ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2037e81d4974b541bdb1c40db5300727
# engine=19697
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=false
# utc_time=2014-08-17 10:59:08
# local_time=2014-08-17 12:59:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 93 1390892 14248783 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 23521291 159902998 0 0
# scanned=331420
# found=11
# cleaned=0
# scan_time=5865
sh=3F8CCD9279F8D950622F536D3202CC0E44134A8E ft=1 fh=4cb693d7b46c457f vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\sweetpacks bundle uninstaller\uninstaller.exe.vir"
sh=7560ADB6881D658A46F52AD1DCDF667B615F6EDE ft=1 fh=19f14dde2ee67322 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe.vir"
sh=24EACADAF8910146B00A3B6146FAD19E11BFF03B ft=1 fh=5e1dc8d93e2d8e01 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-egypt.exe"
sh=34D77A23AA7C7648948E4BFAB31F33F517A785DC ft=1 fh=11cdaad78b073df2 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-japan.exe"
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Agent.NKW Trojaner" ac=I fn="D:\Mozilla-Downloads\137-2014-08-14-185627.tar.gz"
sh=A981E3D6F03D3BD57D1472F33A4093A01533F8A8 ft=1 fh=7aaf7b3d0491af48 vn="Variante von MSIL/AdvancedSystemProtector.A evtl. unerwünschte Anwendung" ac=I fn="D:\Mozilla-Downloads\wzmp_8.exe"
sh=9A579D06963998D2E015B69737AA1AA9D8A4F37B ft=1 fh=75557439e7bfbd68 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="D:\PC-neu-Installation\FFSetup3.1.1.exe"
sh=9037E7BE4C82C4F9E717F12ED8FEF35498FC845A ft=0 fh=0000000000000000 vn="PHP/Obfuscated.D evtl. unerwünschte Anwendung" ac=I fn="F:\Homepage's\PHP FUSION\phponline_2.1.2.zip"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Agent.NKW Trojaner" ac=I fn="K:\Vserver-oVZM-137-Backup\01-08-2014\137-2014-08-01-214425.tar.gz"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="JS/Agent.NKW Trojaner" ac=I fn="K:\Vserver-oVZM-137-Backup\26-07-2014\137-2014-07-26-222126.tar.gz"
Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 11
Java version out of Date!
Adobe Flash Player 14.0.0.145
Mozilla Firefox (31.0)
Mozilla Thunderbird (31.0.)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast afwServ.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Mark-Peter (administrator) on MARK-PETER-PC on 17-08-2014 13:12:05
Running from D:\Mozilla-Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\FeedReader30\feedreader.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() D:\janrufmonitor\jam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(AVM Berlin) C:\Users\Mark-Peter\AppData\Local\Apps\2.0\N9QOBBD3.TOD\PE8TCT8J.41Y\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKU\S-1-5-21-3307784932-3257054885-3720409516-1001\...\Run: [BirthdayRemember6] => C:\Program Files (x86)\BirthdayRemember\BirthdayRemember.exe [2440704 2008-07-28] (BirthdayRemember)
HKU\S-1-5-21-3307784932-3257054885-3720409516-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Mark-Peter\AppData\Local\Apps\2.0\N9QOBBD3.TOD\PE8TCT8J.41Y\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-06-08] (AVM Berlin)
HKU\S-1-5-21-3307784932-3257054885-3720409516-1001\...\Run: [feedreader.exe] => C:\Program Files (x86)\FeedReader30\feedreader.exe [2058240 2009-03-29] ()
HKU\S-1-5-21-3307784932-3257054885-3720409516-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3307784932-3257054885-3720409516-1001\...\MountPoints2: {63960f58-257a-11e4-80ae-bc5ff4e465d9} - G:\EasySuite.exe
HKU\S-1-5-21-3307784932-3257054885-3720409516-1001\...\MountPoints2: {86a225f9-4aff-11e3-9b1b-002618988ac8} - K:\LaunchU3.exe -a
HKU\S-1-5-21-3307784932-3257054885-3720409516-1001\...\MountPoints2: {a9365d54-bcbd-11e3-8a41-806e6f6e6963} - J:\wubi.exe
Startup: C:\Users\Mark-Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jAnrufmonitor 5.0.lnk
ShortcutTarget: jAnrufmonitor 5.0.lnk -> D:\janrufmonitor\jam.exe ()
