| |
| |||||||
Mülltonne: 2x | 105 Infizierte Objekte, Hauptsächlich PUP.Optional.delta.a/b etc.Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
31.08.2013, 19:39
| #1 |
 |  2x | 105 Infizierte Objekte, Hauptsächlich PUP.Optional.delta.a/b etc. Hallo. Ich habe mit MBAM 105 infizierte Objekte gefunden, weiter mit ADWCleaner, ESET,SecurityCheck,JRT,Combofix und zuletzt einen FRST, FRST Addition log gemacht. Hier sind die Logfiles der richtigen reihenfolge nach geordnet: Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.31.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Liane ************ :: LIANE************ [Administrator] Schutz: Aktiviert 31.08.2013 15:43:59 MBAM-log-2013-08-31 (15-55-35).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 218709 Laufzeit: 5 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 2 C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserProtect.A) -> 1560 -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserProtect.A) -> 3388 -> Keine Aktion durchgeführt. Infizierte Speichermodule: 2 C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. Infizierte Registrierungsschlüssel: 36 HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\escort.escortIEPane.1 (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\escort.escortIEPane (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\delta.deltaHlpr (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta) -> Keine Aktion durchgeführt. HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Keine Aktion durchgeführt. HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\babylontoolbar (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltaappCore.1 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\delta.deltaappCore (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKCR\d (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 7 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: Delta Toolbar -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Daten: -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta) -> Daten: -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Daten: hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=9A4D5442492F4D33&affID=119357&tsp=4990 -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Daten: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Keine Aktion durchgeführt. HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0N2P2W1F0Z1S1U1H -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.BabSolution.A) -> Daten: -> Keine Aktion durchgeführt. Infizierte Dateiobjekte der Registrierung: 2 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bösartig: (c:\progra~3\browse~1\261562~1.220\{c16c1~1\browse~1.dll) Gut: () -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=9A4D5442492F4D33&affID=119357&tsp=4990) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 14 C:\Users\Liane ************\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\Delta (PUP.Optional.Delta) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\bh (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.24.6 (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 42 C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserProtect.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (PUP.Optional.Delta) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\deltasrv.exe (PUP.Optional.Delta) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\KKw3Pn1R.exe.part (PUP.FakeFlash.Domaiq) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\6F0843CE-BAB0-7891-8D0B-61D4D2AAEE86\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\6F0843CE-BAB0-7891-8D0B-61D4D2AAEE86\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\6F0843CE-BAB0-7891-8D0B-61D4D2AAEE86\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\6F0843CE-BAB0-7891-8D0B-61D4D2AAEE86\Latest\Setup.exe (PUP.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\is1242154493\45910169_Setup.EXE (PUP.Optional.LyricsAd) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Local\Temp\is1242154493\DeltaTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\Delta\sqlite3.dll (PUP.Optional.Delta) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Users\Liane ************\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaApp.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaEng.dll (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\GUninstaller.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\Loading.html (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Delta\delta\1.8.24.6\uninstall.exe (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt. (Ende) # AdwCleaner v3.001 - Report created 31/08/2013 at 16:39:10 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Liane ************ - LIANE************ # Running from : C:\Users\Liane ************\Desktop\Downloads\Anti Virus\adwcleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : APNMCP ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\apn Folder Deleted : C:\ProgramData\AskPartnerNetwork Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Partner Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork Folder Deleted : C:\Program Files (x86)\iMesh Applications Folder Deleted : C:\Users\LIANEH~1\AppData\Local\Temp\apn Folder Deleted : C:\Users\LIANEH~1\AppData\Local\Temp\boost_interprocess Folder Deleted : C:\Users\Liane ************\AppData\Roaming\dvdvideosoftiehelpers File Deleted : C:\Users\Liane ************\AppData\Roaming\Mozilla\Firefox\Profiles\krqp4pcz.default\\invalidprefs.js File Deleted : C:\Users\Liane ************\AppData\Roaming\Mozilla\Firefox\Profiles\krqp4pcz.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon] Key Deleted : HKLM\SOFTWARE\5257da8de76aec44 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AskPartnerNetwork Key Deleted : HKCU\Software\BabSolution Key Deleted : HKCU\Software\Delta Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker Key Deleted : HKLM\Software\AskPartnerNetwork Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Delta ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v23.0.1 (de) [ File : C:\Users\Liane ************\AppData\Roaming\Mozilla\Firefox\Profiles\krqp4pcz.default\prefs.js ] Line Deleted : user_pref("extensions.delta.admin", false); Line Deleted : user_pref("extensions.delta.aflt", "babsst"); Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Line Deleted : user_pref("extensions.delta.autoRvrt", "false"); Line Deleted : user_pref("extensions.delta.bbDpng", "31"); Line Deleted : user_pref("extensions.delta.cntry", "DE"); Line Deleted : user_pref("extensions.delta.dfltLng", "de"); Line Deleted : user_pref("extensions.delta.excTlbr", false); Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true); Line Deleted : user_pref("extensions.delta.hdrMd5", "43DC12C4A90E33F79619EAA2DD43200A"); Line Deleted : user_pref("extensions.delta.id", "9a4dcf050000000000005442492f4d33"); Line Deleted : user_pref("extensions.delta.instlDay", "15947"); Line Deleted : user_pref("extensions.delta.instlRef", "sst"); Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.24.623:12:25"); Line Deleted : user_pref("extensions.delta.newTab", false); Line Deleted : user_pref("extensions.delta.prdct", "delta"); Line Deleted : user_pref("extensions.delta.prtnrId", "delta"); Line Deleted : user_pref("extensions.delta.rvrt", "false"); Line Deleted : user_pref("extensions.delta.sg", "tzb"); Line Deleted : user_pref("extensions.delta.smplGrp", "none"); Line Deleted : user_pref("extensions.delta.tlbrId", "base"); Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", ""); Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6"); Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.623:12:25"); Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6"); Line Deleted : user_pref("extensions.delta_i.babExt", ""); Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4990"); Line Deleted : user_pref("extensions.delta_i.srcExt", "ss"); Line Deleted : user_pref("browser.startup.homepage", "hxxp://avira.search.ask.com/?p2=%5EB0Q%5EYYYYYY%5EYY%5EDE&gct=hp&o=APN11074&apn_ptnrs=%5EB0Q&apn_dtid=%5EYYYYYY%5EYY%5EDE&tpid=AVIRA-V7&apn_dbr=ff_23.0&trgb=ALL&[...] -\\ Google Chrome v29.0.1547.62 [ File : C:\Users\Liane ************\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : icon_url Deleted : search_url Deleted : keyword Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [5737 octets] - [31/08/2013 16:37:34] AdwCleaner[S0].txt - [5515 octets] - [31/08/2013 16:39:10] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5575 octets] ########## ESETSmartInstaller@High as downloader log: all ok ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=219037d48724d34aa398a0b50c27242a # engine=14965 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-08-31 04:21:36 # local_time=2013-08-31 06:21:36 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1799 16775165 100 94 7143 243389386 0 0 # compatibility_mode=5893 16776574 100 94 68439 129595946 0 0 # scanned=156087 # found=0 # cleaned=0 # scan_time=5355 Results of screen317's Security Check version 0.99.72 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java(TM) 6 Update 20 Java version out of Date! Adobe Flash Player 11.8.800.94 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (23.0.1) Google Chrome 29.0.1547.57 Google Chrome 29.0.1547.62 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Liane Hochhalter Desktop Downloads Anti Virus\Programme\SecurityCheck.