquito
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://wisersearch.com/search.php?channel=de&q=");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://wisersearch.com/?channel=de");
Zeile gelöscht : user_pref("iminent.newtabredirect", "true");
Zeile gelöscht : user_pref("iminent.searchindex", "2");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://wisersearch.com/search.php?channel=de&q=");
Zeile gelöscht : user_pref("simplenewtab.url", "hxxp://wisersearch.com/?channel=de_nt");
*************************
AdwCleaner[R0].txt - [5961 octets] - [22/07/2014 11:58:24]
AdwCleaner[S0].txt - [5027 octets] - [22/07/2014 11:59:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5087 octets] ########## Code:
# AdwCleaner v3.216 - Bericht erstellt am 22/07/2014 um 11:58:24
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Lisa Marie - LISA
# Gestartet von : C:\Users\Lisa Marie\Downloads\adwcleaner_3.216.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\SearchTheWeb.xml
Datei Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gefunden : C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default\searchplugins\search.xml
Datei Gefunden : C:\WINDOWS\System32\Tasks\Fifth
Datei Gefunden : C:\WINDOWS\System32\Tasks\OMESupervisor
Ordner Gefunden : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gefunden : C:\Users\Lisa Marie\AppData\Local\Software
Ordner Gefunden : C:\Users\Lisa Marie\AppData\Roaming\Common\LuaRT
Ordner Gefunden : C:\Users\Lisa Marie\AppData\Roaming\DataMgr
Ordner Gefunden : C:\Users\Lisa Marie\AppData\Roaming\Fifth
Ordner Gefunden : C:\Users\Lisa Marie\AppData\Roaming\Intermediate
Ordner Gefunden : C:\Users\Lisa Marie\AppData\Roaming\SCheck
Ordner Gefunden : C:\Users\Lisa Marie\AppData\Roaming\Snz
Ordner Gefunden : C:\Users\Lisa Marie\AppData\Roaming\SSync
Ordner Gefunden : C:\Users\LISAMA~1\AppData\Local\Temp\OCS
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7C78C08-3CC7-416F-B827-7C1785ABBDA8}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\OfferMosquito
Schlüssel Gefunden : HKCU\Software\Protector
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7C78C08-3CC7-416F-B827-7C1785ABBDA8}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OfferMosquito
Schlüssel Gefunden : [x64] HKCU\Software\Protector
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DataMgr]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [scheck]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Snoozer]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://wisersearch.com/?channel=de
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default\prefs.js ]
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://wisersearch.com/search.php?channel=de&q=");
Zeile gefunden : user_pref("browser.startup.homepage", "hxxp://wisersearch.com/?channel=de");
Zeile gefunden : user_pref("iminent.newtabredirect", "true");
Zeile gefunden : user_pref("iminent.searchindex", "2");
Zeile gefunden : user_pref("keyword.URL", "hxxp://wisersearch.com/search.php?channel=de&q=");
Zeile gefunden : user_pref("simplenewtab.url", "hxxp://wisersearch.com/?channel=de_nt");
*************************
AdwCleaner[R0].txt - [5773 octets] - [22/07/2014 11:58:24]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5833 octets] ########## Code:
# AdwCleaner v3.216 - Bericht erstellt am 22/07/2014 um 12:30:32
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Lisa Marie - LISA
# Gestartet von : C:\Users\Lisa Marie\Downloads\adwcleaner_3.216.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [5961 octets] - [22/07/2014 11:58:24]
AdwCleaner[R1].txt - [719 octets] - [22/07/2014 12:30:32]
AdwCleaner[S0].txt - [5179 octets] - [22/07/2014 11:59:55]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [838 octets] ##########
JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Lisa Marie on 22.07.2014 at 12:04:49,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1B0AEC5F-9979-4A64-8A2F-8014547A8D26}
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
~~~ FireFox
Emptied folder: C:\Users\Lisa Marie\AppData\Roaming\mozilla\firefox\profiles\xu7x4t92.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.07.2014 at 12:11:39,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-07-2014
Ran by Lisa Marie (administrator) on LISA on 22-07-2014 12:15:51
Running from C:\Users\Lisa Marie\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Users\Lisa Marie\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Users\Lisa Marie\Desktop\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Users\Lisa Marie\Desktop\Malwarebytes Anti-Malware\mbam.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoUpdateCheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-11-18] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2633988149-1997347872-2226301095-1002\...\Run: [Sixth] => C:\Users\Lisa Marie\AppData\Roaming\Sixth\Sixth.exe [63625 2014-07-19] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {36F76158-A84E-4F0E-8648-C4BB5B35DE4C} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {36F76158-A84E-4F0E-8648-C4BB5B35DE4C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default