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark-Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark-Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark-Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark-Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark-Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark-Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark-Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mark-Peter\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => No File
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => No File
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB2D04FEBB143CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP7B061BD6-4860-4D72-AE7E-E762E5AA5BB9&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {3746422E-4692-4429-9698-E3EB34FE07BC} hxxp://udo.selfhost.me/FSIPCam.cab
DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://192.168.178.24/codebase/DVM_IPCam2.ocx
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter-x32: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "ftp", "79.142.126.3"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "79.142.126.3"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost,stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "45.41.257"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "459.175.147.3"
FF NetworkProxy: "ssl_port", 8010
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @IPCWebComponents -> C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-11-11]
FF Extension: AutoPager - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\autopager@mozilla.org.xpi [2013-11-15]
FF Extension: Facebook Disconnect - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\facebook@disconnect.me.xpi [2013-11-15]
FF Extension: Firebug - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\firebug@software.joehewitt.com.xpi [2013-11-15]
FF Extension: Stealthy - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\stealthyextension@gmail.com.xpi [2013-11-15]
FF Extension: عارض PDF - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\uriloader@pdf.js.xpi [2013-11-15]
FF Extension: ShowIP - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi [2013-11-15]
FF Extension: NoScript - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-06-28]
FF Extension: ReloadEvery - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-11-15]
FF Extension: Adblock Plus - C:\Users\Mark-Peter\AppData\Roaming\Mozilla\Firefox\Profiles\sucmapd9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-05]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-11] (AVAST Software)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-11-14] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-04-25] (WiseCleaner.com)
S2 HPSLPSVC; C:\Users\MARK-P~1\AppData\Local\Temp\7zS53A1\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 %ServiceName%; C:\Windows\System32\drivers\iusb3hcs.sys [19264 2014-04-05] (Intel Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2014-06-08] (AVM Berlin)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2014-04-05] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-17] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2013-11-14] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-11-11] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-11-11] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-11-11] (Acronis International GmbH)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 cpuz134; \??\C:\Users\MARK-P~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 11:16 - 2014-08-17 11:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-16 11:33 - 2014-08-16 11:33 - 00000000 ____D () C:\Windows\ERUNT
2014-08-15 17:11 - 2014-08-15 20:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-15 16:02 - 2014-08-15 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-08-15 16:02 - 2014-08-15 16:02 - 00003464 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-08-15 16:02 - 2014-08-15 16:02 - 00000000 ____D () C:\rei
2014-08-15 16:02 - 2014-08-15 16:02 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-08-15 16:01 - 2014-08-15 16:02 - 00000156 _____ () C:\Windows\Reimage.ini
2014-08-15 12:36 - 2014-08-17 13:12 - 00000000 ____D () C:\FRST