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.6 (08.30.2013:1) OS: Windows 7 Home Premium x64 Ran by Liane ******** on 31.08.2013 at 19:31:13,48 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted: [File] C:\Users\Liane ********\AppData\Roaming\mozilla\firefox\profiles\krqp4pcz.default\invalidprefs.js Successfully deleted: [File] C:\Users\Liane ********\AppData\Roaming\mozilla\firefox\profiles\krqp4pcz.default\extensions\toolbar_avira-v7@apn.ask.com.xpi Emptied folder: C:\Users\Liane ********\AppData\Roaming\mozilla\firefox\profiles\krqp4pcz.default\minidumps [70 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 31.08.2013 at 19:39:33,86 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ComboFix 13-08-31.01 - Liane ********** 31.08.2013 20:02:52.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3835.2058 [GMT 2:00] ausgeführt von:: c:\users\Liane **********\Desktop\Downloads\Anti Virus\Programme\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Liane **********\AppData\Roaming\.# . . ((((((((((((((((((((((( Dateien erstellt von 2013-07-28 bis 2013-08-31 )))))))))))))))))))))))))))))) . . 2013-08-31 18:09 . 2013-08-31 18:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-08-31 17:30 . 2013-08-31 17:30 -------- d-----w- c:\windows\ERUNT 2013-08-31 14:46 . 2013-08-31 14:46 -------- d-----w- c:\program files (x86)\ESET 2013-08-31 14:37 . 2013-08-31 14:39 -------- d-----w- C:\AdwCleaner 2013-08-31 14:22 . 2013-08-31 14:22 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2013-08-31 14:16 . 2013-08-31 14:16 -------- d-----w- c:\users\Liane **********\AppData\Roaming\Avira 2013-08-31 14:11 . 2013-07-18 06:02 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys 2013-08-31 14:11 . 2013-07-18 06:02 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2013-08-31 14:11 . 2013-03-06 14:13 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2013-08-31 14:11 . 2013-08-31 14:11 -------- d-----w- c:\programdata\Avira 2013-08-31 14:11 . 2013-08-31 14:11 -------- d-----w- c:\program files (x86)\Avira 2013-08-31 13:41 . 2013-08-31 13:41 -------- d-----w- c:\users\Liane **********\AppData\Roaming\Malwarebytes 2013-08-31 13:41 . 2013-08-31 13:41 -------- d-----w- c:\programdata\Malwarebytes 2013-08-31 13:41 . 2013-08-31 13:41 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-08-31 13:41 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-30 21:18 . 2013-08-30 21:18 -------- d-----w- c:\program files\WinRAR 2013-08-30 21:12 . 2013-08-30 21:12 -------- d-----w- c:\users\Liane **********\AppData\Local\avgchrome 2013-08-30 21:11 . 2013-08-30 21:20 -------- d-----w- c:\users\Liane **********\AppData\Roaming\.minecraft 2013-08-30 08:32 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{14CCB050-8949-43A1-A8A1-4C7B2CE4D0FF}\mpengine.dll 2013-08-28 19:51 . 2013-08-28 19:51 -------- d-----w- c:\program files (x86)\MSECache 2013-08-27 14:35 . 2013-08-27 14:35 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2013-08-21 17:49 . 2013-08-21 17:49 17737608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2013-08-19 14:21 . 2013-08-29 08:27 -------- d-----w- c:\users\Liane **********\AppData\Roaming\vlc 2013-08-19 14:20 . 2013-08-19 14:20 -------- d-----w- c:\program files (x86)\VideoLAN 2013-08-19 11:00 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll 2013-08-19 11:00 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll 2013-08-19 11:00 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll 2013-08-19 11:00 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-19 11:00 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-19 11:00 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll 2013-08-19 11:00 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2013-08-19 11:00 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2013-08-18 12:56 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-18 12:56 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2013-08-18 12:56 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-18 12:56 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2013-08-18 12:55 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-18 12:55 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll 2013-08-18 12:55 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-18 12:55 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-16 23:25 . 2013-08-16 23:25 -------- d-----w- C:\found.000 2013-08-14 01:51 . 2013-08-19 10:58 -------- d-----w- c:\windows\system32\MRT 2013-08-09 21:38 . 2013-05-02 00:06 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-08-07 20:43 . 2013-08-07 20:43 -------- d-----w- c:\users\Liane **********\AppData\Local\Diagnostics . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-21 17:49 . 2013-03-30 22:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-08-21 17:49 . 2013-03-30 22:58 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-08-19 10:54 . 2013-03-30 03:44 78161360 ----a-w- c:\windows\system32\MRT.exe 2013-07-28 16:27 . 2013-07-28 16:27 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2013-07-28 16:27 . 2013-07-28 16:27 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2013-07-28 16:27 . 2013-07-28 16:27 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2013-06-18 06:43 . 2013-06-18 06:43 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-06-18 06:43 . 2013-06-18 06:43 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-06-18 06:43 . 2013-06-18 06:43 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-06-18 06:43 . 2013-06-18 06:43 81408 ----a-w- c:\windows\system32\icardie.dll 2013-06-18 06:43 . 2013-06-18 06:43 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-06-18 06:43 . 2013-06-18 06:43 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-06-18 06:43 . 2013-06-18 06:43 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-06-18 06:43 . 2013-06-18 06:43 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-06-18 06:43 . 2013-06-18 06:43 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-06-18 06:43 . 2013-06-18 06:43 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-06-18 06:43 . 2013-06-18 06:43 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-06-18 06:43 . 2013-06-18 06:43 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-06-18 06:43 . 2013-06-18 06:43 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-06-18 06:43 . 2013-06-18 06:43 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-06-18 06:43 . 2013-06-18 06:43 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-06-18 06:43 . 2013-06-18 06:43 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-06-18 06:43 . 2013-06-18 06:43 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-06-18 06:43 . 2013-06-18 06:43 441856 ----a-w- c:\windows\system32\html.iec 2013-06-18 06:43 . 2013-06-18 06:43 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-06-18 06:43 . 2013-06-18 06:43 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-06-18 06:43 . 2013-06-18 06:43 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-06-18 06:43 . 2013-06-18 06:43 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-06-18 06:43 . 2013-06-18 06:43 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-06-18 06:43 . 2013-06-18 06:43 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-06-18 06:43 . 2013-06-18 06:43 235008 ----a-w- c:\windows\system32\url.dll 2013-06-18 06:43 . 2013-06-18 06:43 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-06-18 06:43 . 2013-06-18 06:43 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-06-18 06:43 . 2013-06-18 06:43 216064 ----a-w- c:\windows\system32\msls31.dll 2013-06-18 06:43 . 2013-06-18 06:43 197120 ----a-w- c:\windows\system32\msrating.dll 2013-06-18 06:43 . 2013-06-18 06:43 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-06-18 06:43 . 2013-06-18 06:43 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-06-18 06:43 . 2013-06-18 06:43 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-06-18 06:43 . 2013-06-18 06:43 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-06-18 06:43 . 2013-06-18 06:43 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-06-18 06:43 . 2013-06-18 06:43 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-06-18 06:43 . 2013-06-18 06:43 149504 ----a-w- c:\windows\system32\occache.dll 2013-06-18 06:43 . 2013-06-18 06:43 144896 ----a-w- c:\windows\system32\wextract.exe 2013-06-18 06:43 . 2013-06-18 06:43 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-06-18 06:43 . 2013-06-18 06:43 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-06-18 06:43 . 