| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Maillaccount gehackt /verschiedene Funde mit MalewarebytesWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.03.2014, 12:09
| #91 |
| /// the machine /// TB-Ausbilder    |  Maillaccount gehackt /verschiedene Funde mit Malewarebytes Sehr strange. Seit wann ist das so? Gibt es mehrere Benutzerkonten auf dem Rechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.03.2014, 22:19
| #92 |
 | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Hallo Schrauber ,
__________________das ist so seit ich den revo-uninstaller benutzt habe. es gibt nur ein benutzerkonto. Lg Lotto  Hallo Schrauber, ich habe eine Systemwiederherstellung gemacht. Ist alles wieder da.  LG Lotto  |
|
21.03.2014, 12:11
| #93 |
| /// the machine /// TB-Ausbilder | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Dann poste bitte mal ein frisches FRST log und teile mir mit welche Probleme noch bestehen.
__________________
__________________ |
|
21.03.2014, 21:38
| #94 |
| | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Hallo Schrauber, erst mal Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Antje at 2014-03-21 21:30:32
Running from C:\Users\Antje\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4500_G510nz_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden
ABBYY FineReader 11 (HKLM\...\{F1100000-0008-0000-0001-074957833700}) (Version: 11.0.289 - ABBYY)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adblock IE 2.2 (HKLM\...\{56D01524-CD68-4576-B1AE-D572E8EAFF3D}) (Version: 2.2.1524 - MGTEK)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AOL Deinstallation (HKLM\...\AOL Deinstallation) (Version: - )
AP Tuner 3.08 (HKLM\...\AP Tuner 3.08) (Version: - )
Apple Application Support (HKLM\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock eXtreme Tuner v0.1.53 (HKLM\...\ASRock eXtreme Tuner_is1) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
BestPractice (remove only) (HKLM\...\BestPractice) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CameraHelperMsi (Version: 13.31.1038.0 - Logitech) Hidden
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CK Gruß- und Einladungskarten Designer (HKLM\...\{579C4753-8A98-403C-8A04-C576BA8CE26A}) (Version: 1.80.0000 - CK Software)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Firebird SQL Server - MAGIX Edition (HKLM\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heyer's Karten-Studio 2 (HKLM\...\{185C9D5C-DF96-49D2-9059-188F0DAC4921}) (Version: 2.10.0000 - Bernd & Petra Heyer GbR, Köln)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Iminent (Version: 4.10.0.0 - Iminent) Hidden <==== ATTENTION
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Internet Explorer (Version: 9 - Microsoft Corporation) Hidden
iTuner (HKLM\...\{C49CBF9A-4AD7-4045-92BD-2C6E45680070}) (Version: 1.0.3 - iAppsPoint)
iTunes (HKLM\...\{616445AF-BBCF-41C1-A4D6-8CFF171C182D}) (Version: 11.1.4.62 - Apple Inc.)