FF DefaultSearchEngine: Search
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Search
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper - C:\Users\Lisa Marie\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Simple New Tab - C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default\Extensions\snt@dotlabs.co.xpi [2013-12-16]
FF Extension: Adblock Plus - C:\Users\Lisa Marie\AppData\Roaming\Mozilla\Firefox\Profiles\xu7x4t92.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-25]
==================== Services (Whitelisted) =================
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Users\Lisa Marie\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Users\Lisa Marie\Desktop\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-11-18] (Dritek System INC.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2138936 2014-03-20] (TuneUp Software)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-11-18] (Dritek System Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-02-10] (TuneUp Software)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-22 12:15 - 2014-07-22 12:15 - 00000000 ____D () C:\Users\Lisa Marie\Downloads\FRST-OlderVersion
2014-07-22 12:11 - 2014-07-22 12:11 - 00000968 _____ () C:\Users\Lisa Marie\Desktop\JRT.txt
2014-07-22 12:04 - 2014-07-22 12:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-22 11:57 - 2014-07-22 11:57 - 01016261 _____ (Thisisu) C:\Users\Lisa Marie\Downloads\JRT.exe
2014-07-22 11:57 - 2014-07-22 11:57 - 00031257 _____ () C:\Users\Lisa Marie\Desktop\mbam.txt
2014-07-22 11:55 - 2014-07-22 11:59 - 00000000 ____D () C:\AdwCleaner
2014-07-22 11:38 - 2014-07-22 11:38 - 01354223 _____ () C:\Users\Lisa Marie\Downloads\adwcleaner_3.216.exe
2014-07-22 11:34 - 2014-07-22 12:01 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 11:33 - 2014-07-22 11:33 - 00000775 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 11:33 - 2014-07-22 11:33 - 00000000 ____D () C:\Users\Lisa Marie\Desktop\Malwarebytes Anti-Malware
2014-07-22 11:33 - 2014-07-22 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 11:33 - 2014-07-22 11:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 11:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-22 11:33 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-22 11:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-22 11:32 - 2014-07-22 11:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lisa Marie\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 16:08 - 2014-07-20 16:08 - 00000000 ____D () C:\Program Files\McAfee
2014-07-20 15:51 - 2014-07-20 15:51 - 00000000 ____D () C:\Users\Lisa Marie\AppData\Roaming\Sixth
2014-07-20 15:08 - 2014-07-20 15:08 - 05222180 _____ (Swearware) C:\Users\Lisa Marie\Downloads\ComboFix.exe
2014-07-17 21:49 - 2014-07-17 21:49 - 03453210 _____ () C:\Users\Lisa Marie\Downloads\avg_remover4116.zip
2014-07-17 21:48 - 2014-07-17 21:48 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lisa Marie\Downloads\AVG Remover 2014 - CHIP-Installer.exe
2014-07-17 18:41 - 2014-07-17 18:43 - 00024538 _____ () C:\Users\Lisa Marie\Downloads\Addition.txt
2014-07-17 18:39 - 2014-07-22 12:15 - 00010903 _____ () C:\Users\Lisa Marie\Downloads\FRST.txt
2014-07-17 18:39 - 2014-07-22 12:15 - 00000000 ____D () C:\FRST
2014-07-17 18:38 - 2014-07-22 12:15 - 02090496 _____ (Farbar) C:\Users\Lisa Marie\Downloads\FRST64.exe
2014-07-17 18:00 - 2014-07-17 18:00 - 00000520 _____ () C:\Users\Lisa Marie\Desktop\Ereignisse.txt
2014-07-17 17:38 - 2014-07-21 22:48 - 00043578 _____ () C:\Users\Lisa Marie\Desktop\Kulturmarketing Lernzettel.odt
2014-07-16 20:39 - 2014-07-16 20:39 - 00015681 _____ () C:\Users\Lisa Marie\Desktop\ba-litliste.odt
2014-07-16 15:00 - 2014-07-16 16:16 - 00033763 _____ () C:\Users\Lisa Marie\Desktop\BA-exposé.odt
2014-07-14 13:32 - 2014-07-14 13:32 - 00014493 _____ () C:\Users\Lisa Marie\Desktop\FFS 14.07..odt
2014-07-14 01:37 - 2014-07-14 01:37 - 00010828 _____ () C:\Users\Lisa Marie\Desktop\volos.odt
2014-07-13 13:42 - 2014-07-13 13:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-13 13:40 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-10 19:00 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-10 19:00 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-10 19:00 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-10 15:46 - 2014-07-13 21:30 - 00022533 _____ () C:\Users\Lisa Marie\Desktop\motivationsschreiben_fau.odt
