| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows-Firewall Fehlercode 0x80070424Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.10.2013, 08:46
| #1 |
| |  Windows-Firewall Fehlercode 0x80070424 Huhu ich habe ein Problem mit meiner Firewall! Ich öffne sie ,,Start -> Systemsteuerung -> Windows-Firewall" und bekomme erstmal gesagt, dass ich die Firewalleinstellungen aktualisieren muss, aber einige Einstellungen nicht geändert werden können. Ich klicke auf ,,Empfohlene Einstellungen" und es kommt die Meldung: ,,Einige der Einstellungen können von der Windows-Firewall nicht geändert werden. Fehlercode 0x80070424" Mein Windows Defender öffnet sich auch nicht mehr. Mein Antivirenprogramm (Avira Control Center) zeigt auch an das 2 Dienste nicht korrekt arbeiten (Firewall & Browserschutz) die ich von da aus auch nicht wirklich starten kann  Ich bin nicht so der PC freak und verstehe da nicht viel von ich hoffe es kann mir jemand helfen :/ Betriebssystem Win 7 |
|
04.10.2013, 10:19
| #2 |
| /// the machine /// TB-Ausbilder    |  Windows-Firewall Fehlercode 0x80070424 Hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.10.2013, 11:07
| #3 |
| | Windows-Firewall Fehlercode 0x80070424FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013 Ran by Privat (administrator) on PRIVAT-NB on 04-10-2013 11:54:43 Running from C:\Users\Privat\Downloads Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe (Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe () C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (MediaGet LLC) C:\Users\Privat\AppData\Local\MediaGet2\mediaget.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Smartbar) C:\Users\Privat\AppData\Local\Smartbar\Application\QuickShare.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Malwarebytes Corporation) C:\Users\Malwarebytes' Anti-Malware\mbamscheduler.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\avscan.exe (Microsoft Corporation) C:\Windows\system32\prevhost.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe () C:\Users\Privat\AppData\Roaming\IMVUClient\IMVUClient.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\IELowutil.exe () C:\Program Files\OpenIt\Open It!\openit.exe (Whilokii) C:\Program Files\Whilokii\updateWhilokii.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\msiexec.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [LWS] - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [190808 2011-03-01] (Logitech Inc.) HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2416480 2012-01-24] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM\...\Run: [Otshot] - c:\program files\otshot\otshot.exe -minimize HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-09-30] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-09-24] (APN) HKLM\...\Runonce: [ Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript HKLM\...\Runonce: [Del10503952] - cmd.exe /Q /D /c del "C:\Users\Privat\AppData\Local\Temp\0.del" HKCU\...\Run: [MediaGet2] - C:\Users\Privat\AppData\Local\MediaGet2\mediaget.exe [11077864 2013-08-31] (MediaGet LLC) HKCU\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation) HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Privat\AppData\Local\Akamai\netsession_win.exe" HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.) HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Privat\AppData\Local\Smartbar\Application\QuickShare.exe [20248 2013-09-14] (Smartbar) HKCU\...\Run: [ConduitFloatingPlugin_bcfjehbfanfhgoehogmbiebedkidedjb] - "C:\Windows\system32\Rundll32.exe" "C:\Program Files\Conduit\CT2612669\plugins\TBVerifier.dll",RunConduitFloatingPlugin bcfjehbfanfhgoehogmbiebedkidedjb HKCU\...\Runonce: [Del10503952] - cmd.exe /Q /D /c del "C:\Users\Privat\AppData\Local\Temp\0.del" AppInit_DLLs: c:\progra~2\wincert\win32c~1.dll c:\progra~2\bitguard\261694~1.246\{c16c1~1\bitguard.dll [ 2013-04-09] () Startup: C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=6589bb30-b1e4-415f-979b-7ec10340167b&searchtype=ds&q={searchTerms}&installDate=22/09/2013 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=0C070CEEE68C39CE&affID=125035&tsp=5025 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD05DC928CE7CCA01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=6589bb30-b1e4-415f-979b-7ec10340167b&searchtype=ds&q={searchTerms}&installDate=22/09/2013 HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=0C070CEEE68C39CE&affID=125035&tsp=5025 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=HitachiXHTS543232L9A300_090927FB8400CEJ2S8TAX&ts=1380406557 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=HitachiXHTS543232L9A300_090927FB8400CEJ2S8TAX&ts=1380406557 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=hp&from=newgdp&uid=HitachiXHTS543232L9A300_090927FB8400CEJ2S8TAX&ts=1380406557 StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=vtt&from=vtt&uid=HitachiXHTS543232L9A300_090927FB8400CEJ2S8TAX&ts=1371311615 SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=6589bb30-b1e4-415f-979b-7ec10340167b&searchtype=ds&q={searchTerms}&installDate=22/09/2013 SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=6589bb30-b1e4-415f-979b-7ec10340167b&searchtype=ds&q={searchTerms}&installDate=22/09/2013 SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=ds&from=newgdp&uid=HitachiXHTS543232L9A300_090927FB8400CEJ2S8TAX&ts=1380406560&type=default&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=341&systemid=406&v=a9301-109&apn_uid=7902574406134288&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=6589bb30-b1e4-415f-979b-7ec10340167b&searchtype=ds&q={searchTerms}&installDate=22/09/2013 SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=6589bb30-b1e4-415f-979b-7ec10340167b&searchtype=ds&q={searchTerms}&installDate=22/09/2013 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=0C070CEEE68C39CE&affID=125035&tsp=5025 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=ds&from=newgdp&uid=HitachiXHTS543232L9A300_090927FB8400CEJ2S8TAX&ts=1380406560&type=default&q={searchTerms} SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=341&systemid=406&v=a9301-109&apn_uid=7902574406134288&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files\Whilokii\Whilokiibho.dll (Whilokii) BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.29.1\bh\BabylonToolbar.dll No File BHO: No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~2\Datamngr\SRTOOL~1\searchresultsDx.dll No File BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.) BHO: No Name - {51fcf544-34e1-47e6-b661-fbc5280c2e74} - No File BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: No Name - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No File BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No File BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals) Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM - No Name - !