Logitech Webcam-Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS Facebook (Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (Version: 13.31.1038.0 - Logitech) Hidden
MAGIX Screenshare (HKLM\...\{BB565180-FA52-40DA-A65E-651537008C34}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{B0975D89-8D51-445C-BB71-95826A96780C}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 17 Premium Download-Version (HKLM\...\MAGIX_MSI_Videodeluxe17_premium) (Version: 10.0.1.14 - MAGIX AG)
MAGIX Video deluxe 17 Premium Download-Version (Version: 10.0.1.14 - MAGIX AG) Hidden
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6010.0727 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MP3 Rocket (HKLM\...\MP3 Rocket) (Version: 6.4.5 - MP3 Rocket Inc)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero Burning ROM (Version: 12.5.5001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero BurningROM 12 (HKLM\...\{3DAFE920-1B88-4C66-A39B-D743F28AF10D}) (Version: 12.5.01300 - Nero AG)
Nero ControlCenter (Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.12000 - Nero AG) Hidden
Nero Core Components (Version: 11.0.21800 - Nero AG) Hidden
Nero SharedVideoCodecs (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.00.0000 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (Version: 1.00.0000 - NETGEAR) Hidden
Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Norton Internet Security (Version: 18.1.0.37 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 267.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.42 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM\...\NVIDIAStereo) (Version: 7.17.12.6742 - NVIDIA Corporation)
NVIDIA Systemsteuerung 267.42 (Version: 267.42 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Platform (Version: 1.36 - VIA Technologies, Inc.) Hidden
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0165 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Samplitude Music Studio 17 Content Pack (HKLM\...\{B6FE6F0D-688B-458B-9E12-0F55E4009561}) (Version: 1.0.0.0 - MAGIX AG)
Samplitude Music Studio 17 Download-Version (Version: 17.0.0.0 - MAGIX AG) Hidden
Samplitude Music Studio 17 Vita Pack 1 (HKLM\...\{EE3264C1-2501-4D58-9B57-4D3F2F502599}) (Version: 1.0.0.0 - MAGIX AG)
Samplitude Music Studio 17 Vita Pack 2 (HKLM\...\{63D7FB4F-01A1-4A8B-9180-FF2FEF369AC8}) (Version: 1.0.0.0 - MAGIX AG)
Samplitude Music Studio 17 Vita Pack 3 (HKLM\...\{33F9A189-4F02-4784-8A57-F3983F9F9217}) (Version: 1.0.0.0 - MAGIX AG)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.2.11071_128 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.0.2.11071_128 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.2.2 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 5.5 (HKLM\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.5.124 - Skype Technologies S.A.)
Smart OCR 3.2.1.417 (HKLM\...\Smart OCR_is1) (Version: 3.2.1.417 - SmartSoft, LLC.)
SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sound Blaster X-Fi MB (HKLM\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited)
Sound Effects (HKLM\...\{A044C900-5DE1-4986-B0B8-D6A40271A929}) (Version: 2.0 - Music Oasis)
Splashtop Connect IE (HKLM\...\{F9F5EF72-18CF-4DCF-A721-EC86B94DAC46}) (Version: 1.1.12.1 - Splashtop Inc.)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SumatraPDF (HKLM\...\SumatraPDF) (Version: 2.2.1 - Krzysztof Kowalczyk)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
VIA Plattform-Geräte-Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.0.2014.0 - BillP Studios)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XFastUsb (HKLM\...\XFastUsb) (Version: - )
==================== Restore Points =========================
01-03-2014 10:23:54 Installed Adblock IE 3.0
04-03-2014 09:13:49 Windows Update
06-03-2014 15:20:01 Removed Zoosk Messenger
07-03-2014 12:09:12 Windows Update
11-03-2014 06:45:23 Windows Update
14-03-2014 08:32:55 Windows Update
14-03-2014 10:18:55 Windows Update
18-03-2014 08:42:25 Windows Update
18-03-2014 13:46:45 Windows Update
20-03-2014 20:42:36 Wiederherstellungsvorgang
20-03-2014 20:52:21 Windows Update
20-03-2014 21:20:17 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:04 - 2013-08-19 14:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {52868A61-6D7B-4124-B8B9-513939B660F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-21] (Adobe Systems Incorporated)
Task: {8C20516A-0854-4055-9DDA-07F5D365959F} - System32\Tasks\{A56D0839-9B1E-4606-AE99-6CAD37FD905C} => C:\Program Files\Lexmark X1100 Series\LXBKaiox.exe
Task: {94904DBE-DBE1-4386-9DE3-1C4E1D91C064} - System32\Tasks\{9DA0F427-D915-4923-B20B-1FA49027F5E0} => C:\Program Files\Lexmark X1100 Series\LXBKaiox.exe
Task: {C3FBC991-3D6D-44E0-A406-6BDDC4AC416C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-10-17 08:48 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-12-23 22:28 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