2014-08-15 11:55 - 2014-08-15 11:55 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-08-15 11:55 - 2014-08-15 11:55 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Nico Mak Computing
2014-08-15 11:55 - 2014-08-15 11:55 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-08-15 11:55 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-08-11 21:50 - 2014-08-11 21:54 - 00000000 ____D () C:\ProgramData\firebird
2014-08-11 21:08 - 2014-08-11 21:50 - 00000000 ____D () C:\Users\Mark-Peter\Scoutsystems
2014-08-11 20:56 - 2014-08-11 20:56 - 00000000 ____D () C:\Users\Mark-Peter\.Report
2014-08-11 20:56 - 2014-08-11 20:56 - 00000000 ____D () C:\Users\Mark-Peter\.jfreereport
2014-08-07 00:29 - 2014-08-07 00:29 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-08-07 00:29 - 2014-08-07 00:29 - 00001908 _____ () C:\Windows\diagerr.xml
2014-08-06 00:49 - 2014-08-06 00:49 - 00001933 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-08-06 00:49 - 2014-08-06 00:49 - 00000000 ____D () C:\Users\Mark-Peter\Documents\SelfMV
2014-08-06 00:48 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-08-03 19:50 - 2014-08-03 19:50 - 06004615 _____ (Tim Kosse) C:\Users\Mark-Peter\Downloads\FileZilla_3.9.0.2_win32-setup.exe
2014-08-03 19:50 - 2014-08-03 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-03 19:50 - 2014-08-03 19:50 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-03 16:09 - 2014-08-03 16:09 - 00000000 ____D () C:\Program Files\Bonjour
2014-08-03 16:09 - 2014-08-03 16:09 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-08-03 16:09 - 2014-06-11 03:53 - 00423936 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmon.dll
2014-08-03 16:09 - 2014-06-11 03:53 - 00413184 _____ (Hewlett-Packard) C:\Windows\system32\hpbrprtmon.dll
2014-08-03 16:09 - 2014-06-11 03:52 - 00231424 _____ (Hewlett-Packard) C:\Windows\system32\hpbprtmonui.dll
2014-08-03 16:08 - 2014-08-03 16:08 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-08-03 16:08 - 2014-08-03 16:08 - 00000000 ____D () C:\HP_ePrint
2014-08-02 12:18 - 2014-08-02 12:22 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Feedreader
2014-08-02 12:18 - 2014-08-02 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeedReader
2014-08-02 12:18 - 2014-08-02 12:18 - 00000000 ____D () C:\Program Files (x86)\FeedReader30
2014-07-29 10:35 - 2014-07-29 10:35 - 05981830 _____ (Tim Kosse) C:\Users\Mark-Peter\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-25 14:43 - 2014-08-06 01:03 - 00000000 ___RD () C:\Users\Mark-Peter\Dropbox
2014-07-25 14:42 - 2014-08-06 00:41 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Dropbox
2014-07-25 14:42 - 2014-07-25 14:42 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-23 00:55 - 2014-07-23 00:55 - 00000088 _____ () C:\Users\Mark-Peter\Desktop\listen.pls
2014-07-22 23:55 - 2014-08-16 11:45 - 00000000 ____D () C:\AdwCleaner
2014-07-21 11:47 - 2014-07-21 11:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-21 11:47 - 2014-07-21 11:47 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-21 11:47 - 2014-07-21 11:47 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-21 11:47 - 2014-07-21 11:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-21 11:47 - 2014-07-21 11:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 21:29 - 2014-07-18 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 13:12 - 2014-08-15 12:36 - 00000000 ____D () C:\FRST
2014-08-17 12:37 - 2014-03-05 16:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-17 12:37 - 2009-07-14 19:58 - 05888228 _____ () C:\Windows\system32\perfh007.dat
2014-08-17 12:37 - 2009-07-14 19:58 - 01760956 _____ () C:\Windows\system32\perfc007.dat
2014-08-17 12:37 - 2009-07-14 07:13 - 00006232 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 12:28 - 2014-06-29 15:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 12:20 - 2013-11-15 00:35 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-17 11:16 - 2014-08-17 11:16 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-17 11:14 - 2013-11-14 01:37 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Skype