{377e5d4d-77e5-476a-8716-7e70a9272da0} - No File Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.) Toolbar: HKLM - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD) Toolbar: HKCU -SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File Toolbar: HKCU - No Name - {51FCF544-34E1-47E6-B661-FBC5280C2E74} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {90B49673-5506-483E-B92B-CA0265BD9CA8} - No File DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} FF Extension: BasicServe - C:\Program Files\Mozilla Firefox\browser\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04} FF HKLM\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\Privat\AppData\Roaming\5038 FF Extension: Java String Helper - C:\Users\Privat\AppData\Roaming\5038 FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\ FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4\ FF HKCU\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\Privat\AppData\Roaming\5038 FF Extension: Java String Helper - C:\Users\Privat\AppData\Roaming\5038 FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\24.57772_0 CHR Extension: (Search-Gol Toolbar) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac\1.0_0 CHR Extension: (Google Docs) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (IMVU Inc) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb\10.19.2.505_0 CHR Extension: (YouTube) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (BonanzaDeals) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0 CHR Extension: (SweetIM for Facebook) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0 CHR Extension: (AVG Safe Search) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0 CHR Extension: (Whilokii) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebeobjidmhjkjbkmmhinldikphnpjlc\1.0.0_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (SweetPacks Chrome Extension) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0 CHR Extension: (Gmail) - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx CHR HKLM\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Privat\AppData\Roaming\BabSolution\CR\searchgol.crx CHR HKLM\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Privat\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx CHR HKLM\...\Chrome\Extension: [hfikdpojhgckaejifppccjeedkjcndpp] - C:\Users\Privat\AppData\Roaming\BabSolution\CR\hola.crx CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx CHR HKLM\...\Chrome\Extension: [lebeobjidmhjkjbkmmhinldikphnpjlc] - C:\Program Files\Whilokii\lebeobjidmhjkjbkmmhinldikphnpjlc.crx CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Privat\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&utm_campaign=eXQ&utm_content=sc&from=newgdp&uid=HitachiXHTS543232L9A300_090927FB8400CEJ2S8TAX&ts=1380406557 ========================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-09-30] (Avira Operations GmbH & Co. KG) R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-09-24] (APN LLC.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [4433248 2011-10-12] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [192776 2011-08-02] (AVG Technologies CZ, s.r.o.) S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] () S2 bonanzadealslive; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-04] (BonanzaDeals) S3 bonanzadealslivem; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-04] (BonanzaDeals) R2 ezGOSvc; C:\Windows\system32\ezGOSvc.dll [73600 2011-05-28] () R2 MBAMScheduler; C:\Users\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366152 2011-08-31] (Malwarebytes Corporation) R2 Update Whilokii; C:\Program Files\Whilokii\updateWhilokii.exe [65304 2013-10-04] (Whilokii) R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424104 2013-08-22] (Taiwan Shui Mu Chih Ching Technology Limited.) R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [303680 2013-08-22] (Wsys Co., Ltd.) ==================== Drivers (Whitelisted) ==================== R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.) S3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1570240 2009-12-08] (Atheros Communications, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-09-30] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-09-30] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-30] (Avira Operations GmbH & Co. KG) S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [67680 2013-09-30] (Avira Operations GmbH & Co. KG) R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S3 RTL8187B; C:\Windows\System32\DRIVERS\wg111v3.sys [376832 2009-11-18] (NETGEAR Inc. ) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2012-08-01] () R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-30] (Avira GmbH) S3 usbbus; system32\DRIVERS\lgusbbus.sys [x] S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x] S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x] S0 xhwbbjk; System32\drivers\cexyc.sys [x] ==================== NetSvcs (Whitelisted) =================== NETSVC: ezGOSvc -> C:\Windows\system32\ezGOSvc.dll () ==================== One Month Created Files and Folders ======== 2013-10-04 11:54 - 2013-10-04 11:54 - 01087213 _____ (Farbar) C:\Users\Privat\Downloads\FRST.exe 2013-10-04 11:54 - 2013-10-04 11:54 - 00000914 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job 2013-10-04 11:54 - 2013-10-04 11:54 - 00000910 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job 2013-10-04 11:54 - 2013-10-04 11:54 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard 2013-10-04 11:54 - 2013-10-04 11:54 - 00000000 ____D C:\FRST 2013-10-04 11:53 - 2013-10-04 11:53 - 00001072 _____ C:\Users\Public\Desktop\Open It!.lnk 2013-10-04 11:53 - 2013-10-04 11:53 - 00000296 _____ C:\Windows\Tasks\DigitalSite.job 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Roaming\searchgol 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Roaming\DigitalSite 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Roaming\BabSolution 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Local\BonanzaDealsLive 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\ProgramData\BonanzaDealsLive 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\Whilokii 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\searchgol 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\OpenIt 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\BonanzaDealsLive 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\BonanzaDeals 2013-10-04 11:52 - 2013-10-04 11:52 - 00749248 _____ C:\Users\Privat\Downloads\ZipExtractorSetup.exe 2013-10-04 11:19 - 2013-10-04 11:19 - 01088936 _____ (Conduit) C:\Users\Privat\Downloads\IMVU_brch.exe 2013-10-04 09:03 - 2013-10-04 09:03 - 00000000 ____D C:\Users\Privat\AppData\Local\{50354AEB-E323-4041-8987-AE5F39EC4F0D} 2013-10-03 18:20 - 2013-10-03 18:21 - 01048576 _____ C:\Users\Privat\Downloads\msert.exe 2013-10-03 18:16 - 2013-10-03 18:16 - 00000000 ____D C:\Windows\system32\MRT 2013-10-03 18:16 - 2013-09-01 16:57 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-03 17:11 - 2013-10-03 17:11 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Avira 2013-10-03 17:08 - 2013-10-03 17:08 - 00000000 ____D C:\Users\Privat\Documents\Reiki - Buddhismus 2013-10-03 17:07 - 2013-10-03 17:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork 2013-10-03 17:07 - 2013-10-03 17:07 - 00000000 ____D C:\Program Files\AskPartnerNetwork 2013-10-03 17:06 - 2013-10-03 17:06 - 00000000 ____D C:\ProgramData\APN 2013-10-03 17:05 - 2013-10-03 17:05 - 00000000 ____D C:\Users\Privat\Documents\Witze 2013-10-03 17:04 - 2013-10-03 17:04 - 00002016 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-10-03 17:04 - 2013-10-03 17:04 - 00000000 ____D C:\ProgramData\Avira 2013-10-03 17:04 - 2013-10-03 17:04 - 00000000 ____D C:\Program Files\Avira 2013-10-03 17:04 - 2013-09-30 11:01 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-10-03 17:04 - 2013-09-30 11:01 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-10-03 17:04 - 2013-09-30 11:01 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-10-03 17:04 - 2013-09-30 11:01 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2013-10-03 16:59 - 2013-10-03 17:02 - 122946048 _____ C:\Users\Privat\Downloads\avira14_free_antivirus_de.exe 2013-10-03 10:39 - 2013-10-03 10:40 - 00000000 ____D C:\Users\Privat\AppData\Local\{D2161AB9-D8E8-4867-8810-B77823DA7CC3} 2013-10-02 14:09 - 2013-10-03 17:14 - 00000000 _RSHD C:\Users\Privat\S-80-5421-8975-4765 2013-10-02 13:19 - 2013-10-02 13:19 - 00000000 ____D C:\Users\Privat\AppData\Local\{DEA40AFC-82B7-4229-BF38-F20BA68575FD} 2013-10-01 15:23 - 2013-10-01 15:23 - 00000000 ____D C:\Users\Privat\AppData\Local\{374F39E5-D9EE-4A3F-A764-A16455B29756} 2013-09-30 14:54 - 2013-09-30 14:54 - 00000000 ____D C:\Users\Privat\AppData\Local\{F2578D72-5D1C-4AD5-A3E1-3EF50DE48621} 2013-09-29 12:43 - 2013-09-29 12:43 - 00000000 ____D C:\Users\Privat\AppData\Local\{85698AE0-5AC3-46D0-A0C9-673889FD34E9} 2013-09-28 08:51 - 2013-09-28 23:13 - 00000000 ____D C:\Users\Privat\AppData\Local\{07C0BC06-2899-4343-874A-4B4D2BF0885E} 2013-09-27 13:55 - 2013-09-27 13:55 - 00000000 ____D C:\Users\Privat\AppData\Local\{BAD6B249-CFAF-4414-9872-F35B1912DDE5} 2013-09-26 12:29 - 2013-09-26 12:29 - 00000000 ____D C:\Users\Privat\AppData\Local\{D916580C-6032-46A9-AF8F-5C95B3DA6E4F} 2013-09-25 13:58 - 2013-09-25 13:58 - 00000000 ____D C:\Users\Privat\AppData\Local\{210D1052-49B3-4365-91CC-EFF57F9C0DAC} 2013-09-24 19:43 - 2013-09-24 19:43 - 00000000 ____D C:\Users\Privat\AppData\Local\{180EAB7D-54E2-4F23-B2CF-CC1E69E10376} 2013-09-21 10:25 - 2013-09-22 21:42 - 00000000 ____D C:\Users\Privat\AppData\Local\{49D9A1E9-784E-4DF5-B0F0-4991E0F7D06E} 2013-09-20 15:03 - 2013-09-20 15:04 - 00000000 ____D C:\Users\Privat\AppData\Local\{F177F8C0-32DB-42B1-9E49-A9CC05B249C0} 2013-09-19 14:08 - 2013-09-19 14:08 - 00000000 ____D C:\Users\Privat\AppData\Local\{3DAC9191-490E-42F2-B668-99CD61052017} 2013-09-18 16:46 - 2013-10-04 11:53 - 00000000 ____D C:\ProgramData\BitGuard 2013-09-18 16:46 - 2013-09-18 16:46 - 00000000 ____D C:\ProgramData\BrowserProtect 2013-09-18 16:25 - 2013-10-04 11:55 - 00000000 ____D C:\ProgramData\Datamngr 2013-09-18 16:25 - 2013-09-18 16:26 - 00000000 ____D C:\Users\Privat\AppData\Local\{CFC7D030-8583-44BE-A07E-37EE22C1F0DA} 2013-09-18 16:25 - 2013-09-18 16:25 - 00000000 ____D C:\Program Files\Movies Toolbar 2013-09-17 18:11 - 2013-09-17 18:11 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin 2013-09-17 18:09 - 2013-09-27 15:27 - 00000000 ____D C:\Users\Privat\AppData\Local\PMB Files 2013-09-17 18:09 - 2013-09-22 11:02 - 00000000 ____D C:\ProgramData\PMB Files 2013-09-17 18:08 - 2013-09-17 18:09 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Riot Games 2013-09-17 18:07 - 2013-09-17 18:08 - 34888568 _____ (Riot Games) C:\Users\Privat\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2013-09-17 15:41 - 2013-09-17 15:42 - 00000000 ____D C:\Users\Privat\AppData\Local\{8127BDA0-F639-4201-839D-EFA1B667B9DB} 2013-09-16 15:42 - 2013-09-16 15:42 - 00000000 ____D C:\Users\Privat\AppData\Local\{A04E507E-8D64-44FF-8BC5-3B5D6546CA46} 2013-09-15 09:55 - 2013-09-15 09:56 - 00000000 ____D C:\Users\Privat\AppData\Local\{BFA628E1-7FBE-4845-9A71-356525BF0926} 2013-09-14 09:36 - 2013-09-14 09:36 - 00000000 ____D C:\Users\Privat\AppData\Local\{1831F4D7-D3EF-44CD-8247-435834659033} 2013-09-13 20:40 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-13 20:40 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-13 20:40 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-13 20:40 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-13 20:40 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-13 20:40 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-13 20:40 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-13 20:40 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-13 20:40 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-13 20:40 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-13 20:40 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-13 20:40 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-13 20:40 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-13 20:40 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-13 20:25 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-13 20:25 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-13 16:08 - 2013-09-13 16:08 - 00000000 ____D C:\Users\Privat\AppData\Local\{4399B8CD-3880-4D9F-AA30-3F458094118B} 2013-09-12 20:29 - 2013-10-03 18:33 - 00000000 ____D C:\Users\Privat\Desktop\eBay 2013-09-12 18:25 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-12 18:25 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-12 18:25 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-12 18:24 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-12 18:24 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-12 18:24 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-12 18:24 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-12 18:24 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 18:24 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 18:13 - 2013-09-12 18:13 - 00000000 ____D