2014-07-10 14:26 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-10 14:26 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-10 14:23 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-10 14:23 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-10 14:23 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-10 14:23 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-10 14:23 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-10 14:23 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-10 14:23 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-10 14:23 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-10 14:23 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-10 14:23 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-10 14:23 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-10 14:23 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-10 14:23 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-10 14:23 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-10 14:23 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-10 14:23 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-10 14:23 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-10 14:23 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-10 14:23 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-10 14:23 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-10 14:23 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-10 14:23 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-10 14:23 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-10 14:23 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-10 14:23 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-10 14:23 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-10 14:23 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-10 14:23 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-10 14:23 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-10 14:23 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-10 14:23 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-10 14:23 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-10 14:23 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-10 14:23 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-10 14:23 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-10 14:22 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-10 14:22 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-10 14:22 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-10 14:22 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-10 14:22 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-10 14:22 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-10 14:22 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 14:22 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-10 14:22 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-10 14:22 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-10 14:22 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-10 14:22 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-10 14:22 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-10 14:22 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-10 14:22 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-10 14:22 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-10 14:22 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-10 14:16 - 2014-07-10 14:16 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 18:51 - 2014-07-16 23:13 - 00063889 _____ () C:\Users\Lisa Marie\Desktop\Pop_Hausarbeit.odt
2014-06-29 20:17 - 2014-06-29 20:55 - 00606993 _____ () C:\Users\Lisa Marie\Desktop\Levine_Referat.odp
2014-06-26 21:45 - 2014-06-26 21:45 - 00041425 _____ () C:\Users\Lisa Marie\Desktop\exposé.odt
2014-06-22 02:24 - 2014-07-16 20:39 - 00019598 _____ () C:\Users\Lisa Marie\Desktop\gliederung.odt
2014-06-22 02:24 - 2014-06-22 02:24 - 00016828 _____ () C:\Users\Lisa Marie\Desktop\thesis.odt
==================== One Month Modified Files and Folders =======
2014-07-22 12:16 - 2014-07-17 18:39 - 00010903 _____ () C:\Users\Lisa Marie\Downloads\FRST.txt
2014-07-22 12:15 - 2014-07-22 12:15 - 00000000 ____D () C:\Users\Lisa Marie\Downloads\FRST-OlderVersion
2014-07-22 12:15 - 2014-07-17 18:39 - 00000000 ____D () C:\FRST
2014-07-22 12:15 - 2014-07-17 18:38 - 02090496 _____ (Farbar) C:\Users\Lisa Marie\Downloads\FRST64.exe
2014-07-22 12:14 - 2014-03-20 21:28 - 01763680 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-22 12:12 - 2014-02-10 14:14 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2633988149-1997347872-2226301095-1002
2014-07-22 12:11 - 2014-07-22 12:11 - 00000968 _____ () C:\Users\Lisa Marie\Desktop\JRT.txt
2014-07-22 12:08 - 2014-02-10 13:22 - 00001150 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 12:04 - 2014-07-22 12:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-22 12:04 - 2014-04-07 10:13 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EB58D919-F8C1-430E-9D00-A2D9F63A7D00}
2014-07-22 12:01 - 2014-07-22 11:34 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 12:01 - 2014-03-21 11:40 - 00000000 __RDO () C:\Users\Lisa Marie\SkyDrive
2014-07-22 12:01 - 2014-02-10 13:22 - 00001146 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-22 12:01 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-22 12:00 - 2013-11-14 00:18 - 00085620 _____ () C:\WINDOWS\PFRO.log
2014-07-22 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-22 12:00 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-22 11:59 - 2014-07-22 11:55 - 00000000 ____D () C:\AdwCleaner
2014-07-22 11:59 - 2014-02-10 13:16 - 00000000 ____D () C:\Users\Lisa Marie\AppData\Roaming\Common
2014-07-22 11:57 - 2014-07-22 11:57 - 01016261 _____ (Thisisu) C:\Users\Lisa Marie\Downloads\JRT.exe