2011-12-23 22:11 - 2011-02-22 07:02 - 00080496 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2011-12-23 22:11 - 2011-02-22 07:02 - 00113264 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2011-12-23 22:11 - 2011-02-22 07:02 - 00623216 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
2014-03-21 20:50 - 2014-03-21 20:50 - 00697884 _____ () C:\Users\Antje\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0096\~df394b.tmp
2014-03-21 20:50 - 2014-03-21 20:50 - 00592896 _____ () C:\Users\Antje\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0096\~de6248.tmp
2011-12-23 22:18 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SYSTEM32\CmdRtr.DLL
2011-12-23 22:18 - 2009-04-20 11:55 - 00148480 _____ () C:\Windows\SYSTEM32\APOMngr.DLL
2011-07-26 20:23 - 2011-07-26 20:23 - 00020880 _____ () C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
2014-02-01 10:48 - 2014-02-01 10:48 - 00115137 _____ () C:\Users\Antje\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
2013-06-27 16:47 - 2013-12-24 23:14 - 00642016 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
2007-09-14 09:26 - 2007-09-14 09:26 - 01695744 _____ () C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
2014-02-28 22:16 - 2014-02-28 22:18 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2004-01-09 21:02 - 2004-01-09 21:02 - 00045056 _____ () C:\Program Files\AOL 9.0 VRa\zlib.dll
2002-04-22 22:08 - 2002-04-22 22:08 - 00053248 _____ () C:\Program Files\AOL 9.0 VRa\xmlparse.dll
2002-04-22 22:08 - 2002-04-22 22:08 - 00081920 _____ () C:\Program Files\AOL 9.0 VRa\xmltok.dll
2014-03-21 10:20 - 2014-03-21 10:20 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Antje^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Antje^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesHelper => C:\Program Files\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LWS => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SkyDrive => "C:\Users\Antje\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: TrayServer => C:\PROGRA~1\MAGIX\VIDEO_~2\TrayServer.exe
==================== Faulty Device Manager Devices =============
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 4500 G510n-z
Description: Officejet 4500 G510n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/21/2014 09:59:10 AM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (03/20/2014 09:47:45 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (03/20/2014 09:06:39 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.
Error: (03/20/2014 09:57:50 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.
Error: (03/19/2014 09:04:04 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.
Error: (03/19/2014 03:41:20 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.
Error: (03/19/2014 03:33:02 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.
Error: (03/19/2014 09:44:03 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.
Error: (03/19/2014 09:35:49 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.
Error: (03/19/2014 08:59:33 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.
System errors:
=============
Error: (03/21/2014 08:52:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Error: (03/21/2014 08:51:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%2
Microsoft Office Sessions:
=========================
Error: (02/03/2013 04:56:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 524 seconds with 480 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 3054.7 MB
Available physical RAM: 1861.82 MB
Total Pagefile: 6105.64 MB
Available Pagefile: 4721.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1887.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:847.01 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A27B1D46)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by Antje (administrator) on ANTJE-PC on 21-03-2014 21:30:07
Running from C:\Users\Antje\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(AOL LLC) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Realtek) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(FNet Co., Ltd.) C:\Program Files\XFastUsb\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
(Creative Technology Ltd) C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(America Online, Inc.) C:\Program Files\Common Files\aol\1324678810\ee\aolsoftware.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Macrovision Europe Ltd.) C:\Users\Antje\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
() C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Creative Labs) C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AOL, LLC.) C:\Program Files\AOL 9.0 VRa\waol.exe
(AOL, LLC.) C:\Program Files\AOL 9.0 VRa\shellmon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2145904 2011-02-22] (VIA)
HKLM\...\Run: [XFastUsb] - C:\Program Files\XFastUsb\XFastUsb.exe [4942336 2011-12-23] (FNet Co., Ltd.)