C:\Users\Privat\AppData\Local\{24D82C85-D86B-45FB-8E75-85FA494882F0} 2013-09-11 13:46 - 2013-09-11 13:46 - 00000000 ____D C:\Users\Privat\AppData\Local\{F329042E-C674-4749-8DAC-6A58A14313D6} 2013-09-10 18:36 - 2013-09-10 18:37 - 00000000 ____D C:\Users\Privat\AppData\Local\{859ADBDB-B3B7-41BF-9B4D-B20687925878} 2013-09-09 17:11 - 2013-09-09 17:11 - 00000000 ____D C:\Users\Privat\AppData\Local\{2FFDF001-7649-4C03-8DC6-619597BD944B} 2013-09-08 17:26 - 2013-09-08 17:26 - 00000000 ____D C:\Users\Privat\AppData\Local\{EDDD6814-D3DF-4FC9-928D-7270D00BBAB4} 2013-09-06 17:09 - 2013-09-06 17:09 - 00000000 ____D C:\Users\Privat\AppData\Local\{C7FF300C-E558-46CB-8A98-0C0D2B72A707} 2013-09-05 12:36 - 2013-09-05 12:36 - 00000000 ____D C:\Users\Privat\AppData\Local\{8504EFBC-40D8-42D0-9A7F-4A4BDB892A23} 2013-09-04 13:38 - 2013-09-04 13:38 - 00000000 ____D C:\Users\Privat\AppData\Local\{164E3EE0-0F21-465E-A334-B2E8EB16C21D} ==================== One Month Modified Files and Folders ======= 2013-10-04 11:55 - 2013-09-18 16:25 - 00000000 ____D C:\ProgramData\Datamngr 2013-10-04 11:54 - 2013-10-04 11:54 - 01087213 _____ (Farbar) C:\Users\Privat\Downloads\FRST.exe 2013-10-04 11:54 - 2013-10-04 11:54 - 00000914 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job 2013-10-04 11:54 - 2013-10-04 11:54 - 00000910 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job 2013-10-04 11:54 - 2013-10-04 11:54 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard 2013-10-04 11:54 - 2013-10-04 11:54 - 00000000 ____D C:\FRST 2013-10-04 11:53 - 2013-10-04 11:53 - 00001072 _____ C:\Users\Public\Desktop\Open It!.lnk 2013-10-04 11:53 - 2013-10-04 11:53 - 00000296 _____ C:\Windows\Tasks\DigitalSite.job 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Roaming\searchgol 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Roaming\DigitalSite 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Roaming\BabSolution 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Users\Privat\AppData\Local\BonanzaDealsLive 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\ProgramData\BonanzaDealsLive 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\Whilokii 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\searchgol 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\OpenIt 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\BonanzaDealsLive 2013-10-04 11:53 - 2013-10-04 11:53 - 00000000 ____D C:\Program Files\BonanzaDeals 2013-10-04 11:53 - 2013-09-18 16:46 - 00000000 ____D C:\ProgramData\BitGuard 2013-10-04 11:53 - 2013-06-12 19:22 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-10-04 11:53 - 2013-06-07 15:00 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-10-04 11:53 - 2009-07-14 06:34 - 00020656 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-04 11:53 - 2009-07-14 06:34 - 00020656 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-04 11:52 - 2013-10-04 11:52 - 00749248 _____ C:\Users\Privat\Downloads\ZipExtractorSetup.exe 2013-10-04 11:47 - 2013-08-27 18:09 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Betcat 2013-10-04 11:47 - 2013-08-10 11:42 - 00000000 ____D C:\Program Files\Movdap 2013-10-04 11:47 - 2013-04-20 11:24 - 00000000 ____D C:\Users\Privat\AppData\Roaming\File Scout 2013-10-04 11:44 - 2011-03-25 15:26 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Skype 2013-10-04 11:43 - 2011-04-17 14:54 - 00000000 ____D C:\Users\Privat\AppData\Roaming\IMVU 2013-10-04 11:35 - 2013-07-30 09:35 - 00000294 _____ C:\Windows\Tasks\Dealply.job 2013-10-04 11:34 - 2012-10-28 21:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-04 11:25 - 2012-03-04 12:27 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-04 11:19 - 2013-10-04 11:19 - 01088936 _____ (Conduit) C:\Users\Privat\Downloads\IMVU_brch.exe 2013-10-04 10:34 - 2013-03-06 19:26 - 00000360 _____ C:\Windows\Tasks\AmiUpdXp.job 2013-10-04 09:57 - 2011-10-30 20:02 - 00000000 ____D C:\ProgramData\AVG2012 2013-10-04 09:57 - 2011-10-30 19:59 - 00000000 ____D C:\ProgramData\MFAData 2013-10-04 09:19 - 2009-12-08 17:35 - 01586608 _____ C:\Windows\WindowsUpdate.log 2013-10-04 09:03 - 2013-10-04 09:03 - 00000000 ____D C:\Users\Privat\AppData\Local\{50354AEB-E323-4041-8987-AE5F39EC4F0D} 2013-10-04 09:01 - 2013-08-22 21:15 - 00000000 ____D C:\Program Files\WinZipper 2013-10-04 09:01 - 2013-06-15 17:59 - 00000000 ____D C:\ProgramData\eSafe 2013-10-04 08:58 - 2012-03-04 12:27 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-04 08:58 - 2012-01-11 14:54 - 00064848 _____ C:\Windows\setupact.log 2013-10-04 08:58 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-03 18:35 - 2009-12-08 17:45 - 00336998 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-03 18:33 - 2013-09-12 20:29 - 00000000 ____D C:\Users\Privat\Desktop\eBay 2013-10-03 18:24 - 2012-01-11 14:54 - 00673222 _____ C:\Windows\PFRO.log 2013-10-03 18:21 - 2013-10-03 18:20 - 01048576 _____ C:\Users\Privat\Downloads\msert.exe 2013-10-03 18:16 - 2013-10-03 18:16 - 00000000 ____D C:\Windows\system32\MRT 2013-10-03 17:14 - 2013-10-02 14:09 - 00000000 _RSHD C:\Users\Privat\S-80-5421-8975-4765 2013-10-03 17:11 - 2013-10-03 17:11 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Avira 2013-10-03 17:08 - 2013-10-03 17:08 - 00000000 ____D C:\Users\Privat\Documents\Reiki - Buddhismus 2013-10-03 17:07 - 2013-10-03 17:07 - 00000000 ____D C:\ProgramData\AskPartnerNetwork 2013-10-03 17:07 - 2013-10-03 17:07 - 00000000 ____D C:\Program Files\AskPartnerNetwork 2013-10-03 17:06 - 2013-10-03 17:06 - 00000000 ____D C:\ProgramData\APN 2013-10-03 17:05 - 2013-10-03 17:05 - 00000000 ____D C:\Users\Privat\Documents\Witze 2013-10-03 17:04 - 2013-10-03 17:04 - 00002016 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-10-03 17:04 - 2013-10-03 17:04 - 00000000 ____D C:\ProgramData\Avira 2013-10-03 17:04 - 2013-10-03 17:04 - 00000000 ____D C:\Program Files\Avira 2013-10-03 17:02 - 2013-10-03 16:59 - 122946048 _____ C:\Users\Privat\Downloads\avira14_free_antivirus_de.exe 2013-10-03 16:58 - 2011-03-22 14:56 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-10-03 16:55 - 2011-03-25 15:25 - 00000000 ___RD C:\Program Files\Skype 2013-10-03 16:55 - 2011-03-25 15:25 - 00000000 ____D C:\ProgramData\Skype 2013-10-03 16:44 - 2011-10-11 13:48 - 00000000 ____D C:\Program Files\Google 2013-10-03 16:43 - 2013-04-20 11:45 - 00000000 ____D C:\Program Files\NCH Software 2013-10-03 16:43 - 2012-04-11 20:16 - 00000000 ____D C:\Users\Privat\AppData\Roaming\FreeScreenToVideo 2013-10-03 12:22 - 2013-08-22 21:15 - 00000000 ____D C:\Users\Privat\AppData\Roaming\WinZipper 2013-10-03 10:40 - 2013-10-03 10:39 - 00000000 ____D C:\Users\Privat\AppData\Local\{D2161AB9-D8E8-4867-8810-B77823DA7CC3} 2013-10-02 