2014-07-22 11:57 - 2014-07-22 11:57 - 00031257 _____ () C:\Users\Lisa Marie\Desktop\mbam.txt
2014-07-22 11:51 - 2013-02-02 03:06 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-22 11:50 - 2014-02-10 12:23 - 00000000 ____D () C:\Users\Lisa Marie\Desktop\Unikram und Diverses
2014-07-22 11:38 - 2014-07-22 11:38 - 01354223 _____ () C:\Users\Lisa Marie\Downloads\adwcleaner_3.216.exe
2014-07-22 11:33 - 2014-07-22 11:33 - 00000775 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 11:33 - 2014-07-22 11:33 - 00000000 ____D () C:\Users\Lisa Marie\Desktop\Malwarebytes Anti-Malware
2014-07-22 11:33 - 2014-07-22 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 11:33 - 2014-07-22 11:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 11:32 - 2014-07-22 11:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lisa Marie\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-22 11:23 - 2014-03-02 15:51 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-21 22:48 - 2014-07-17 17:38 - 00043578 _____ () C:\Users\Lisa Marie\Desktop\Kulturmarketing Lernzettel.odt
2014-07-20 17:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-20 16:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-20 16:08 - 2014-07-20 16:08 - 00000000 ____D () C:\Program Files\McAfee
2014-07-20 15:51 - 2014-07-20 15:51 - 00000000 ____D () C:\Users\Lisa Marie\AppData\Roaming\Sixth
2014-07-20 15:08 - 2014-07-20 15:08 - 05222180 _____ (Swearware) C:\Users\Lisa Marie\Downloads\ComboFix.exe
2014-07-17 21:53 - 2014-05-18 21:13 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-17 21:53 - 2014-02-10 12:33 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-17 21:52 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-17 21:49 - 2014-07-17 21:49 - 03453210 _____ () C:\Users\Lisa Marie\Downloads\avg_remover4116.zip
2014-07-17 21:48 - 2014-07-17 21:48 - 00961360 _____ (Chip Digital GmbH) C:\Users\Lisa Marie\Downloads\AVG Remover 2014 - CHIP-Installer.exe
2014-07-17 18:43 - 2014-07-17 18:41 - 00024538 _____ () C:\Users\Lisa Marie\Downloads\Addition.txt
2014-07-17 18:00 - 2014-07-17 18:00 - 00000520 _____ () C:\Users\Lisa Marie\Desktop\Ereignisse.txt
2014-07-16 23:13 - 2014-07-08 18:51 - 00063889 _____ () C:\Users\Lisa Marie\Desktop\Pop_Hausarbeit.odt
2014-07-16 20:39 - 2014-07-16 20:39 - 00015681 _____ () C:\Users\Lisa Marie\Desktop\ba-litliste.odt
2014-07-16 20:39 - 2014-06-22 02:24 - 00019598 _____ () C:\Users\Lisa Marie\Desktop\gliederung.odt
2014-07-16 16:16 - 2014-07-16 15:00 - 00033763 _____ () C:\Users\Lisa Marie\Desktop\BA-exposé.odt
2014-07-14 13:32 - 2014-07-14 13:32 - 00014493 _____ () C:\Users\Lisa Marie\Desktop\FFS 14.07..odt
2014-07-14 12:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-14 01:37 - 2014-07-14 01:37 - 00010828 _____ () C:\Users\Lisa Marie\Desktop\volos.odt
2014-07-13 21:30 - 2014-07-10 15:46 - 00022533 _____ () C:\Users\Lisa Marie\Desktop\motivationsschreiben_fau.odt
2014-07-13 16:25 - 2013-08-22 16:44 - 00360464 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-13 13:42 - 2014-07-13 13:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-13 13:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-13 13:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 13:42 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 13:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-13 13:41 - 2014-02-24 20:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-13 13:40 - 2014-02-24 20:54 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-13 13:40 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-10 15:59 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 15:44 - 2014-06-20 13:38 - 00028776 _____ () C:\Users\Lisa Marie\Desktop\motivationsschreiben1.odt
2014-07-10 14:16 - 2014-07-10 14:16 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 19:24 - 2014-03-02 15:51 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-04 11:41 - 2014-06-18 20:35 - 00053264 _____ () C:\Users\Lisa Marie\Desktop\Temperantia_Essay.odt
2014-07-01 00:45 - 2014-07-10 19:00 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-29 20:55 - 2014-06-29 20:17 - 00606993 _____ () C:\Users\Lisa Marie\Desktop\Levine_Referat.odp
2014-06-28 09:48 - 2014-07-10 19:00 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-10 19:00 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-26 22:55 - 2014-05-19 08:05 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:55 - 2014-05-19 08:05 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 21:49 - 2014-06-18 11:30 - 00022078 _____ () C:\Users\Lisa Marie\Downloads\Motivationsschreiben2.odt
2014-06-26 21:45 - 2014-06-26 21:45 - 00041425 _____ () C:\Users\Lisa Marie\Desktop\exposé.odt
2014-06-22 14:01 - 2013-08-22 16:46 - 00334577 _____ () C:\WINDOWS\setupact.log
2014-06-22 02:24 - 2014-06-22 02:24 - 00016828 _____ () C:\Users\Lisa Marie\Desktop\thesis.odt
Some content of TEMP:
====================
C:\Users\Lisa Marie\AppData\Local\Temp\avgnt.exe
C:\Users\Lisa Marie\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-20 16:27
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- |