HKLM\...\Run: [CTSyncService] - C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [1233195 2009-07-08] (Creative Technology Ltd)
HKLM\...\Run: [VolPanel] - C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [14848 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [HostManager] - C:\Program Files\Common Files\AOL\1324678810\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [STCAgent] - "C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe"
HKLM\...\Run: [ZyngaGamesAgent] - "C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1184766340-1357020511-1184547663-1000\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-07-26] ()
HKU\S-1-5-21-1184766340-1357020511-1184547663-1000\...\Run: [FileHippo.com] - C:\Program Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-1184766340-1357020511-1184547663-1000\...\Run: [AOL Fast Start] - C:\Program Files\AOL 9.0 VRa\AOL.EXE [50480 2007-06-21] (AOL, LLC.)
HKU\S-1-5-21-1184766340-1357020511-1184547663-1000\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [429120 2014-01-24] (BillP Studios)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE6CAF486BEC1CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://de.search.yahoo.com/?fr=w3i&type=W3i_SP,204,0_0,StartPage,20120101,16988,0,8,0
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
SearchScopes: HKCU - {5D422421-30DD-42B3-826E-9224F52BFC47} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {6D0FF7A0-C6C5-4a24-8F09-C074ED2B20A0} URL = hxxp://de.search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20120101,16987,0,8,0
SearchScopes: HKCU - {6DA59B2F-C380-26BF-75EF-54850C7D29F4} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {7D09D9D4-CEDB-47B3-8779-584CFD2BABB0} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKCU - {9DDD17F4-2BF7-4662-B5A0-92270A4C54F7} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag= interactivemesuche21&index=blended&linkCode=ur2&camp=1638&creative=6742
SearchScopes: HKCU - {B442213A-49FA-404C-8A15-326E8709045B} URL = hxxp://suche.t-online.de/fastcgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&d ia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wikitab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKCU - {BC51C75D-1339-43dd-921D-49F5D0A2F625} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A6976579318&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A6976579318&q={searchTerms}
SearchScopes: HKCU - {CA25764C-9109-4C88-9615-DCF100F14585} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKCU - {E8B82BA8-923F-4120-B179-4144137AB04D} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adblock IE - {667BEE43-20BD-4CE3-94AC-E63E04D4B191} - C:\Program Files\MGTEK\Adblock IE\adblockie.dll (MGTEK)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Antje\AppData\Roaming\Mozilla\Firefox\Profiles\x7i3xx6c.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Quick Start - C:\Users\Antje\AppData\Roaming\Mozilla\Firefox\Profiles\x7i3xx6c.default\Extensions\quick_start@gmail.com [2014-03-21]
FF Extension: WOT - C:\Users\Antje\AppData\Roaming\Mozilla\Firefox\Profiles\x7i3xx6c.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: NoScript - C:\Users\Antje\AppData\Roaming\Mozilla\Firefox\Profiles\x7i3xx6c.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-06-30]
FF Extension: Adblock Plus - C:\Users\Antje\AppData\Roaming\Mozilla\Firefox\Profiles\x7i3xx6c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-30]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-03]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-03]
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-08-18] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-12-23] (Creative Labs)
S2 Dnscache; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 Realtek11nSU; C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2011-12-23] (Creative Labs)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
R2 Update-Service; C:\Windows\System32\UpdSvc.dll [114000 2011-12-24] (Joosoft.com GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-02-17] (VIA Technologies, Inc.)