2013-06-18 06:43 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-06-18 06:43 . 2013-06-18 06:43 13824 ----a-w- c:\windows\system32\mshta.exe 2013-06-18 06:43 . 2013-06-18 06:43 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-06-18 06:43 . 2013-06-18 06:43 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-06-18 06:43 . 2013-06-18 06:43 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-06-18 06:43 . 2013-06-18 06:43 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-06-18 06:43 . 2013-06-18 06:43 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-06-18 06:43 . 2013-06-18 06:43 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-06-18 06:43 . 2013-06-18 06:43 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-06-18 06:43 . 2013-06-18 06:43 102912 ----a-w- c:\windows\system32\inseng.dll 2013-06-18 06:41 . 2013-06-18 06:41 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 648192 ----a-w- c:\windows\system32\d3d10level9.dll 2013-06-18 06:41 . 2013-06-18 06:41 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll 2013-06-18 06:41 . 2013-06-18 06:41 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2013-06-18 06:41 . 2013-06-18 06:41 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2013-06-18 06:41 . 2013-06-18 06:41 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-06-18 06:41 . 2013-06-18 06:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 3928064 ----a-w- c:\windows\system32\d2d1.dll 2013-06-18 06:41 . 2013-06-18 06:41 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll 2013-06-18 06:41 . 2013-06-18 06:41 363008 ----a-w- c:\windows\system32\dxgi.dll 2013-06-18 06:41 . 2013-06-18 06:41 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll 2013-06-18 06:41 . 2013-06-18 06:41 333312 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-06-18 06:41 . 2013-06-18 06:41 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 296960 ----a-w- c:\windows\system32\d3d10core.dll 2013-06-18 06:41 . 2013-06-18 06:41 293376 ----a-w- c:\windows\SysWow64\dxgi.dll 2013-06-18 06:41 . 2013-06-18 06:41 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2013-06-18 06:41 . 2013-06-18 06:41 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2013-06-18 06:41 . 2013-06-18 06:41 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-18 06:41 . 2013-06-18 06:41 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2013-06-18 06:41 . 2013-06-18 06:41 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2013-06-18 06:41 . 2013-06-18 06:41 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll 2013-06-18 06:41 . 2013-06-18 06:41 221184 ----a-w- c:\windows\system32\UIAnimation.dll 2013-06-18 06:41 . 2013-06-18 06:41 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll 2013-06-18 06:41 . 2013-06-18 06:41 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll 2013-06-18 06:41 . 2013-06-18 06:41 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2013-06-18 06:41 . 2013-06-18 06:41 194560 ----a-w- c:\windows\system32\d3d10_1.dll 2013-06-18 06:41 . 2013-06-18 06:41 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll 2013-06-18 06:41 . 2013-06-18 06:41 1682432 ----a-w- c:\windows\system32\XpsPrint.dll 2013-06-18 06:41 . 2013-06-18 06:41 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2013-06-18 06:41 . 2013-06-18 06:41 1238528 ----a-w- c:\windows\system32\d3d10.dll 2013-06-18 06:41 . 2013-06-18 06:41 1175552 ----a-w- c:\windows\system32\FntCache.dll 2013-06-18 06:41 . 2013-06-18 06:41 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll 2013-06-18 06:41 . 2013-06-18 06:41 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Facebook Update"="c:\users\Liane **********\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-03-31 138096] "Spotify Web Helper"="c:\users\Liane **********\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-08 1104384] "Spotify"="c:\users\Liane **********\AppData\Roaming\Spotify\spotify.exe" [2013-07-08 4640768] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-02 98304] "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-01-21 597792] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-18 345144] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [x] R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe;c:\program files\Sony\VAIO Care\collsvc.exe [x] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x] R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x] R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x] R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x] S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x] S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x] S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-08-31 09:18 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2013-08-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-30 17:49] . 2013-08-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1665989420-3198687518-47467325-1000Core.job - c:\users\Liane **********\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-31 16:40] . 2013-08-31 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1665989420-3198687518-47467325-1000UA.job - c:\users\Liane **********\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-31 16:40] . 2013-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 21:40] . 2013-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 21:40] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-07 10134560] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll TCP: DhcpNameServer = 192.168.178.1 FF - ProfilePath - c:\users\Liane **********\AppData\Roaming\Mozilla\Firefox\Profiles\krqp4pcz.default\ . - - - - Entfernte verwaiste Registrierungseinträge - - - - . BHO-{41564952-412D-5637-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll Toolbar-{41564952-412D-5637-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\"" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2013-08-31 20:12:48 ComboFix-quarantined-files.txt 2013-08-31 18:12 . Vor Suchlauf: 11 Verzeichnis(se), 419.506.069.504 Bytes frei Nach Suchlauf: 16 Verzeichnis(se), 419.813.871.616 Bytes frei . - - End Of File - - 88FF6F05FAC4BBA79C56CC21FADCCC17 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 04 Ran by Liane *********** (administrator) on LIANE*********** on 31-08-2013 20:14:51 Running from C:\Users\Liane ***********\Desktop\Downloads\Anti Virus\Programme Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Sony Corporation) c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-04-07] (Realtek Semiconductor) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [221480 2010-05-17] (Alps Electric Co., Ltd.) HKLM\...\Policies\Explorer: [NoDrives] 0 HKCU\...\Run: [Facebook Update] - C:\Users\Liane ***********\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-31] (Facebook Inc.) HKCU\...\Run: [Spotify Web Helper] - C:\Users\Liane ***********\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd) HKCU\...\Run: [Spotify] - C:\Users\Liane ***********\AppData\Roaming\Spotify\spotify.exe [4640768 2013-07-08] (Spotify Ltd) HKCU\...\Policies\Explorer: [NoDrives] 0 HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PMBVolumeWatcher] - c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2010-01-21] (Sony Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {207F441C-0E00-4153-B563-72F4738EB44D} URL = hxxp://de.shopping.com/?linkin_id=8056363 SearchScopes: HKCU - {49ECDDAD-712E-4A62-8F78-A317EEAE94C5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKCU - {DB026624-3027-44A7-86E1-E095A217FF5B} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Liane ***********\AppData\Roaming\Mozilla\Firefox\Profiles\krqp4pcz.