| |
| |||||||
Mülltonne: Fenster minimieren sich automatisch(verdacht auf virus)Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
06.08.2013, 16:14
| #1 |
 |  Fenster minimieren sich automatisch(verdacht auf virus) Programme minimieren sich von selber. Meistens wenn ich Spiele spiele die im Vollbildmodus gespielt werden schließt sich das Fenster von alleine mit einem klick auf das symbol für das Spiel öffnet es sich wieder ganz normal Avira ist durchgelaufen und hatte einen fund dieser wurde entfernt und trotzdem bleibt das ProblemOTL Logfile: Code:
ATTFilter OTL logfile created on: 06.08.2013 16:34:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tim\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 71,36% Memory free 6,49 Gb Paging File | 4,75 Gb Available in Paging File | 73,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 53,61 Gb Total Space | 10,02 Gb Free Space | 18,68% Space Free | Partition Type: NTFS Drive D: | 390,62 Gb Total Space | 280,61 Gb Free Space | 71,84% Space Free | Partition Type: NTFS Drive E: | 487,17 Gb Total Space | 482,91 Gb Free Space | 99,12% Space Free | Partition Type: NTFS Drive G: | 100,00 Mb Total Space | 71,51 Mb Free Space | 71,51% Space Free | Partition Type: NTFS Computer Name: TIM-PC | User Name: tim | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.08.06 16:33:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tim\Downloads\OTL.exe PRC - [2013.07.25 02:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe PRC - [2013.06.27 13:40:35 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.06.27 13:40:19 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.06.27 13:39:54 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.06.27 13:39:54 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.06.01 09:30:10 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013.01.26 07:08:50 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\tim\AppData\Local\Akamai\netsession_win.exe PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2012.07.17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2012.07.17 14:49:00 | 000,194,304 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2011.08.04 17:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE PRC - [2011.08.04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE PRC - [2011.03.14 19:09:00 | 002,565,520 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011.02.07 09:56:11 | 000,138,192 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe PRC - [2011.01.16 17:04:04 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011.01.16 16:13:52 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2010.11.20 14:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe PRC - [2010.11.20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe PRC - [2010.05.24 11:10:34 | 001,683,360 | R--- | M] (VIA) -- C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe PRC - [2010.03.05 10:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2010.03.05 10:15:04 | 000,411,864 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe PRC - [2010.02.03 16:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe PRC - [2010.01.22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2003.04.17 08:54:16 | 000,012,288 | ---- | M] () -- D:\Programme\Winamp\winampa.exe ========== Modules (No Company Name) ========== MOD - [2013.07.25 02:49:46 | 000,396,240 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll MOD - [2013.07.25 02:49:44 | 004,052,944 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\pdf.dll MOD - [2013.07.25 02:48:54 | 000,601,552 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\libglesv2.dll MOD - [2013.07.25 02:48:53 | 000,123,344 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\libegl.dll MOD - [2013.07.25 02:48:51 | 001,597,392 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll MOD - [2010.05.24 11:10:38 | 000,098,720 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll MOD - [2010.05.24 11:10:32 | 064,661,408 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\skin.dll MOD - [2010.05.24 11:10:30 | 000,078,240 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll MOD - [2010.05.24 11:10:28 | 000,111,008 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll MOD - [2009.09.30 05:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\System32\AsIO.dll MOD - [2009.07.31 21:39:08 | 000,503,202 | ---- | M] () -- C:\Programme\DeviceVM\Browser Configuration Utility\sqlite3.dll MOD - [2009.03.25 16:53:14 | 000,053,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AsSpindownTimeout.dll MOD - [2009.03.19 22:35:52 | 000,208,896 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AiNap.dll MOD - [2009.03.19 22:35:50 | 000,008,704 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\vvc.dll MOD - [2009.01.15 14:55:10 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\pngio.dll MOD - [2003.04.17 08:54:16 | 000,012,288 | ---- | M] () -- D:\Programme\Winamp\winampa.exe ========== Services (SafeList) ========== SRV - [2013.06.27 13:40:35 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.06.27 13:39:54 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013.05.27 00:28:25 | 004,467,488 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.07.17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2011.02.07 09:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2011.01.16 16:13:52 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.03.05 10:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Programme\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2007.03.28 19:42:42 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1) DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\system32\XDva403.sys -- (XDva403) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva402.sys -- (XDva402) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva401.sys -- (XDva401) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\vtany.sys -- (vtany) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - [2013.06.13 14:41:27 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf003.sys -- (apf003) DRV - [2013.04.20 15:38:44 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013.04.20 15:38:44 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.04.20 15:38:44 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.04.20 15:38:44 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2013.02.18 09:22:18 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2011.05.13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011.05.13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011.05.13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011.05.13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2011.05.13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.05.15 13:11:42 | 001,150,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2010.01.22 12:21:48 | 000,139,648 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2010.01.22 12:21:46 | 000,059,904 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009.08.24 00:55:32 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2009.08.04 04:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2009.07.16 05:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fde.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA 43 1C E0 BB 3D CE 01 [binary data] IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Programme\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=5CB7BCAEC5DEDEBC IE - HKCU\..\SearchScopes\{7C6607F5-8B33-4aaa-A490-5DF91FFE8B58}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} IE - HKCU\..\SearchScopes\{D55190B2-D813-4b69-B994-68835272AACF}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.3.3.15 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.11 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013.07.17 14:27:30 | 000,000,000 | ---D | M] [2013.04.20 14:22:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\Extensions [2013.08.03 22:21:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\Firefox\Profiles\dps4hh4h.default\extensions [2013.07.31 11:14:55 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.08.03 22:21:40 | 000,275,449 | ---- | M] () (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013.05.31 12:39:43 | 000,006,473 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\babylon.xml [2013.05.31 12:39:43 | 000,006,473 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\BrowserProtect.xml [2013.04.21 19:05:04 | 000,001,294 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\delta.xml [2013.07.17 14:27:30 | 000,000,000 | ---D | M] ("DVDVideoSoft YouTube MP3 and Video Download") -- C:\PROGRAM FILES\COMMON FILES\DVDVIDEOSOFT\PLUGINS\FF [2013.04.21 19:04:58 | 000,006,470 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: DealPlyLive Update (Enabled) = C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll CHR - Extension: Google Docs = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [WinampAgent] D:\Programme\Winamp\Winampa.exe () O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\tim\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F84B3D99-2ABE-49C4-B79D-E08C1ADA95D3}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.08.05 22:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.08.05 22:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013.08.05 15:46:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.07.31 21:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games [2013.07.30 21:08:53 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX_MusicEditor [2013.07.30 21:08:50 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Xara [2013.07.30 21:08:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX [2013.07.30 21:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [2013.07.30 21:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX [2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\Video deluxe 2013 [2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX Downloads [2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX [2013.07.30 20:54:28 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\MAGIX [2013.07.30 20:49:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared [2013.07.30 20:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2013.07.30 20:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services [2013.07.30 20:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2013.07.30 20:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2013.07.30 12:03:48 | 000,000,000 | ---D | C] -- C:\Users\tim\Desktop\tante anna [2013.07.29 17:33:04 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\OpenOffice [2013.07.29 17:32:41 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0 [2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\redist [2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\readmes [2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\licenses [2013.07.25 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\My Cheat Tables [2013.07.25 19:15:11 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\DealPlyLive [2013.07.25 19:15:09 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Google [2013.07.25 19:15:09 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly [2013.07.24 18:11:17 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Dragons-Empire [2013.07.21 22:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL [2013.07.21 22:05:48 | 000,000,000 | ---D | C] -- C:\Stormblade [2013.07.19 19:10:25 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\PunkBuster [2013.07.19 18:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya [2013.07.19 18:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Solid State Networks [2013.07.18 08:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [2013.07.18 07:56:17 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Riot Games [2013.07.17 22:22:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT [2013.07.17 20:56:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Just Aion Launcher [2013.07.17 20:41:54 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Chromium [2013.07.17 15:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge [2013.07.17 15:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge [2013.07.17 14:41:14 | 000,000,000 | ---D | C] -- C:\Users\tim\Desktop\rap [2013.07.17 14:27:38 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\DVDVideoSoftIEHelpers [2013.07.17 14:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\OpenCandy [2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\DVDVideoSoft [2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2013.07.16 17:12:52 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\SWTORPerf [2013.07.16 17:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare [2013.07.16 15:32:52 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Ubisoft [2013.07.16 15:32:50 | 000,000,000 | -HSD | C] -- C:\Users\tim\wc [2013.07.16 15:32:49 | 000,000,000 | -HSD | C] -- C:\Users\tim\AppData\Roaming\wyUpdate AU [2013.07.14 20:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJ [2013.07.14 20:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM [2013.07.14 20:10:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX [2013.07.14 20:10:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2013.07.14 20:10:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2 [2013.07.14 20:10:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP [2013.07.14 20:09:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter [2013.07.14 20:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Benutzerregistrierung [2013.07.14 20:07:39 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Canon [2013.07.14 20:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series [2013.07.14 20:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON [2013.07.14 20:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt [2013.07.14 20:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2013.07.14 20:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual [2013.07.14 20:02:10 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2013.07.14 20:02:00 | 000,035,328 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPUI.DLL [2013.07.14 20:02:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING [2013.07.14 20:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2013.07.11 22:06:13 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.07.11 22:06:12 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.07.11 22:06:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.07.11 22:06:12 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.07.11 22:06:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.07.11 22:06:11 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.07.11 22:06:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.07.11 22:06:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.07.11 22:06:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.07.11 22:06:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.07.11 16:59:34 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013.07.11 16:59:33 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2013.07.11 16:59:31 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.07.11 16:59:30 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2013.07.09 17:45:43 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Paint.NET ========== Files - Modified Within 30 Days ========== [2013.08.06 16:21:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.08.06 16:20:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job [2013.08.06 16:15:00 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\Dealply.job [2013.08.06 16:05:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.08.06 15:49:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.08.06 13:20:36 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.08.06 13:20:36 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.08.06 13:15:34 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.08.06 13:15:21 | 2615,808,000 | -HS- | M] () -- C:\hiberfil.sys [2013.08.05 23:31:24 | 000,000,928 | ---- | M] () -- C:\Users\tim\Desktop\Royalsstar.lnk [2013.08.05 22:01:45 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.08.05 15:46:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.08.04 11:24:32 | 000,000,983 | ---- | M] () -- C:\Users\tim\Desktop\Akimura2.lnk [2013.08.02 17:15:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2013.07.31 21:22:47 | 000,000,790 | ---- | M] () -- C:\Users\tim\Desktop\CrossFire.lnk [2013.07.31 09:29:26 | 000,544,648 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.07.30 21:08:49 | 000,120,200 | ---- | M] () -- C:\Windows\System32\DLLDEV32i.dll [2013.07.30 21:08:46 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Premium.lnk [2013.07.30 20:07:23 | 000,000,551 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2013.07.30 19:50:21 | 000,004,509 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamStudio.cfg [2013.07.30 19:50:21 | 000,000,408 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamShapes.ini [2013.07.30 19:50:21 | 000,000,408 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamLayout.ini [2013.07.30 19:50:21 | 000,000,096 | ---- | M] () -- C:\Users\tim\AppData\Roaming\Camdata.ini [2013.07.30 13:33:40 | 000,696,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.07.30 13:33:40 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.07.30 13:33:40 | 000,147,916 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.07.30 13:33:40 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.07.30 11:08:37 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.07.30 11:08:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.07.29 18:02:04 | 000,016,727 | ---- | M] () -- C:\Users\tim\Desktop\Unbenannt 1.odt [2013.07.29 17:32:41 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk [2013.07.21 22:05:54 | 000,000,232 | ---- | M] () -- C:\Windows\ODBCINST.INI [2013.07.19 20:01:33 | 000,139,424 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2013.07.19 20:01:25 | 000,282,104 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2013.07.19 20:01:17 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2013.07.19 19:06:18 | 000,138,056 | ---- | M] () -- C:\Users\tim\AppData\Roaming\PnkBstrK.sys [2013.07.18 08:49:31 | 000,001,497 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2013.07.17 14:27:32 | 000,000,956 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk [2013.07.16 15:42:32 | 152,126,245 | ---- | M] () -- C:\Users\tim\openoffice1.cab [2013.07.16 15:40:58 | 002,269,184 | ---- | M] () -- C:\Users\tim\openoffice400.msi [2013.07.16 15:40:58 | 000,475,136 | ---- | M] () -- C:\Users\tim\setup.exe [2013.07.16 15:40:58 | 000,000,279 | ---- | M] () -- C:\Users\tim\setup.ini [2013.07.14 20:07:23 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2013.07.09 17:59:32 | 000,024,239 | ---- | M] () -- C:\Users\tim\Desktop\Diamond.jpg ========== Files Created - No Company Name ========== [2013.08.05 23:31:24 | 000,000,928 | ---- | C] () -- C:\Users\tim\Desktop\Royalsstar.lnk [2013.08.05 22:01:45 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.08.05 22:00:54 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.08.05 22:00:52 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.08.05 15:46:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.08.03 18:43:43 | 000,000,983 | ---- | C] () -- C:\Users\tim\Desktop\Akimura2.lnk [2013.07.31 21:22:47 | 000,000,790 | ---- | C] () -- C:\Users\tim\Desktop\CrossFire.lnk [2013.07.30 21:08:46 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Premium.lnk [2013.07.30 20:07:23 | 000,000,551 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2013.07.30 01:01:46 | 000,000,408 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamShapes.ini [2013.07.30 01:01:46 | 000,000,408 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamLayout.ini [2013.07.30 01:01:46 | 000,000,096 | ---- | C] () -- C:\Users\tim\AppData\Roaming\Camdata.ini [2013.07.29 20:20:15 | 000,004,509 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamStudio.cfg [2013.07.29 18:02:02 | 000,016,727 | ---- | C] () -- C:\Users\tim\Desktop\Unbenannt 1.odt [2013.07.29 17:32:41 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk [2013.07.25 19:15:19 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job [2013.07.25 19:15:09 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\Dealply.job [2013.07.21 22:05:54 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI [2013.07.19 19:11:34 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr [2013.07.19 19:06:18 | 000,139,424 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2013.07.19 19:06:17 | 000,138,056 | ---- | C] () -- C:\Users\tim\AppData\Roaming\PnkBstrK.sys [2013.07.19 19:05:54 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2013.07.19 19:05:54 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0 [2013.07.19 19:05:51 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2013.07.18 08:49:31 | 000,001,497 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2013.07.17 14:27:32 | 000,000,956 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk [2013.07.16 15:42:32 | 152,126,245 | ---- | C] () -- C:\Users\tim\openoffice1.cab [2013.07.16 15:40:58 | 002,269,184 | ---- | C] () -- C:\Users\tim\openoffice400.msi [2013.07.16 15:40:58 | 000,475,136 | ---- | C] () -- C:\Users\tim\setup.exe [2013.07.16 15:40:58 | 000,000,279 | ---- | C] () -- C:\Users\tim\setup.ini [2013.07.14 20:04:51 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2013.07.09 17:59:26 | 000,024,239 | ---- | C] () -- C:\Users\tim\Desktop\Diamond.jpg [2013.06.13 14:41:27 | 000,016,304 | ---- | C] () -- C:\Windows\System32\apl003.sys [2013.06.13 14:41:27 | 000,013,232 | ---- | C] () -- C:\Windows\System32\apf003.sys [2013.04.23 18:08:28 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI [2013.04.21 20:54:23 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2013.04.21 19:02:04 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini [2013.04.20 13:57:41 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll [2013.04.20 13:57:41 | 000,011,296 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys [2013.04.20 13:57:39 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys [2013.04.20 13:57:39 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys [2013.04.20 13:52:12 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2013.04.20 13:52:08 | 000,032,040 | ---- | C] () -- C:\Windows\Ascd_tmp.ini ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Wäre Klasse wenn ihr mir helfen könntet. PS: Habe schon selber versucht das Problem zu lösen aber meist wurde mir gezeigt das es ein Virus sein muss Ebenso wäre es schön wenn ihr es für unerfahrene schreiben könntet da ich mich nicht so viel auskenne wie die meisten hier denke ich |
|
06.08.2013, 19:38
| #2 |
| /// the machine /// TB-Ausbilder    | Fenster minimieren sich automatisch(verdacht auf virus) ein Thread reicht
__________________
__________________ |
|
06.08.2013, 19:40
| #3 |
| | Fenster minimieren sich automatisch(verdacht auf virus) tut mir leid ... dachte nur ich hab es falsch gepostet und dachte deshalb antwortet mir auch keiner
__________________ |
|
06.08.2013, 19:43
| #4 |
| Administrator /// technical service | Fenster minimieren sich automatisch(verdacht auf virus) da geht's weiter: http://www.trojaner-board.de/139439-...r-fenster.html |
| Themen zu Fenster minimieren sich automatisch(verdacht auf virus) |
| adobe, akamai, antivir, autorun, avg, avira, bho, browser, canon, converter, defender, desktop, dvdvideosoft ltd., firefox, flash player, format, google, helper, intranet, logfile, minimieren, mp3, plug-in, problem, programme minimieren, registry, scan, sich automatisch, software, usb, verdacht auf virus, virus, windows |
Linear-Darstellung