S2 SmartViewService; C:\Program Files\DeviceVM\SmartView\SmartViewService.exe [X]
==================== Drivers (Whitelisted) ====================
R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [13832 2010-06-11] (Windows (R) Win 7 DDK provider)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-14] (Avira Operations GmbH & Co. KG)
R3 CompFilter; C:\Windows\System32\DRIVERS\lvbusflt.sys [22176 2012-01-18] (Logitech Inc.)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [29248 2012-04-19] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [14656 2011-12-23] (FNet Co., Ltd.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [67456 2011-04-13] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [161024 2011-04-13] (Renesas Electronics Corporation)
R3 RTL8187B; C:\Windows\System32\DRIVERS\wg111v3.sys [376832 2009-11-18] (NETGEAR Inc. )
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1801328 2011-02-17] (VIA Technologies, Inc.)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
S3 catchme; \??\C:\Users\Antje\AppData\Local\Temp\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-21 21:30 - 2014-03-21 21:30 - 00017008 _____ () C:\Users\Antje\Downloads\FRST.txt
2014-03-21 21:29 - 2014-03-21 21:30 - 00000000 ____D () C:\FRST
2014-03-21 21:29 - 2014-03-21 21:29 - 01145856 _____ (Farbar) C:\Users\Antje\Downloads\FRST.exe
2014-03-20 21:55 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-20 21:55 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-20 21:55 - 2014-03-01 05:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-20 21:55 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-20 21:55 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-20 21:55 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-20 21:55 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-20 21:55 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-20 21:55 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-20 21:55 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-20 21:55 - 2014-03-01 04:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-20 21:55 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-20 21:55 - 2014-03-01 04:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-20 21:55 - 2014-03-01 04:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-20 21:55 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-20 21:55 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-20 21:55 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-20 21:55 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-20 21:55 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-20 21:55 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-20 21:55 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-20 21:55 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-20 21:55 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-20 21:53 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-20 21:52 - 2014-02-07 02:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-20 21:52 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 16:38 - 2014-03-19 15:38 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-08 11:09 - 2014-03-20 21:47 - 00000000 ____D () C:\ProgramData\WPM
2014-03-08 11:09 - 2014-03-20 21:47 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-08 11:09 - 2014-03-20 21:46 - 00000000 ____D () C:\Program Files\SupTab
2014-03-08 11:09 - 2014-03-08 11:09 - 00000608 _____ () C:\Users\Antje\AppData\Roaming\aps.scan.quick.results
2014-03-08 11:09 - 2014-03-08 11:08 - 01122960 _____ (AnyProtect.com) C:\Users\Antje\AppData\Local\nsa84B1.tmp
2014-03-08 11:08 - 2014-03-20 21:46 - 00000000 ____D () C:\Users\Antje\AppData\Local\newplayer
2014-03-08 11:08 - 2014-03-20 21:46 - 00000000 ____D () C:\Program Files\NewPlayer
2014-03-08 11:08 - 2014-03-20 21:46 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-03-08 11:08 - 2014-03-20 21:46 - 00000000 ____D () C:\Program Files\AnyProtectEx
2014-03-08 11:08 - 2014-03-08 11:08 - 00000000 ____D () C:\Users\Antje\Documents\Optimizer Pro
2014-03-08 11:07 - 2014-03-08 11:14 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\awesomehp
2014-03-08 11:06 - 2014-03-08 11:06 - 00000000 ____D () C:\Users\Antje\AppData\Local\SearchProtect
2014-03-08 11:06 - 2014-03-08 11:06 - 00000000 _____ () C:\END
2014-03-03 22:09 - 2014-03-03 22:09 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2014-02-28 22:16 - 2014-03-20 21:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-28 22:16 - 2014-02-28 22:16 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
==================== One Month Modified Files and Folders =======
2014-03-21 21:30 - 2014-03-21 21:30 - 00017008 _____ () C:\Users\Antje\Downloads\FRST.txt