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Liane ***********\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK Chrome: ======= CHR HomePage: hxxp://www.google.com CHR RestoreOnStartup: "hxxp://www.google.com" CHR DefaultSearchURL: (Delta Search) - hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9A4D5442492F4D33&affID=119357&tsp=4990 CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefi xUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll () CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.) CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Liane ***********\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\LIANEH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0 CHR Extension: (dict-cc) - C:\Users\LIANEH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknonnojlmhnmjhpeokdbeineeajcemh\1.6.88_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\LIANEH~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 ==================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-11-25] (Sonic Solutions) S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-11-25] (Sonic Solutions) S3 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [168448 2009-12-22] (Sony of America Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2010-04-08] (Sony Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [852336 2010-03-18] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation) ==================== Drivers (Whitelisted) ==================== R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-31 20:12 - 2013-08-31 20:12 - 00031001 _____ C:\ComboFix.txt 2013-08-31 20:00 - 2013-08-31 20:12 - 00000000 ____D C:\Qoobox 2013-08-31 20:00 - 2013-08-31 20:11 - 00000000 ____D C:\Windows\erdnt 2013-08-31 20:00 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-08-31 20:00 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-08-31 20:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-08-31 20:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-08-31 20:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-08-31 20:00 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-08-31 20:00 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-08-31 20:00 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-08-31 19:30 - 2013-08-31 19:30 - 00000000 ____D C:\Windows\ERUNT 2013-08-31 16:46 - 2013-08-31 16:46 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-31 16:37 - 2013-08-31 16:39 - 00000000 ____D C:\AdwCleaner 2013-08-31 16:22 - 2013-08-31 16:22 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-08-31 16:16 - 2013-08-31 16:16 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\Avira 2013-08-31 16:11 - 2013-08-31 16:11 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-08-31 16:11 - 2013-08-31 16:11 - 00000000 ____D C:\ProgramData\Avira 2013-08-31 16:11 - 2013-08-31 16:11 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-31 16:11 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-08-31 16:11 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-08-31 16:11 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-08-31 16:04 - 2013-08-31 16:05 - 00002014 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk 2013-08-31 16:04 - 2013-08-31 16:04 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-08-31 15:44 - 2013-08-31 15:57 - 00000000 ____D C:\Users\Liane ***********\Downloads\Anti Virus 2013-08-31 15:41 - 2013-08-31 15:41 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-31 15:41 - 2013-08-31 15:41 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\Malwarebytes 2013-08-31 15:41 - 2013-08-31 15:41 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-31 15:41 - 2013-08-31 15:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-31 15:41 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-30 23:18 - 2013-08-30 23:18 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\WinRAR 2013-08-30 23:18 - 2013-08-30 23:18 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-30 23:18 - 2013-08-30 23:18 - 00000000 ____D C:\Program Files\WinRAR 2013-08-30 23:12 - 2013-08-30 23:12 - 00000000 ____D C:\Users\LIANEH~1\AppData\Local\avgchrome 2013-08-30 23:11 - 2013-08-30 23:20 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\.minecraft 2013-08-28 21:51 - 2013-08-28 21:51 - 00000000 ____D C:\Program Files (x86)\MSECache 2013-08-27 19:28 - 2013-08-27 19:36 - 00000000 ____D C:\Users\Liane ***********\Downloads\fb 2013-08-21 19:49 - 2013-08-21 19:49 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-08-19 16:21 - 2013-08-29 10:27 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\vlc 2013-08-19 16:20 - 2013-08-19 16:20 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk 2013-08-19 16:20 - 2013-08-19 16:20 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2013-08-19 13:00 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-19 13:00 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-19 13:00 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-19 13:00 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-19 13:00 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-19 13:00 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-19 13:00 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-19 13:00 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-18 16:13 - 2013-08-30 23:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-18 14:56 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-18 14:56 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-18 14:56 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-18 14:56 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-18 14:55 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-18 14:55 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-18 14:55 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-18 14:55 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-18 14:53 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-18 14:53 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-18 14:53 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-18 14:53 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-18 14:53 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-18 14:53 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-18 14:53 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-18 14:53 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-18 14:53 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-18 14:53 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-18 14:53 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-18 14:53 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-18 14:53 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-18 14:53 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-18 01:14 - 2013-08-18 14:38 - 00000000 ____D C:\Users\Liane ***********\Documents\Notes 2013-08-17 01:25 - 2013-08-17 01:25 - 00000000 ____D C:\found.000 2013-08-14 03:51 - 2013-08-19 12:58 - 00000000 ____D C:\Windows\system32\MRT 2013-08-09 23:38 - 2013-05-02 02:06 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== One Month Modified Files and Folders ======= 2013-08-31 20:14 - 2013-08-31 20:14 - 00000000 ____D C:\FRST 2013-08-31 20:12 - 2013-08-31 20:12 - 00031001 _____ C:\ComboFix.txt 2013-08-31 20:12 - 2013-08-31 20:00 - 00000000 ____D C:\Qoobox 2013-08-31 20:12 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2013-08-31 20:11 - 2013-08-31 20:00 - 00000000 ____D C:\Windows\erdnt 2013-08-31 20:09 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2013-08-31 20:06 - 2013-03-29 23:23 - 01299667 _____ C:\Windows\WindowsUpdate.log 2013-08-31 19:49 - 2013-03-31 00:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-31 19:30 - 2013-08-31 19:30 - 00000000 ____D C:\Windows\ERUNT 2013-08-31 19:18 - 2013-03-29 23:40 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-31 17:46 - 2013-03-31 18:41 - 00000972 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1665989420-3198687518-47467325-1000UA.job 2013-08-31 16:48 - 2009-07-14 06:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-31 16:48 - 2009-07-14 06:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-31 16:46 - 2013-08-31 16:46 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-31 16:46 - 2013-03-29 23:18 - 00654680 _____ C:\Windows\system32\perfh007.dat 2013-08-31 16:46 - 2013-03-29 23:18 - 00130262 _____ C:\Windows\system32\perfc007.dat 2013-08-31 16:46 - 2009-07-14 07:13 - 01500018 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-31 16:42 - 2013-03-30 21:23 - 00000000 ____D C:\Update 2013-08-31 16:41 - 2013-03-29 23:40 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-31 16:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-31 16:41 - 2009-07-14 06:51 - 00055407 _____ C:\Windows\setupact.log 2013-08-31 16:40 - 2013-03-30 00:06 - 00135592 _____ C:\Windows\PFRO.log 2013-08-31 16:39 - 2013-08-31 16:37 - 00000000 ____D C:\AdwCleaner 2013-08-31 16:28 - 2013-03-29 23:28 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-08-31 16:22 - 2013-08-31 16:22 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-08-31 16:16 - 2013-08-31 16:16 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\Avira 2013-08-31 16:11 - 2013-08-31 16:11 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-08-31 16:11 - 2013-08-31 16:11 - 00000000 ____D C:\ProgramData\Avira 2013-08-31 16:11 - 2013-08-31 16:11 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-31 16:05 - 2013-08-31 16:04 - 00002014 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk 2013-08-31 16:04 - 2013-08-31 16:04 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-08-31 16:04 - 2013-03-29 23:39 - 00000000 ____D C:\ProgramData\Adobe 2013-08-31 16:03 - 2013-04-15 02:14 - 00000000 ____D C:\Users\LIANEH~1\AppData\Local\Adobe 2013-08-31 16:00 - 2013-03-29 23:40 - 00000000 ____D C:\Program Files\Google 2013-08-31 16:00 - 2013-03-29 23:40 - 00000000 ____D C:\Program Files (x86)\Google 2013-08-31 15:57 - 2013-08-31 15:44 - 00000000 ____D C:\Users\Liane ***********\Downloads\Anti Virus 2013-08-31 15:48 - 2013-03-30 02:16 - 00000000 ___RD C:\Users\Liane ***********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-08-31 15:46 - 2013-03-30 02:21 - 00000000 ____D C:\Users\LIANEH~1\AppData\Local\Google 2013-08-31 15:41 - 2013-08-31 