16:33 - 2011-09-30 14:47 - 00000000 ____D C:\Users\Privat\AppData\Local\CrashDumps 2013-10-02 16:31 - 2011-04-17 14:17 - 00000000 ____D C:\Users\Privat\Documents\ds card 2013-10-02 14:09 - 2009-12-08 17:40 - 00000000 ____D C:\Users\Privat 2013-10-02 13:19 - 2013-10-02 13:19 - 00000000 ____D C:\Users\Privat\AppData\Local\{DEA40AFC-82B7-4229-BF38-F20BA68575FD} 2013-10-02 13:18 - 2012-02-07 20:21 - 00000350 _____ C:\Windows\Tasks\At12.job 2013-10-02 13:18 - 2012-02-07 20:09 - 00000350 _____ C:\Windows\Tasks\At10.job 2013-10-02 13:18 - 2012-02-07 20:09 - 00000348 _____ C:\Windows\Tasks\At9.job 2013-10-02 13:18 - 2012-02-07 20:09 - 00000348 _____ C:\Windows\Tasks\At11.job 2013-10-02 13:18 - 2012-02-07 20:08 - 00000350 _____ C:\Windows\Tasks\At8.job 2013-10-02 13:18 - 2012-02-07 20:08 - 00000350 _____ C:\Windows\Tasks\At6.job 2013-10-02 13:18 - 2012-02-07 20:08 - 00000350 _____ C:\Windows\Tasks\At4.job 2013-10-02 13:18 - 2012-02-07 20:08 - 00000350 _____ C:\Windows\Tasks\At2.job 2013-10-02 13:18 - 2012-02-07 20:08 - 00000348 _____ C:\Windows\Tasks\At7.job 2013-10-02 13:18 - 2012-02-07 20:08 - 00000348 _____ C:\Windows\Tasks\At5.job 2013-10-02 13:18 - 2012-02-07 20:08 - 00000348 _____ C:\Windows\Tasks\At3.job 2013-10-02 13:18 - 2012-02-07 20:08 - 00000348 _____ C:\Windows\Tasks\At1.job 2013-10-01 15:23 - 2013-10-01 15:23 - 00000000 ____D C:\Users\Privat\AppData\Local\{374F39E5-D9EE-4A3F-A764-A16455B29756} 2013-09-30 14:54 - 2013-09-30 14:54 - 00000000 ____D C:\Users\Privat\AppData\Local\{F2578D72-5D1C-4AD5-A3E1-3EF50DE48621} 2013-09-30 11:01 - 2013-10-03 17:04 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-30 11:01 - 2013-10-03 17:04 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-09-30 11:01 - 2013-10-03 17:04 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-09-30 11:01 - 2013-10-03 17:04 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys 2013-09-30 11:01 - 2009-12-14 16:51 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-09-29 12:43 - 2013-09-29 12:43 - 00000000 ____D C:\Users\Privat\AppData\Local\{85698AE0-5AC3-46D0-A0C9-673889FD34E9} 2013-09-28 23:13 - 2013-09-28 08:51 - 00000000 ____D C:\Users\Privat\AppData\Local\{07C0BC06-2899-4343-874A-4B4D2BF0885E} 2013-09-27 15:27 - 2013-09-17 18:09 - 00000000 ____D C:\Users\Privat\AppData\Local\PMB Files 2013-09-27 13:55 - 2013-09-27 13:55 - 00000000 ____D C:\Users\Privat\AppData\Local\{BAD6B249-CFAF-4414-9872-F35B1912DDE5} 2013-09-26 12:29 - 2013-09-26 12:29 - 00000000 ____D C:\Users\Privat\AppData\Local\{D916580C-6032-46A9-AF8F-5C95B3DA6E4F} 2013-09-25 13:58 - 2013-09-25 13:58 - 00000000 ____D C:\Users\Privat\AppData\Local\{210D1052-49B3-4365-91CC-EFF57F9C0DAC} 2013-09-24 19:43 - 2013-09-24 19:43 - 00000000 ____D C:\Users\Privat\AppData\Local\{180EAB7D-54E2-4F23-B2CF-CC1E69E10376} 2013-09-22 21:42 - 2013-09-21 10:25 - 00000000 ____D C:\Users\Privat\AppData\Local\{49D9A1E9-784E-4DF5-B0F0-4991E0F7D06E} 2013-09-22 11:02 - 2013-09-17 18:09 - 00000000 ____D C:\ProgramData\PMB Files 2013-09-22 10:13 - 2013-06-28 18:17 - 00002399 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-22 09:46 - 2013-03-06 19:30 - 00000000 ____D C:\Users\Privat\AppData\Local\Smartbar 2013-09-20 15:04 - 2013-09-20 15:03 - 00000000 ____D C:\Users\Privat\AppData\Local\{F177F8C0-32DB-42B1-9E49-A9CC05B249C0} 2013-09-19 19:10 - 2012-10-28 21:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2013-09-19 19:10 - 2012-01-10 19:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2013-09-19 14:08 - 2013-09-19 14:08 - 00000000 ____D C:\Users\Privat\AppData\Local\{3DAC9191-490E-42F2-B668-99CD61052017} 2013-09-18 16:46 - 2013-09-18 16:46 - 00000000 ____D C:\ProgramData\BrowserProtect 2013-09-18 16:26 - 2013-09-18 16:25 - 00000000 ____D C:\Users\Privat\AppData\Local\{CFC7D030-8583-44BE-A07E-37EE22C1F0DA} 2013-09-18 16:25 - 2013-09-18 16:25 - 00000000 ____D C:\Program Files\Movies Toolbar 2013-09-18 16:25 - 2013-03-15 23:15 - 00000000 ____D C:\ProgramData\Wincert 2013-09-17 18:11 - 2013-09-17 18:11 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin 2013-09-17 18:09 - 2013-09-17 18:08 - 00000000 ____D C:\Users\Privat\AppData\Roaming\Riot Games 2013-09-17 18:08 - 2013-09-17 18:07 - 34888568 _____ (Riot Games) C:\Users\Privat\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2013-09-17 15:42 - 2013-09-17 15:41 - 00000000 ____D C:\Users\Privat\AppData\Local\{8127BDA0-F639-4201-839D-EFA1B667B9DB} 2013-09-16 15:42 - 2013-09-16 15:42 - 00000000 ____D C:\Users\Privat\AppData\Local\{A04E507E-8D64-44FF-8BC5-3B5D6546CA46} 2013-09-15 09:56 - 2013-09-15 09:55 - 00000000 ____D C:\Users\Privat\AppData\Local\{BFA628E1-7FBE-4845-9A71-356525BF0926} 2013-09-14 10:24 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-09-14 09:36 - 2013-09-14 09:36 - 00000000 ____D C:\Users\Privat\AppData\Local\{1831F4D7-D3EF-44CD-8247-435834659033} 2013-09-13 20:45 - 2012-04-16 07:33 - 00034380 _____ C:\Windows\system32\commonpriv.log 2013-09-13 16:26 - 2009-07-14 06:33 - 00285944 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-13 16:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE 2013-09-13 16:08 - 2013-09-13 16:08 - 00000000 ____D C:\Users\Privat\AppData\Local\{4399B8CD-3880-4D9F-AA30-3F458094118B} 2013-09-12 18:13 - 2013-09-12 18:13 - 00000000 ____D C:\Users\Privat\AppData\Local\{24D82C85-D86B-45FB-8E75-85FA494882F0} 2013-09-11 13:46 - 2013-09-11 13:46 - 00000000 ____D C:\Users\Privat\AppData\Local\{F329042E-C674-4749-8DAC-6A58A14313D6} 2013-09-10 18:37 - 2013-09-10 18:36 - 00000000 ____D C:\Users\Privat\AppData\Local\{859ADBDB-B3B7-41BF-9B4D-B20687925878} 2013-09-09 17:11 - 2013-09-09 17:11 - 00000000 ____D C:\Users\Privat\AppData\Local\{2FFDF001-7649-4C03-8DC6-619597BD944B} 2013-09-08 20:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF 2013-09-08 17:26 - 2013-09-08 17:26 - 00000000 ____D C:\Users\Privat\AppData\Local\{EDDD6814-D3DF-4FC9-928D-7270D00BBAB4} 2013-09-06 17:09 - 2013-09-06 17:09 - 00000000 ____D C:\Users\Privat\AppData\Local\{C7FF300C-E558-46CB-8A98-0C0D2B72A707} 2013-09-05 12:36 - 2013-09-05 12:36 - 00000000 ____D C:\Users\Privat\AppData\Local\{8504EFBC-40D8-42D0-9A7F-4A4BDB892A23} 2013-09-04 13:38 - 2013-09-04 13:38 - 00000000 ____D C:\Users\Privat\AppData\Local\{164E3EE0-0F21-465E-A334-B2E8EB16C21D} Files to move or delete: ==================== C:\Users\Privat\AppData\Roaming\CamLayout.ini C:\Users\Privat\AppData\Roaming\CamShapes.ini C:\ProgramData\nud0repor.pad C:\Users\Malwarebytes' Anti-Malware\7z.dll C:\Users\Malwarebytes' Anti-Malware\mbam.dll C:\Users\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Malwarebytes' Anti-Malware\mbamcore.dll C:\Users\Malwarebytes' Anti-Malware\mbamext.dll