2014-03-21 21:30 - 2014-03-21 21:29 - 00000000 ____D () C:\FRST
2014-03-21 21:29 - 2014-03-21 21:29 - 01145856 _____ (Farbar) C:\Users\Antje\Downloads\FRST.exe
2014-03-21 21:20 - 2012-04-03 06:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-21 20:58 - 2011-12-23 21:41 - 01969841 _____ () C:\Windows\WindowsUpdate.log
2014-03-21 20:55 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-21 20:55 - 2009-07-14 05:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-21 20:50 - 2013-06-25 14:14 - 00032032 _____ () C:\Windows\setupact.log
2014-03-21 20:50 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-21 10:20 - 2013-12-11 18:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-21 10:20 - 2011-12-23 23:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-21 09:59 - 2009-07-14 05:33 - 00487816 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-20 22:22 - 2013-08-15 10:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 22:20 - 2009-10-14 03:21 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-20 21:47 - 2014-03-08 11:09 - 00000000 ____D () C:\ProgramData\WPM
2014-03-20 21:47 - 2014-03-08 11:09 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-20 21:47 - 2012-02-21 10:04 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BestPractice
2014-03-20 21:47 - 2011-12-23 21:50 - 00000000 ____D () C:\Users\Antje
2014-03-20 21:47 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-03-20 21:46 - 2014-03-08 11:09 - 00000000 ____D () C:\Program Files\SupTab
2014-03-20 21:46 - 2014-03-08 11:08 - 00000000 ____D () C:\Users\Antje\AppData\Local\newplayer
2014-03-20 21:46 - 2014-03-08 11:08 - 00000000 ____D () C:\Program Files\NewPlayer
2014-03-20 21:46 - 2014-03-08 11:08 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-03-20 21:46 - 2014-03-08 11:08 - 00000000 ____D () C:\Program Files\AnyProtectEx
2014-03-20 21:46 - 2014-02-28 22:16 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-20 21:46 - 2014-01-28 17:50 - 00000000 ____D () C:\Program Files\ESET
2014-03-20 21:46 - 2013-06-27 15:55 - 00000000 ____D () C:\Program Files\SpywareBlaster
2014-03-20 21:46 - 2012-09-16 16:28 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CK Gruß- und Einladungskarten Designer
2014-03-20 21:46 - 2012-05-31 07:41 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-20 21:46 - 2012-02-13 16:44 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iTuner
2014-03-20 21:46 - 2012-02-06 11:40 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\vlc
2014-03-20 21:46 - 2012-01-15 12:25 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Reader
2014-03-20 21:46 - 2011-12-25 19:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-20 21:46 - 2011-12-23 21:50 - 00000000 ___RD () C:\Users\Antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-20 21:46 - 2011-12-23 21:50 - 00000000 ___RD () C:\Users\Antje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-20 21:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-03-20 21:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-03-20 21:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-03-20 21:45 - 2013-06-27 16:26 - 00000000 ____D () C:\Users\Antje\AppData\Local\Mozilla
2014-03-20 21:45 - 2011-12-23 22:15 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\Adobe
2014-03-19 15:38 - 2014-03-13 16:38 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-08 11:14 - 2014-03-08 11:07 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\awesomehp
2014-03-08 11:09 - 2014-03-08 11:09 - 00000608 _____ () C:\Users\Antje\AppData\Roaming\aps.scan.quick.results
2014-03-08 11:08 - 2014-03-08 11:09 - 01122960 _____ (AnyProtect.com) C:\Users\Antje\AppData\Local\nsa84B1.tmp
2014-03-08 11:08 - 2014-03-08 11:08 - 00000000 ____D () C:\Users\Antje\Documents\Optimizer Pro
2014-03-08 11:06 - 2014-03-08 11:06 - 00000000 ____D () C:\Users\Antje\AppData\Local\SearchProtect
2014-03-08 11:06 - 2014-03-08 11:06 - 00000000 _____ () C:\END
2014-03-06 16:33 - 2011-12-29 15:18 - 00000000 ____D () C:\Users\Antje\AppData\Local\CrashDumps
2014-03-03 22:09 - 2014-03-03 22:09 - 00000000 ____D () C:\Users\Antje\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2014-03-01 08:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-01 08:32 - 2011-12-23 22:19 - 00655930 _____ () C:\Windows\PFRO.log