15:41 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-31 15:41 - 2013-08-31 15:41 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\Malwarebytes 2013-08-31 15:41 - 2013-08-31 15:41 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-31 15:41 - 2013-08-31 15:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-31 15:31 - 2013-03-30 02:20 - 00004002 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D9D7F7FB-06CE-4596-A6F4-D0662B2A304D} 2013-08-31 11:46 - 2013-03-31 18:41 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1665989420-3198687518-47467325-1000Core.job 2013-08-30 23:20 - 2013-08-30 23:11 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\.minecraft 2013-08-30 23:18 - 2013-08-30 23:18 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\WinRAR 2013-08-30 23:18 - 2013-08-30 23:18 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-30 23:18 - 2013-08-30 23:18 - 00000000 ____D C:\Program Files\WinRAR 2013-08-30 23:12 - 2013-08-30 23:12 - 00000000 ____D C:\Users\LIANEH~1\AppData\Local\avgchrome 2013-08-30 23:11 - 2013-08-18 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-30 12:13 - 2013-07-10 19:05 - 00000000 ____D C:\Users\Liane ***********\Desktop\Neuer Ordner 2013-08-30 10:26 - 2009-07-14 06:45 - 00301536 _____ C:\Windows\system32\FNTCACHE.DAT 2013-08-29 19:52 - 2013-07-29 13:20 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\SoftGrid Client 2013-08-29 11:10 - 2013-07-29 13:47 - 00000000 ____D C:\Users\LIANEH~1\AppData\Local\click.to 2013-08-29 10:27 - 2013-08-19 16:21 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\vlc 2013-08-28 21:52 - 2013-03-30 02:13 - 00066104 _____ C:\Users\LIANEH~1\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-28 21:51 - 2013-08-28 21:51 - 00000000 ____D C:\Program Files (x86)\MSECache 2013-08-28 21:39 - 2013-03-30 02:13 - 00000000 ____D C:\Users\Liane *********** 2013-08-27 19:41 - 2013-03-31 00:32 - 00000000 ____D C:\Users\Liane ***********\Bilder 1 2013-08-27 19:36 - 2013-08-27 19:28 - 00000000 ____D C:\Users\Liane ***********\Downloads\fb 2013-08-25 16:11 - 2013-04-08 03:06 - 00005120 _____ C:\Users\LIANEH~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-08-21 19:49 - 2013-08-21 19:49 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2013-08-21 19:49 - 2013-03-31 00:58 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-21 19:49 - 2013-03-31 00:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-21 19:49 - 2013-03-31 00:58 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-08-21 19:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-08-19 21:11 - 2013-03-31 05:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-19 16:20 - 2013-08-19 16:20 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk 2013-08-19 16:20 - 2013-08-19 16:20 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2013-08-19 12:58 - 2013-08-14 03:51 - 00000000 ____D C:\Windows\system32\MRT 2013-08-19 12:54 - 2013-03-30 05:44 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-18 14:47 - 2013-03-31 18:51 - 00000000 ____D C:\Users\LIANEH~1\AppData\Local\Spotify 2013-08-18 14:47 - 2013-03-31 18:51 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\Spotify 2013-08-18 14:38 - 2013-08-18 01:14 - 00000000 ____D C:\Users\Liane ***********\Documents\Notes 2013-08-18 14:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2013-08-18 14:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat 2013-08-18 14:38 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-08-17 01:25 - 2013-08-17 01:25 - 00000000 ____D C:\found.000 2013-08-13 09:28 - 2009-07-14 07:08 - 00032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-10 10:24 - 2013-03-29 23:41 - 00000000 ____D C:\ProgramData\McAfee 2013-08-09 12:51 - 2013-06-17 21:32 - 00000000 ____D C:\Users\Liane ***********\Desktop\bla 2013-08-09 01:36 - 2013-06-30 23:40 - 00000588 ____H C:\Users\Liane ***********\Downloads\.picasa.ini 2013-08-07 22:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2013-08-07 21:05 - 2013-03-30 02:13 - 00000000 ____D C:\Users\Liane ***********\AppData\Roaming\Sony Corporation 2013-08-07 18:54 - 2013-07-01 08:02 - 00000000 ____D C:\Users\Liane ***********\Downloads\zeug ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-22 00:17 ==================== End Of Log ============================ |
|
31.08.2013, 19:41
| #2 |
| | 2x | 105 Infizierte Objekte, Hauptsächlich PUP.Optional.delta.a/b etc. Zuletzt die FRST Addition:
__________________FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2013 04 Ran by Liane *********** at 2013-08-31 20:16:47 Running from C:\Users\Liane ***********\Desktop\Downloads\Anti Virus\Programme Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader 9.5.5 - Deutsch (x32 Version: 9.5.5) Alps Pointing-device for VAIO AMD USB Filter Driver (x32 Version: 1.0.15.94) Apple Software Update (x32 Version: 2.1.3.127) ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.85) ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.278) ATI Catalyst Install Manager (Version: 3.0.765.0) Avira Free Antivirus (x32 Version: 13.0.0.3885) Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663) Bonjour (Version: 3.0.0.10) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Core Implementation (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Full New (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Light (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412) Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Localization All (x32 Version: 2010.0302.2233.40412) CCC Help Chinese Standard (x32 Version: 2010.0302.2232.40412) CCC Help Chinese Traditional (x32 Version: 2010.0302.2232.40412) CCC Help Czech (x32 Version: 2010.0302.2232.40412) CCC Help Danish (x32 Version: 2010.0302.2232.40412) CCC Help Dutch (x32 Version: 2010.0302.2232.40412) CCC Help English (x32 Version: 2010.0302.2232.40412) CCC Help Finnish (x32 Version: 2010.0302.2232.40412) CCC Help French (x32 Version: 2010.0302.2232.40412) CCC Help German (x32 Version: 2010.0302.2232.40412) CCC Help Greek (x32 Version: 2010.0302.2232.40412) CCC Help Hungarian (x32 Version: 2010.0302.2232.40412) CCC Help Italian (x32 Version: 2010.0302.2232.40412) CCC Help Japanese (x32 Version: 2010.0302.2232.40412) CCC Help Korean (x32 Version: 2010.0302.2232.40412) CCC Help Norwegian (x32 Version: 2010.0302.2232.40412) CCC Help Polish (x32 Version: 2010.0302.2232.40412) CCC Help Portuguese (x32 Version: 2010.0302.2232.40412) CCC Help Russian (x32 Version: 2010.0302.2232.40412) CCC Help Spanish (x32 Version: 2010.0302.2232.40412) CCC Help Swedish (x32 Version: 2010.0302.2232.40412) CCC Help Thai (x32 Version: 2010.0302.2232.40412) CCC Help Turkish (x32 Version: 2010.0302.2232.40412) ccc-core-static (x32 Version: 2010.0302.2233.40412) ccc-utility64 (Version: 2010.0302.2233.40412) Click to Disc MergeModules x64 (Version: 1.0.14230) dows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800) Einstellungen für VAIO-Inhaltsüberwachung (x32 Version: 2.5.0.13220) ESET Online Scanner v3 (x32) Evernote (x32 Version: 3.5.2.1525) Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287) Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430) Google Chrome (x32 Version: 29.0.1547.62) Google Update Helper (x32 Version: 1.3.21.153) iTunes (Version: 11.0.4.4) Java Auto Updater (x32 Version: 2.0.2.1) Java(TM) 6 Update 18 (64-bit) (Version: 6.0.180) Java(TM) 6 Update 20 (x32 Version: 6.0.200) Junk Mail filter update (x32 Version: 14.0.8089.726) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Media Gallery (x32 Version: 1.2.0.15040) Media Gallery MergeModules x64 (Version: 1.0.14250) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (x32 Version: 2.0.48.0) Microsoft Office 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000) Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000) Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft SQL Server Compact 3.5 SP1 English (x32 Version: 3.5.5692.0) Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSI_SPF_x64 (Version: 1.0.0) MSVCRT (x32 Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MusicStation (x32 Version: 2.0.4.1199) Picasa 3 (x32 Version: 3.9) PMB (x32 Version: 5.1.02.03310) PMB VAIO Edition Guide (x32 Version: 1.1.00.14080) PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.1.00.15080) PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.1.00.15040) PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.1.00.15080) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6069) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30116) Remote Play mit PlayStation®3 (x32 Version: 1.0.0.15090) Remote Play with PlayStation 3 (x32 Version: 1.0.0.15090) Roxio Central Audio (x32 Version: 3.8.0) Roxio Central Copy (x32 Version: 3.8.0) Roxio Central Core (x32 Version: 3.8.0) Roxio Central Data (x32 Version: 3.8.0) Roxio Central Tools (x32 Version: 3.8.0) Roxio Easy Media Creator 10 LJ (x32 Version: 10.3) Roxio Easy Media Creator Home (x32 Version: 10.3.263) Setting Utility Series (x32 Version: 5.2.0.15250) Shared C Run-time for x64 (Version: 10.0.0) Skype™ 5.10 (x32 Version: 5.10.116) Sony Home Network Library (x32 Version: 2.1.0.14240) Spotify (HKCU Version: 0.9.1.57.ge7405149) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) VAIO Care (x32 Version: 6.0.0.15080) VAIO Content Monitoring Settings (x32 Version: 2.5.0.13220) VAIO Control Center (x32 Version: 4.2.0.15020) VAIO Data Restore Tool (x32 Version: 1.3.0.13150) VAIO DVD Menu Data (x32 Version: 2.1.00.13210) VAIO Energie Verwaltung (x32 Version: 5.1.0.15250) VAIO Entertainment Platform (x32 Version: 3.7.0.16080) VAIO Event Service (x32 Version: 5.2.0.15020) VAIO Gate (x32 Version: 2.0.0.14050) VAIO Gate Default (x32 Version: 2.0.0.04160) VAIO Hardware Diagnostics (x32 Version: 3.9.1) VAIO Manual (x32 Version: 1.0.0.03290) VAIO Media plus (x32 Version: 2.1.0.15040) VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220) VAIO Movie Story MergeModules x64 (Version: 1.0.14240) VAIO Movie Story Template Data (x32 Version: 2.1.00.14040) VAIO Original Function Settings (x32 Version: 2.1.0.13120) VAIO Original Funktion Einstellungen (x32 Version: 2.1.0.13120) VAIO Premium Partners (x32 Version: 1.0) VAIO screensaver (x32 Version: 1.0.0.0) VAIO Smart Network (x32 Version: 3.2.0.15080) VAIO Update (x32 Version: 6.2.1.03260) VAIO Wallpaper Contents (x32 Version: 2.1.0.14090) VAIO-Support für Übertragungen (x32 Version: 1.1.1.13070) VLC media player 2.0.8 (x32 Version: 2.0.8) VMp MergeModule x64 (Version: 1.0.0) VU5x64 (Version: 1.1.0) VU5x86 (x32 Version: 1.1.0) WIDCOMM Bluetooth Software (Version: 6.2.1.500) Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (Version: 09/09/2009 6.2.0.9405) Windows Live Call (x32 Version: 14.0.8064.0206) Windows Live Communications Platform (x32 Version: 14.0.8064.206) Windows Live Essentials (x32 Version: 14.0.8089.0726) Windows Live Essentials (x32 Version: 14.0.8089.726) Windows Live Family Safety (Version: 14.0.8093.805) Windows Live Fotogalerie (x32 Version: 14.0.8081.709) Windows Live Mail (x32 Version: 14.0.8089.0726) Windows Live Messenger (x32 Version: 14.0.8089.0726) Windows Live Sync (x32 Version: 14.0.8089.726) Windows Live Writer (x32 Version: 14.0.8089.0726) Windows Live-Uploadtool (x32 Version: 14.0.8014.1029) WinRAR 4.20 (64-Bit) (Version: 4.20.0) ==================== Restore Points ========================= 23-08-2013 07:43:38 Windows Update 27-08-2013 19:12:09 Windows Update 28-08-2013 19:51:39 Microsoft PowerPoint Viewer wird installiert 30-08-2013 00:23:22 Windows Update 31-08-2013 01:00:18 Windows Update 31-08-2013 14:27:20 Installiert VAIO Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {00CDE3AA-3DB7-4CF6-A2A4-45597FE534B7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-03-26] (Sony Corporation) Task: {10ED223F-60B8-4EF4-B761-5548020D827A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29] (Google Inc.) Task: {17DC99C9-5AE5-4F7A-8F04-2DC77248640A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29] (Google Inc.) Task: {3D63A432-1CBB-4671-951F-118A9B158770} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe [2010-02-02] (Sony Corporation) Task: {51CF7CD6-2FC6-4669-A777-5987EB390E3E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1665989420-3198687518-47467325-1000UA => C:\Users\Liane ***********\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-31] (Facebook Inc.) Task: {5C0380A2-A251-4AFB-93B9-66F555881805} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) Task: {6A09A025-FD84-4682-949F-827042404605} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-03-26] (Sony Corporation) Task: {7A6056E5-DB08-4E90-A52A-F6DCCAC0C57E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1665989420-3198687518-47467325-1000Core => C:\Users\Liane ***********\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-31] (Facebook Inc.) Task: {8F2A1FE2-3870-42D8-A86A-2B8AAC92D4E6} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2010-02-02] (Sony Corporation) Task: {AA85BF48-36D4-41EC-B515-FA557BF15001} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-02-06] (Sony Corporation) Task: {AB255013-1C3A-4925-B3B4-0B55DCDA73FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {BA852014-2249-41A9-A37D-4EE5C830704C} - System32\Tasks\User_Feed_Synchronization-{D9D7F7FB-06CE-4596-A6F4-D0662B2A304D} => C:\Windows\system32\msfeedssync.exe [2013-06-18] (Microsoft Corporation) Task: {C481D980-1332-47B2-AB4F-AB8B46C12F55} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-02-06] (Sony Corporation) Task: {C9246AED-D535-4526-B2C0-AB20DEACE35B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1665989420-3198687518-47467325-1000Core.job => C:\Users\Liane ***********\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1665989420-3198687518-47467325-1000UA.job => C:\Users\Liane ***********\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm 2010-04-07 09:43 - 2010-04-07 05:04 - 00036352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2010-04-07 09:43 - 2010-04-07 05:04 - 00497152 _____ (ATI Technologies Inc. ) C:\Windows\system32\aticfx64.dll 2010-04-07 09:43 - 2010-04-07 05:04 - 03800576 _____ (ATI Technologies Inc. ) C:\Windows\system32\atidxx64.dll 2009-09-04 14:35 - 2009-09-04 14:35 - 00391456 _____ (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btmmhook.dll 2009-07-14 01:19 - 2009-07-14 03:41 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\ktmw32.dll 2009-07-14 01:46 - 2009-07-14 03:41 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\tschannel.dll 2012-08-16 23:10 - 2012-08-16 23:10 - 05601616 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll 2012-10-31 22:10 - 2012-10-31 22:10 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100.dll 2011-06-11 08:15 - 2011-06-11 08:15 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP100.dll 2013-04-06 21:38 - 2013-03-26 15:15 - 00030784 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgentPS64.dll 2013-03-30 02:14 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-03-30 07:45 - 2010-11-20 15:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Cabinet.dll 2013-03-30 02:14 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2013-04-06 21:38 - 2013-03-26 15:16 - 00017984 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Update\InternetWrapperPS.dll 2010-05-17 07:43 - 2010-05-17 05:29 - 00100352 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL 2010-05-17 07:43 - 2010-05-17 05:29 - 00205312 _____ (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.DLL 2010-05-17 07:43 - 2010-05-17 05:29 - 00034304 _____ (Alps Electric Co., Ltd.) C:\Program Files\Apoint\EzAuto.dll 2010-05-17 07:43 - 2010-05-17 05:29 - 01392640 _____ (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApRes.dll 2010-05-17 07:43 - 2010-05-17 05:29 - 00266752 _____ (Alps Electric Co., Ltd.) C:\Program Files\Apoint\EzLaunch.DLL 2013-08-18 14:53 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-31 16:11 - 2013-07-18 08:01 - 00231480 _____ (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll 2013-06-18 08:41 - 2013-06-18 08:41 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\D3D10Warp.dll 2013-06-18 08:43 - 2013-06-18 08:43 - 00281600 _____ (Microsoft Corporation) C:\Windows\System32\Dxtrans.dll 2009-07-14 01:41 - 2009-07-14 03:40 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\ddrawex.dll 2013-06-18 08:43 - 2013-06-18 08:43 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\Dxtmsft.dll 2009-07-14 02:00 - 2009-07-14 03:41 - 00283648 _____ (Microsoft Corporation) C:\Windows\System32\LocationApi.dll 2009-07-14 02:00 - 2009-07-14 03:41 - 00174592 _____ (Microsoft Corporation) C:\Windows\System32\SensorsApi.dll 2009-07-14 01:28 - 2009-07-14 03:41 - 00271360 _____ (Microsoft Corporation) C:\Windows\System32\WDSCORE.dll 2013-06-18 08:43 - 2013-06-18 08:43 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2009-07-14 01:56 - 2009-07-14 03:41 - 00163328 _____ (Microsoft Corporation) C:\Program Files\Windows Sidebar\wlsrvc.dll 2011-08-31 06:05 - 2011-08-31 06:05 - 00132968 _____ (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll 2009-09-04 14:35 - 2009-09-04 14:35 - 00716576 _____ (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwapi.dll 2013-03-29 23:43 - 2013-03-29 23:43 - 01658880 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8444db7d32915e4c\MFC80.DLL 2009-09-04 14:35 - 2009-09-04 14:35 - 00348960 _____ (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll 2009-09-04 14:35 - 2009-09-04 14:35 - 00504608 _____ (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.DLL 2009-07-14 02:09 - 2009-07-14 03:38 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\irprops.cpl 2013-03-29 23:32 - 2010-03-09 08:09 - 00139040 _____ (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll 2013-03-29 23:43 - 2013-03-29 23:43 - 00054272 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_bc1d1e5b0be08790\MFC80DEU.DLL 2009-09-04 14:35 - 2009-09-04 14:35 - 23913760 _____ (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll 2013-03-30 07:44 - 2010-11-20 15:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\wshBth.dll 2013-07-10 18:39 - 2013-04-24 00:56 - 09991832 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll 2013-07-11 19:21 - 2013-07-11 19:21 - 15577088 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\88744044294787b99dd4a8704ab75a79\mscorlib.ni.dll 2013-03-31 05:19 - 2012-10-05 12:52 - 01574496 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll 2013-08-19 21:14 - 2013-08-19 21:14 - 10655744 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System\af0a0b96a02f9925eb84392ee65a5cfa\System.ni.dll 2013-08-19 21:15 - 2013-08-19 21:15 - 02320384 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\868d117286ad259249f31d3fe813d39a\System.Drawing.ni.dll 2013-08-19 21:16 - 2013-08-19 21:16 - 17383424 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\95674cb72317e3a5380ea450b913786f\System.Windows.Forms.ni.