C:\Users\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\Malwarebytes' Anti-Malware\mbamnet.dll C:\Users\Malwarebytes' Anti-Malware\mbampt.exe C:\Users\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Users\Malwarebytes' Anti-Malware\mbamservice.exe C:\Users\Malwarebytes' Anti-Malware\ssubtmr6.dll C:\Users\Malwarebytes' Anti-Malware\unins000.dat C:\Users\Malwarebytes' Anti-Malware\unins000.exe C:\Windows\Tasks\At1.job C:\Windows\Tasks\At10.job C:\Windows\Tasks\At11.job C:\Windows\Tasks\At12.job C:\Windows\Tasks\At2.job C:\Windows\Tasks\At3.job C:\Windows\Tasks\At4.job C:\Windows\Tasks\At5.job C:\Windows\Tasks\At6.job C:\Windows\Tasks\At7.job C:\Windows\Tasks\At8.job C:\Windows\Tasks\At9.job Some content of TEMP: ==================== C:\Users\Privat\AppData\Local\Temp\42979uninstall.exe C:\Users\Privat\AppData\Local\Temp\7z920.exe C:\Users\Privat\AppData\Local\Temp\AutoRun.exe C:\Users\Privat\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Privat\AppData\Local\Temp\avgnt.exe C:\Users\Privat\AppData\Local\Temp\bi_cleaner.exe C:\Users\Privat\AppData\Local\Temp\BundleSweetIMSetup.exe C:\Users\Privat\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe C:\Users\Privat\AppData\Local\Temp\conduitinstaller.exe C:\Users\Privat\AppData\Local\Temp\contentDATs.exe C:\Users\Privat\AppData\Local\Temp\doxillionsetup.exe C:\Users\Privat\AppData\Local\Temp\dp.exe C:\Users\Privat\AppData\Local\Temp\drm_dialogs.dll C:\Users\Privat\AppData\Local\Temp\drm_dyndata_7360010.dll C:\Users\Privat\AppData\Local\Temp\eauninstall.exe C:\Users\Privat\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE C:\Users\Privat\AppData\Local\Temp\fsa9166.exe C:\Users\Privat\AppData\Local\Temp\ICReinstall_CamStudio2-7r316[1].exe C:\Users\Privat\AppData\Local\Temp\ICReinstall_setup.exe C:\Users\Privat\AppData\Local\Temp\installhelper.dll C:\Users\Privat\AppData\Local\Temp\mconduitinstaller.exe C:\Users\Privat\AppData\Local\Temp\mgsqlite3.dll C:\Users\Privat\AppData\Local\Temp\mism.exe C:\Users\Privat\AppData\Local\Temp\MixiDJToolbar.exe C:\Users\Privat\AppData\Local\Temp\MybabylonTB.exe C:\Users\Privat\AppData\Local\Temp\NEWF51B.tmp.exe C:\Users\Privat\AppData\Local\Temp\ping.exe C:\Users\Privat\AppData\Local\Temp\pricepeep_130001_0101.exe C:\Users\Privat\AppData\Local\Temp\propsys.dll C:\Users\Privat\AppData\Local\Temp\roper0dun.exe C:\Users\Privat\AppData\Local\Temp\setup.exe C:\Users\Privat\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe C:\Users\Privat\AppData\Local\Temp\Shortcut_sweetimsetup(3).exe C:\Users\Privat\AppData\Local\Temp\SIMEEIInstaller.exe C:\Users\Privat\AppData\Local\Temp\SkypeSetup.exe C:\Users\Privat\AppData\Local\Temp\SmartbarExeInstaller.exe C:\Users\Privat\AppData\Local\Temp\SQLite.dll C:\Users\Privat\AppData\Local\Temp\Sqlite3.dll C:\Users\Privat\AppData\Local\Temp\SRAssetsHelper.dll C:\Users\Privat\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Privat\AppData\Local\Temp\tbedrs.dll C:\Users\Privat\AppData\Local\Temp\tbInc2.dll C:\Users\Privat\AppData\Local\Temp\tbKey_.dll C:\Users\Privat\AppData\Local\Temp\TB_BEBC.exe C:\Users\Privat\AppData\Local\Temp\TB_C15B.exe C:\Users\Privat\AppData\Local\Temp\uninst1.exe C:\Users\Privat\AppData\Local\Temp\UpdateCheckerSetup.exe C:\Users\Privat\AppData\Local\Temp\Updater.exe C:\Users\Privat\AppData\Local\Temp\VideoSpin_2_0_Setup.exe C:\Users\Privat\AppData\Local\Temp\vlc-2.0.2-win32.exe C:\Users\Privat\AppData\Local\Temp\vpsetup.exe C:\Users\Privat\AppData\Local\Temp\WajamC.exe C:\Users\Privat\AppData\Local\Temp\wajam_download.exe C:\Users\Privat\AppData\Local\Temp\wajam_install.exe C:\Users\Privat\AppData\Local\Temp\_is48B9.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-03-09 19:43 ==================== End Of Log ============================ Das ist die FRST.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013
Ran by Privat at 2013-10-04 12:03:13
Running from C:\Users\Privat\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton AntiVirus (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
==================== Installed Programs ======================
7-Zip 9.20
Adobe AIR (Version: 3.3.0.3650)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Premiere Pro 1.5 Tryout (Version: 1.5)
Adobe Reader 9.2 - Deutsch (Version: 9.2.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
ArcSoft MediaImpression 2 (Version: 2.0.26.939)
AVG 2012 (Version: 12.0.1834)
AVG 2012 (Version: 12.0.1869)
AVG 2012 (Version: 12.0.1872)
AVG 2012 (Version: 2012.0.1913)
Avira Free Antivirus (Version: 14.0.0.383)
Avira SearchFree Toolbar (Version: 12.5.1.1249)
BitGuard
Bonanza Deals (remove only) (Version: 5.0.1.0)
CameraHelperMsi (Version: 13.25.1010.0)
D3DX10 (Version: 15.4.2368.0902)
Die Sims™ 2 Super Deluxe
Die*Sims™*3 (Version: 1.0.615)
EPSON Scan
EPSON-Drucker-Software
erLT (Version: 1.20.138.34)
ESDX4800_4200 Benutzerhandbuch
Google Chrome (Version: 29.0.1547.76)
Google Update Helper (Version: 1.3.21.153)
iLivid (Version: 4.0.0.2624)
IMVU Avatar Chat Software
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 16 (Version: 6.0.160)
Java(TM) 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
League of Legends (Version: 3.0.1)
LG USB Modem driver (Version: 4.9.2)
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.20.1166.0)
LWS Gallery (Version: 13.20.1166.0)
LWS Help_main (Version: 13.25.1016.0)
LWS Launcher (Version: 13.20.1166.0)
LWS Motion Detection (Version: 13.20.1176.0)
LWS Pictures And Video (Version: 13.25.1010.0)
LWS Twitter (Version: 13.20.1166.0)
LWS Video Mask Maker (Version: 13.10.1216.0)
LWS VideoEffects (Version: 13.25.1005.0)
LWS Webcam Software (Version: 13.20.1168.0)
LWS WLM Plugin (Version: 1.20.1166.0)
LWS YouTube Plugin (Version: 13.20.1166.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Open It! (Version: 1.1.1)
OpenOffice.org 3.1 (Version: 3.1.9420)
Pando Media Booster (Version: 2.6.0.7)
PhotoScape
Qtrax Player (Version: 1.00.0001)
QuickShare (Version: 1.146.60.12450)
QuickTime (Version: 7.69.80.9)
Search-Gol Chrome Toolbar
searchgol toolbar (Version: 1.8.16.19)
Skype™ 6.6 (Version: 6.6.106)
TeamViewer 7 (Version: 7.0.12979)
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.2030.5)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Zip Extractor
Update Service (Version: 4.1.0)
VLC media player 2.0.2 (Version: 2.0.2)
Whilokii 1.0.0 (Version: 1.0.0)
Windows Essentials Media Codec Pack 3.4 [32-Bit] (Version: 3.4)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
Windows Searchqu Toolbar (Version: 3.0.0.115676)
WinZipper (Version: 1.4.8)
==================== Restore Points =========================
03-10-2013 14:40:25 Removed AVG 2012
03-10-2013 14:43:42 Removed Google Earth Plug-in.