2014-03-01 05:30 - 2014-03-20 21:55 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:11 - 2014-03-20 21:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 05:10 - 2014-03-20 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 04:52 - 2014-03-20 21:55 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-20 21:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-20 21:55 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 04:43 - 2014-03-20 21:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 04:43 - 2014-03-20 21:55 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 04:40 - 2014-03-20 21:55 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 04:38 - 2014-03-20 21:55 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 04:38 - 2014-03-20 21:55 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 04:37 - 2014-03-20 21:55 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 04:31 - 2014-03-20 21:55 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:25 - 2014-03-20 21:55 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:16 - 2014-03-20 21:55 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:14 - 2014-03-20 21:55 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:03 - 2014-03-20 21:55 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:00 - 2014-03-20 21:55 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 03:57 - 2014-03-20 21:55 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 03:32 - 2014-03-20 21:55 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 03:27 - 2014-03-20 21:55 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:25 - 2014-03-20 21:55 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:16 - 2014-02-28 22:16 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-28 21:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-28 11:13 - 2011-12-23 21:55 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 11:16 - 2013-09-11 08:25 - 00000000 ____D () C:\Users\Antje\Desktop\Dienstp
Some content of TEMP:
====================
C:\Users\Antje\AppData\Local\temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-11 08:15
==================== End Of Log ============================
Habe ich bischen verwechselt.(FRST UNd Addition) PROBLEME: jetzt ist der PC sehr langsam . baut Seiten zu langsam auf....das dauert und dauert mehr hab ich erst mal nicht festgesellt. Dankeeeeeeeeeeeeeeeee  Lg Lotto |
|
22.03.2014, 19:02
| #95 |
| /// the machine /// TB-Ausbilder | Maillaccount gehackt /verschiedene Funde mit Malewarebytes In alen Browsern?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.03.2014, 20:58
| #96 |
| | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Hallo Schrauber, ja allgemein überall. Auch bei öffnen von Programmen wo man kein Internet braucht. Office Word oder Videoprogramm oder das Musikstudio dauert ewig bis es aufgebaut ist. LG Lotto |
|
22.03.2014, 23:01
| #97 |
| | Maillaccount gehackt /verschiedene Funde mit Malewarebytes die beiden hoffentlich groß genug Anhänge treten auch noch auf bei browser mozilla |
|
23.03.2014, 11:28
| #98 |
| /// the machine /// TB-Ausbilder | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Leg bitte mal ein neues Benutzerkonto an mit ADminrechten, boote in dieses und teste.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.03.2014, 09:41
| #99 |
| | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Hallo Schrauber,  so was kann ich nicht. Wie geht das?LG Lotto |
|
24.03.2014, 17:00
| #100 |
| /// the machine /// TB-Ausbilder | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Systemsteuerung > Benutzerkonten > Andere Konten verwalten > Neues Konto anlegen Namen eingeben, Adminkonto anklicken. 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.03.2014, 21:35
| #101 |
| | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Hallo Schrauber, und das mit dem booten ? meinst du damit das ich dann mit dem neuen Nutzerkonto arbeiten soll??Ist das dieses booten  Lg Lotto.....ich bin aber noch lernfähig  |
|
25.03.2014, 12:42
| #102 |
| /// the machine /// TB-Ausbilder | Maillaccount gehackt /verschiedene Funde mit Malewarebytes genau, Rechner starten, am neuen Konto anmelden, in diesem arbeiten und testen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.03.2014, 21:32
| #103 |
| | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Hallo Schrauber, habe alles so gemacht.... Das gleiche Ergebnis siehe Bild Lg lotto  |
|
26.03.2014, 12:13
| #104 |
| /// the machine /// TB-Ausbilder | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Das ist aber in Chrome, nit in Firefox oder?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.03.2014, 22:06
| #105 |
| | Maillaccount gehackt /verschiedene Funde mit Malewarebytes Nee das ist Firefox steht auch drinne im kasten oben links. Denn den Chrom habe ich eigentlich nie. Lg Lotto |
|
| Themen zu Maillaccount gehackt /verschiedene Funde mit Malewarebytes |
| administrator, adware.fakeinstaller, adware.installcore, anti-malware, besser, dateien, folge, hallo zusammen, install.exe, maleware, pup.offerbundler.st, pup.software.updater, quarantäne, swvupdater, test, uninstall.exe, updater.exe, version, windows.old |
Linear-Darstellung