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00106496 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3713.40523__90ba9c70f846762e\MOM.Implementation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3713.40375__90ba9c70f846762e\LOG.Foundation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00036864 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3713.40379__90ba9c70f846762e\LOG.Foundation.Private.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3713.40520__90ba9c70f846762e\LOG.Foundation.Implementation.dll 2013-03-31 05:19 - 2010-11-13 02:08 - 00315392 _____ (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3713.40380__90ba9c70f846762e\MOM.Foundation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3713.40380__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll 2013-08-19 21:17 - 2013-08-19 21:17 - 01022976 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\5d7208467b0ffffee644a83f4e76fa12\System.Runtime.Remoting.ni.dll 2013-08-19 21:18 - 2013-08-19 21:18 - 15362048 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\1223cf3c9fcc905300e20364b7a26097\System.Web.ni.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00019456 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3713.40522__90ba9c70f846762e\CCC.Implementation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00015360 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3713.40376__90ba9c70f846762e\NEWAEM.Foundation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00098304 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3713.40376__90ba9c70f846762e\CLI.Foundation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00057344 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3713.40388__90ba9c70f846762e\CLI.Component.SkinFactory.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3713.40522__90ba9c70f846762e\CLI.Foundation.XManifest.dll 2013-08-19 21:14 - 2013-08-19 21:14 - 06964736 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3975acf49313ceea1280da91f0383480\System.Xml.ni.dll 2013-03-30 07:44 - 2010-11-05 03:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3713.40386__90ba9c70f846762e\CLI.Component.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3713.40382__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3713.40381__90ba9c70f846762e\CLI.Foundation.Private.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3713.40381__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll 2009-12-11 14:09 - 2009-12-11 14:09 - 00073728 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3713.40384__90ba9c70f846762e\AEM.Server.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00006144 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3713.40384__90ba9c70f846762e\AEM.Server.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3713.40540__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00006656 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3713.40529__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3713.40377__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00006144 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3713.40382__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00006656 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3713.40388__90ba9c70f846762e\DEM.Graphics.dll 2010-04-07 09:43 - 2010-04-07 05:04 - 00446464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll 2013-08-19 21:14 - 2013-08-19 21:14 - 01320448 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\1031b311ee568364d4ca1c4db634eaf0\System.Configuration.ni.dll 2010-04-07 09:43 - 2010-04-07 05:04 - 00420864 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdl64.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00380928 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3713.40390__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00151552 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3713.40379__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll 2009-06-17 07:27 - 2009-06-17 07:27 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3713.40389__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00008192 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3713.40382__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00007168 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3713.40387__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll 2008-04-03 18:29 - 2008-04-03 18:29 - 00020480 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00069632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3713.40470__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00008704 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3713.40419__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00077824 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3713.40502__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3713.40403__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3713.40388__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3713.40469__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3713.40428__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3713.40403__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3713.40465__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3713.40456__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00036864 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3713.40467__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3713.40417__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3713.40403__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00065536 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3713.40455__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3713.40477__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3713.40417__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00057344 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3713.40477__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll 2009-04-22 14:13 - 2009-04-22 14:13 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll 2009-12-08 08:49 - 2009-12-08 08:49 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00094208 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3713.40457__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3713.40444__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll 2009-06-17 12:24 - 2009-06-17 12:24 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3713.40501__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3713.40464__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3713.40455__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00013312 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3713.40579__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00009728 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3713.40531__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3713.40402__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll 2009-06-17 12:24 - 2009-06-17 12:24 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3713.40454__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll 2008-12-30 13:04 - 2008-12-30 13:04 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3713.40386__90ba9c70f846762e\APM.Server.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3713.40377__90ba9c70f846762e\APM.Foundation.dll 2013-03-31 05:21 - 2010-11-13 01:26 - 00434176 _____ (Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3713.40383__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3713.40540__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3713.40383__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00577536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3713.40515__90ba9c70f846762e\CLI.Component.Systemtray.