03-10-2013 14:52:38 Removed Internet Explorer Toolbar 4.6 by SweetPacks
03-10-2013 14:54:30 Photo Notifier and Animation Creator wurde entfernt.
03-10-2013 14:55:08 Removed Skype Click to Call
03-10-2013 14:56:39 Entfernt Star Stable 1
03-10-2013 14:57:56 Entfernt Star Stable 2
03-10-2013 16:15:23 Windows Update
04-10-2013 07:21:02 Windows-Sicherung
==================== Scheduled Tasks (whitelisted) =============
Task: {052BB131-B7C0-4861-83F8-C85865C32490} - System32\Tasks\{62FF57AE-BCFF-4653-881D-E79A619FA404} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.0.113/en/abandoninstall?page=tsGoogle&installinfo=google-toolbar:offered-installed,google-chrome:notoffered;toolbaroffered
Task: {0CA8035D-0AA0-4009-B210-AD3DDEDE8381} - System32\Tasks\{3D91E04F-DD6E-4267-88B1-BB8F6E5ECEA1} => C:\Windows\twain_32\escndv\escndv.exe [2005-02-22] (SEIKO EPSON CORP.)
Task: {0D441C22-CD02-4585-918E-96D66AB3E5F0} - System32\Tasks\At11 => C:\Windows\system32\Kp38u.com
Task: {0DC475BB-D025-4905-9639-602174E8E8D6} - System32\Tasks\EPUpdater => C:\Users\Privat\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-09-01] ()
Task: {22E9B1FE-FE40-4D16-9140-5B85093BF23B} - System32\Tasks\At4 => C:\Windows\system32\Kp38u.com_
Task: {309B0B79-6C7A-43CF-8531-A8DDE2876FF7} - System32\Tasks\At3 => C:\Windows\system32\Kp38u.com
Task: {40BB103D-0910-40FE-BD08-50EC786C139B} - System32\Tasks\DigitalSite => C:\Users\Privat\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE [2013-04-12] ()
Task: {416B2D26-323D-4245-935F-7664D7B756D6} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {445684BB-F93D-4092-9025-7CDA7955F417} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-04] (Google Inc.)
Task: {496ACB17-FCCB-4473-9A32-115338B2FE1C} - System32\Tasks\At6 => C:\Windows\system32\Kp38u.com_
Task: {4AB18725-F0DE-4657-8D9D-83C3ED007883} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {69DE76A5-CF07-42BA-8990-944FB9F75FE4} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-04] (BonanzaDeals)
Task: {6CB54258-2FAC-4AD8-ABD5-FF984B2A8601} - System32\Tasks\{28BE3D8C-EAF5-4BE4-9A8C-1ABEBCB387CD} => C:\Program Files\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {731BFDE1-8DE4-45AA-9870-4232AF9BA640} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe
Task: {81664F1C-AD00-492A-AA46-6DC767038436} - System32\Tasks\At10 => C:\Windows\system32\Kp38u.com_
Task: {8BC9A85A-E5D4-4653-B320-54A64BF3BE82} - System32\Tasks\{CA5EB717-1511-46AD-8A5E-F9B8A5DA5C33} => C:\Program Files\osu!\osu!.exe
Task: {8BF0E657-502E-46ED-B6C7-DF6B4B01E2FB} - System32\Tasks\{C31102E5-D391-4F46-841E-D74292E57EFF} => C:\Windows\twain_32\escndv\escndv.exe [2005-02-22] (SEIKO EPSON CORP.)
Task: {903ABFA3-6900-47A9-8ED2-257012D14E32} - System32\Tasks\At5 => C:\Windows\system32\Kp38u.com
Task: {9A65D55A-172D-4615-97C7-D2ED12EFB367} - System32\Tasks\{4E8AB39A-522B-4518-941A-DBD12549D7F3} => G:\843921.exe
Task: {A2841936-A15D-4506-BB93-137D781D7876} - System32\Tasks\At2 => C:\Windows\system32\Kp38u.com_
Task: {A2E70923-6133-439D-9E26-A16C69E7A1CF} - System32\Tasks\AmiUpdXp => C:\Users\Privat\AppData\Local\SwvUpdater\Updater.exe
Task: {AC94F9C2-D4C4-4266-890C-4031A636D742} - System32\Tasks\At1 => C:\Windows\system32\Kp38u.com
Task: {B67F7245-922E-441B-B5E5-14DF3DC193F7} - System32\Tasks\Windows Codec Update Service => C:\Program Files\Essentials Codec Pack\WECPUpdate.exe [2012-02-22] (MediaCodec.Org)
Task: {B965DDA3-754B-4EB6-82C3-B054A18FA859} - System32\Tasks\At8 => C:\Windows\system32\Kp38u.com_
Task: {C0ACE6C8-1DB6-4C79-9257-F4F5CCC7BFF9} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-04] (BonanzaDeals)
Task: {C90DE116-4919-4267-8669-3DBA1950A6A3} - System32\Tasks\At12 => C:\Windows\system32\Kp38u.com_
Task: {CB81A824-0407-452A-A2C4-F6E8B547C2C1} - System32\Tasks\{84209D38-87BF-4FCA-B2DD-FD3A4FC08613} => C:\Program Files\osu!\osu!.exe
Task: {D24E8FC8-FF02-46F1-A6CA-B66E2B58F421} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {D60D5585-D1F3-4269-905A-5C885618AB2C} - System32\Tasks\At9 => C:\Windows\system32\Kp38u.com
Task: {D6793625-E5D7-4686-9761-8169B9D73E75} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {D89327CD-095E-42A1-B306-61A3F1277633} - System32\Tasks\Dealply => C:\Users\Privat\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE
Task: {DC6659D4-3F36-4126-BA49-CDA8D158C199} - System32\Tasks\At7 => C:\Windows\system32\Kp38u.com
Task: {F64C9DA0-3AE9-40A8-A367-FFA8668A8E83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-04] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Privat\AppData\Local\SwvUpdater\Updater.exe
Task: C:\Windows\Tasks\At1.job => ?