2014-08-17 11:06 - 2009-07-14 06:45 - 00016336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 11:06 - 2009-07-14 06:45 - 00016336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 11:00 - 2013-11-16 02:10 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Wise Care 365
2014-08-17 10:59 - 2014-04-06 01:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-17 10:59 - 2013-11-15 00:35 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-17 10:59 - 2013-11-14 16:49 - 00000000 ____D () C:\Users\Mark-Peter\Documents\jAnrufmonitor
2014-08-17 10:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-16 19:28 - 2013-11-14 14:52 - 00000000 ____D () C:\Program Files (x86)\FGS_Cashbook
2014-08-16 11:45 - 2014-07-22 23:55 - 00000000 ____D () C:\AdwCleaner
2014-08-16 11:33 - 2014-08-16 11:33 - 00000000 ____D () C:\Windows\ERUNT
2014-08-15 23:31 - 2014-03-05 16:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-15 23:31 - 2013-11-14 01:20 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-15 23:31 - 2013-11-14 01:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 21:57 - 2013-11-14 20:01 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\vlc
2014-08-15 20:53 - 2014-08-15 17:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-15 19:23 - 2013-11-22 13:33 - 00000000 ____D () C:\Program Files\stinger
2014-08-15 16:14 - 2014-08-15 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-08-15 16:02 - 2014-08-15 16:02 - 00003464 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-08-15 16:02 - 2014-08-15 16:02 - 00000000 ____D () C:\rei
2014-08-15 16:02 - 2014-08-15 16:02 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-08-15 16:02 - 2014-08-15 16:01 - 00000156 _____ () C:\Windows\Reimage.ini
2014-08-15 11:55 - 2014-08-15 11:55 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-08-15 11:55 - 2014-08-15 11:55 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Nico Mak Computing
2014-08-15 11:55 - 2014-08-15 11:55 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-08-15 09:27 - 2013-11-14 01:44 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Winamp
2014-08-14 17:44 - 2014-06-24 00:27 - 00000000 ____D () C:\cbfunk-deutschland-neu
2014-08-13 17:52 - 2013-11-11 20:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-12 17:55 - 2013-11-11 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-12 14:24 - 2014-05-18 13:39 - 00002062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-08-12 14:24 - 2014-05-18 13:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-08-12 10:17 - 2013-11-15 01:40 - 00000000 ____D () C:\Users\Mark-Peter\Documents\lqpl Invoice 2012
2014-08-11 21:54 - 2014-08-11 21:50 - 00000000 ____D () C:\ProgramData\firebird
2014-08-11 21:50 - 2014-08-11 21:08 - 00000000 ____D () C:\Users\Mark-Peter\Scoutsystems
2014-08-11 21:08 - 2013-11-11 19:43 - 00000000 ____D () C:\Users\Mark-Peter
2014-08-11 20:56 - 2014-08-11 20:56 - 00000000 ____D () C:\Users\Mark-Peter\.Report
2014-08-11 20:56 - 2014-08-11 20:56 - 00000000 ____D () C:\Users\Mark-Peter\.jfreereport
2014-08-11 19:38 - 2013-11-15 01:43 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\teamspeak2
2014-08-10 21:54 - 2013-12-19 14:19 - 00001062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-10 21:54 - 2013-12-19 14:19 - 00001050 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-08-07 00:29 - 2014-08-07 00:29 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-08-07 00:29 - 2014-08-07 00:29 - 00001908 _____ () C:\Windows\diagerr.xml
2014-08-06 23:42 - 2013-11-14 01:37 - 00000000 ____D () C:\ProgramData\Skype
2014-08-06 13:42 - 2013-11-14 02:29 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\TS3Client
2014-08-06 11:19 - 2013-12-27 20:51 - 00000000 ____D () C:\Program Files (x86)\MarkAny
2014-08-06 01:03 - 2014-07-25 14:43 - 00000000 ___RD () C:\Users\Mark-Peter\Dropbox
2014-08-06 00:52 - 2013-11-14 19:21 - 00000000 ____D () C:\Users\Mark-Peter\Documents\samsung
2014-08-06 00:51 - 2013-11-14 14:57 - 00000000 ____D () C:\ProgramData\Samsung
2014-08-06 00:50 - 2013-11-14 19:21 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Samsung