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00040960 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3713.40395__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00741376 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3713.40571__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00405504 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3713.40412__90ba9c70f846762e\CLI.Component.Wizard.dll 2008-08-26 12:41 - 2008-08-26 12:41 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00007680 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3713.40377__90ba9c70f846762e\CLI.Component.Client.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3713.40378__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00011776 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3713.40411__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3713.40413__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3713.40412__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00491520 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3713.40531__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00094208 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3713.40479__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00409600 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3713.40492__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3713.40530__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00007168 _____ ( ) C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00307200 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3713.40429__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 01708032 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3713.40579__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00204800 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3713.40421__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 01220608 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3713.40397__90ba9c70f846762e\CLI.Component.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3713.40378__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00010240 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3713.40395__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3713.40402__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3713.40401__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00065536 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3713.40532__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00196608 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3713.40422__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 01294336 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3713.40574__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00094208 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3713.40465__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00397312 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3713.40456__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00323584 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3713.40467__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00372736 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3713.40450__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00356352 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3713.40478__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00573440 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3713.40423__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll 2013-03-29 23:35 - 2013-03-29 23:35 - 00827392 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3713.40458__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll 2013-03-29 23:55 - 2010-01-29 12:54 - 00019456 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCUtility.dll 2013-03-29 23:55 - 2010-01-27 12:00 - 00035328 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\KeyUtilities.dll 2013-03-29 23:55 - 2010-01-29 12:54 - 00014336 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\Metrics.dll 2013-03-29 23:55 - 2010-01-27 12:00 - 00024576 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\SelfHeal.dll 2013-03-29 23:55 - 2010-01-29 12:54 - 00022016 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Care\IntelMonitor.dll 2013-03-30 00:00 - 2010-02-06 02:23 - 00065024 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\x64\VAIOGateNotifications.dll 2013-03-29 23:55 - 2009-09-21 13:35 - 00122880 _____ (Intel Corporation) C:\Program Files\Sony\VAIO Care\analyzer.dll 2013-08-19 21:18 - 2013-08-19 21:18 - 00295424 _____ (Microsoft Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\bcdc7d59f3f8ed743115a7e706e6232a\System.ServiceProcess.ni.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00242688 _____ () C:\Program Files\Sony\VAIO Care\ManagedVAIORecovery.dll 2013-03-30 06:53 - 2013-03-30 06:53 - 05104968 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00091136 _____ () C:\Program Files\Sony\VAIO Care\VAIORecovery.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\Logging.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00028672 _____ () C:\Program Files\Sony\VAIO Care\VAIOCommon.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00207872 _____ () C:\Program Files\Sony\VAIO Care\OsServices.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\PluginFactory.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\XMLTools.dll 2013-03-30 06:43 - 2013-03-30 06:43 - 00176456 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.DLL 2013-03-29 23:55 - 2010-02-03 04:40 - 00059392 _____ () C:\Program Files\Sony\VAIO Care\VAIOInstallAppsDrivers.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00156160 _____ () C:\Program Files\Sony\VAIO Care\InstallDB.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00138240 _____ () C:\Program Files\Sony\VAIO Care\InstallationTools.dll 2009-07-14 01:29 - 2009-07-14 03:41 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\WIMGAPI.DLL 2013-03-29 23:55 - 2010-02-03 04:40 - 00024576 _____ () C:\Program Files\Sony\VAIO Care\VAIOUtility.dll 2013-03-30 06:53 - 2013-03-30 06:53 - 00245760 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll 2013-03-30 06:53 - 2013-03-30 06:53 - 00063312 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL 2013-03-29 23:55 - 2010-02-03 04:40 - 00133632 _____ () C:\Program Files\Sony\VAIO Care\plugins\MediaBurner.dll 2013-03-29 23:55 - 2010-02-03 04:40 - 00032768 _____ () C:\Program Files\Sony\VAIO Care\plugins\DiskServices.dll 2009-07-14 01:36 - 2009-07-14 03:41 - 00116736 _____ (Microsoft Corporation) C:\Windows\System32\vds_ps.dll 2013-03-30 00:00 - 2010-02-06 02:23 - 00598016 _____ (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VGDam.dll 2009-07-14 02:17 - 2009-07-14 03:40 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\drprov.dll 2013-03-30 07:45 - 2010-11-20 15:27 - 00129536 _____ (Microsoft Corporation) C:\Windows\System32\ntlanman.dll 2013-03-30 07:45 - 2010-11-20 15:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll 2010-03-03 00:25 - 2010-03-03 00:25 - 00873984 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll 2010-03-03 00:24 - 2010-03-03 00:24 - 00003584 _____ (Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamdeu.dll 2009-09-04 14:35 - 2009-09-04 14:35 - 00556832 _____ (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll 2009-07-14 02:31 - 2009-07-14 03:41 - 02137600 _____ (Microsoft Corporation) C:\Windows\System32\NLSData0007.dll 2013-03-30 03:07 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2013-03-30 07:45 - 2010-11-20 15:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\MAPI32.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/31/2013 08:14:16 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (08/31/2013 07:57:47 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (08/31/2013 08:09:47 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (08/31/2013 08:05:55 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Microsoft Office Sessions: ========================= Error: (08/31/2013 08:14:16 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Liane ***********\Desktop\Downloads\Anti Virus\Programme\esetsmartinstaller_enu.exe Error: (08/31/2013 07:57:47 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Liane ***********\Desktop\Downloads\Anti Virus\Programme\esetsmartinstaller_enu.exe ==================== Memory info =========================== Percentage of memory in use: 42% Total physical RAM: 3834.9 MB Available physical RAM: 2197.25 MB Total Pagefile: 7667.98 MB Available Pagefile: 5820.57 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:455.68 GB) (Free:390.98 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F4B68721) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
| Themen zu 2x | 105 Infizierte Objekte, Hauptsächlich PUP.Optional.delta.a/b etc. |
| adobe, appdatalow, avg, avira searchfree toolbar, bonjour, combofix, delta chrome toolbar, desktop, downloader, explorer, farbar, farbar recovery scan tool, flash player, helper, home, iexplore.exe, infizierte, install.exe, maleware, mozilla, mp3, nodrives, phishing, plug-in, preferences, realtek, registry, server, services.exe, siteadvisor, software, spotify web helper, svchost.exe, temp, updates, virus |
Linear-Darstellung