2014-08-06 00:50 - 2013-11-14 19:21 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Local\Samsung
2014-08-06 00:50 - 2013-11-14 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-08-06 00:50 - 2013-11-14 14:57 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-08-06 00:50 - 2013-11-12 22:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-06 00:49 - 2014-08-06 00:49 - 00001933 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-08-06 00:49 - 2014-08-06 00:49 - 00000000 ____D () C:\Users\Mark-Peter\Documents\SelfMV
2014-08-06 00:41 - 2014-07-25 14:42 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Dropbox
2014-08-05 11:57 - 2013-11-11 21:16 - 00000600 _____ () C:\Users\Mark-Peter\AppData\Roaming\winscp.rnd
2014-08-04 14:28 - 2013-11-12 22:34 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\FileZilla
2014-08-04 10:06 - 2013-11-14 15:23 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Local\Deployment
2014-08-03 19:50 - 2014-08-03 19:50 - 06004615 _____ (Tim Kosse) C:\Users\Mark-Peter\Downloads\FileZilla_3.9.0.2_win32-setup.exe
2014-08-03 19:50 - 2014-08-03 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-03 19:50 - 2014-08-03 19:50 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-03 17:20 - 2013-11-14 18:25 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Local\HP
2014-08-03 16:11 - 2013-11-14 18:26 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\HpUpdate
2014-08-03 16:09 - 2014-08-03 16:09 - 00000000 ____D () C:\Program Files\Bonjour
2014-08-03 16:09 - 2014-08-03 16:09 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-08-03 16:08 - 2014-08-03 16:08 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-08-03 16:08 - 2014-08-03 16:08 - 00000000 ____D () C:\HP_ePrint
2014-08-03 16:08 - 2013-11-14 18:26 - 00000000 ____D () C:\ProgramData\HP
2014-08-03 16:08 - 2013-11-14 18:26 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-03 16:00 - 2013-11-23 14:18 - 00000000 ____D () C:\Quarantine
2014-08-02 12:22 - 2014-08-02 12:18 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Feedreader
2014-08-02 12:18 - 2014-08-02 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeedReader
2014-08-02 12:18 - 2014-08-02 12:18 - 00000000 ____D () C:\Program Files (x86)\FeedReader30
2014-08-02 11:42 - 2013-11-14 15:31 - 00000000 ____D () C:\Users\Mark-Peter\Documents\LiveZilla
2014-07-30 11:21 - 2014-06-18 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 16:11 - 2014-07-17 22:59 - 00000000 ____D () C:\Users\Mark-Peter\Desktop\Neuer Ordner
2014-07-29 10:35 - 2014-07-29 10:35 - 05981830 _____ (Tim Kosse) C:\Users\Mark-Peter\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-26 01:00 - 2013-11-16 02:11 - 00000412 _____ () C:\Windows\Tasks\Wise Turbo Checker.job
2014-07-25 14:42 - 2014-07-25 14:42 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-25 00:23 - 2013-11-14 01:41 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-07-23 16:27 - 2013-11-17 21:04 - 00000000 ____D () C:\Users\Mark-Peter\AppData\Roaming\DigiJay
2014-07-23 00:55 - 2014-07-23 00:55 - 00000088 _____ () C:\Users\Mark-Peter\Desktop\listen.pls
2014-07-21 14:24 - 2013-11-12 22:34 - 00000955 _____ () C:\Users\Public\Desktop\DigiJay.lnk
2014-07-21 14:24 - 2013-11-12 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigiJay
2014-07-21 14:24 - 2013-11-12 22:34 - 00000000 ____D () C:\Program Files (x86)\DigiJay
2014-07-21 11:47 - 2014-07-21 11:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-21 11:47 - 2014-07-21 11:47 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-21 11:47 - 2014-07-21 11:47 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-21 11:47 - 2014-07-21 11:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-21 11:47 - 2014-07-21 11:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 21:29 - 2014-07-18 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-18 21:29 - 2013-11-14 20:01 - 00000831 _____ () C:\Users\Public\Desktop\VLC media player.lnk
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-07 08:37
==================== End Of Log ============================
--- --- ---
Über eine baldige Antwort würde ich mich freuen.