Task: C:\Windows\Tasks\At10.job => ?
Task: C:\Windows\Tasks\At11.job => ?
Task: C:\Windows\Tasks\At12.job => ?
Task: C:\Windows\Tasks\At2.job => ?
Task: C:\Windows\Tasks\At3.job => ?
Task: C:\Windows\Tasks\At4.job => ?
Task: C:\Windows\Tasks\At5.job => ?
Task: C:\Windows\Tasks\At6.job => ?
Task: C:\Windows\Tasks\At7.job => ?
Task: C:\Windows\Tasks\At8.job => ?
Task: C:\Windows\Tasks\At9.job => ?
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\Dealply.job => C:\Users\Privat\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Privat\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-18 16:25 - 2013-09-18 00:46 - 00485376 _____ () C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll
2011-03-01 23:14 - 2011-03-01 23:14 - 02143576 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2011-03-01 23:14 - 2011-03-01 23:14 - 07954776 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00340824 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00027480 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00126808 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2011-03-30 18:25 - 2011-03-30 18:25 - 00331608 _____ () C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2011-10-26 13:08 - 2013-08-31 18:26 - 00144896 _____ () C:\Users\Privat\AppData\Local\MediaGet2\libvlc.dll
2011-10-26 13:08 - 2013-08-31 18:26 - 02376192 _____ () C:\Users\Privat\AppData\Local\MediaGet2\libvlccore.dll
2011-12-10 10:44 - 2013-08-31 18:26 - 17620200 _____ () C:\Users\Privat\AppData\Local\MediaGet2\QtWebKit4.dll
2013-08-31 18:26 - 2013-08-31 18:26 - 00282112 _____ () C:\Users\Privat\AppData\Local\MediaGet2\plugins\access\libdshow_plugin.dll
2013-08-31 18:26 - 2013-08-31 18:26 - 00084992 _____ () C:\Users\Privat\AppData\Local\MediaGet2\plugins\audio_output\libaout_directx_plugin.dll
2013-08-31 18:26 - 2013-08-31 18:26 - 00086528 _____ () C:\Users\Privat\AppData\Local\MediaGet2\plugins\audio_output\libwaveout_plugin.dll
2013-08-31 18:26 - 2013-08-31 18:26 - 00114688 _____ () C:\Users\Privat\AppData\Local\MediaGet2\plugins\video_output\libdirectx_plugin.dll
2013-08-31 18:26 - 2013-08-31 18:26 - 00071680 _____ () C:\Users\Privat\AppData\Local\MediaGet2\plugins\mmxext\libmemcpymmxext_plugin.dll
2013-08-31 18:26 - 2013-08-31 18:26 - 00087552 _____ () C:\Users\Privat\AppData\Local\MediaGet2\plugins\control\libhotkeys_plugin.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00033560 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00055064 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00149784 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00111896 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 01808152 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00055576 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00012568 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00048408 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00725272 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00081176 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00013592 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00016664 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00029464 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00019736 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00057112 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00013592 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
2013-03-06 19:30 - 2013-03-06 19:30 - 00911432 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00014104 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00051480 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00047384 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-09-14 21:50 - 2013-09-14 21:50 - 00025368 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00024856 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-09-14 21:51 - 2013-09-14 21:51 - 00245528 _____ () C:\Users\Privat\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll
2009-08-18 16:54 - 2009-08-18 16:54 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2013-07-19 04:35 - 2013-07-19 04:35 - 00095744 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\win32api.pyd
2013-07-19 04:36 - 2013-07-19 04:36 - 00110080 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\pywintypes26.dll
2013-07-19 04:35 - 2013-07-19 04:35 - 00110592 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\win32file.pyd
2013-07-19 04:35 - 2013-07-19 04:35 - 00017408 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\win32event.pyd
2013-07-19 04:34 - 2013-07-19 04:34 - 00087040 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_ctypes.pyd
2013-07-19 04:35 - 2013-07-19 04:35 - 00167424 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\win32gui.pyd
2013-07-19 04:34 - 2013-07-19 04:34 - 00645120 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_ssl.pyd
2013-07-19 04:34 - 2013-07-19 04:34 - 00057344 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_socket.pyd
2013-07-19 04:35 - 2013-07-19 04:35 - 00353280 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\pythoncom26.dll
2013-07-19 04:35 - 2013-07-19 04:35 - 00262656 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\win32com.shell.shell.pyd
2013-07-19 04:36 - 2013-07-19 04:36 - 00017408 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\win32clipboard.pyd
2013-07-19 04:35 - 2013-07-19 04:35 - 00035840 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\win32process.pyd
2013-07-19 04:35 - 2013-07-19 04:35 - 00324608 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_imaging.pyd
2013-07-19 05:43 - 2013-07-19 05:43 - 00805376 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_cal3d.pyd
2013-07-19 05:14 - 2013-07-19 05:14 - 00216576 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\boost_python.dll
2013-07-19 05:14 - 2013-07-19 05:14 - 00031744 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\CallStack.dll
2013-07-19 05:15 - 2013-07-19 05:15 - 00301056 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\cal3d.dll
2013-08-07 21:42 - 2013-08-07 21:42 - 01606656 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_avatarwindow.pyd
2013-07-19 05:18 - 2013-07-19 05:18 - 00169984 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\zero.dll
2013-08-07 21:37 - 2013-08-07 21:37 - 00921600 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\SceneWindow.dll
2013-07-19 05:17 - 2013-07-19 05:17 - 00072704 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\ParticleLib.dll
2013-07-19 05:19 - 2013-07-19 05:19 - 00014336 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\MemoryHook.dll
2013-07-19 04:34 - 2013-07-19 04:34 - 00311808 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_hashlib.pyd
2013-07-19 04:34 - 2013-07-19 04:34 - 00127488 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\pyexpat.pyd
2013-07-19 04:34 - 2013-07-19 04:34 - 00053248 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_sqlite3.pyd
2013-07-19 04:37 - 2013-07-19 04:37 - 00565827 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\sqlite3.dll
2013-07-19 04:34 - 2013-07-19 04:34 - 00010240 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\select.pyd
2013-07-19 05:45 - 2013-07-19 05:45 - 00043520 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_pylzma.pyd
2013-08-07 21:42 - 2013-08-07 21:42 - 00131072 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_imvugecko.pyd
2013-08-07 21:38 - 2013-08-07 21:38 - 00190976 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\imvugecko.dll
2013-07-19 04:39 - 2013-07-19 04:39 - 00872448 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\js3250.dll
2013-07-19 05:44 - 2013-07-19 05:44 - 00135680 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_libzero.pyd
2013-08-07 21:42 - 2013-08-07 21:42 - 00083968 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_imvuflash.pyd
2013-08-07 21:38 - 2013-08-07 21:38 - 00110592 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\imvuflash.dll
2013-07-19 05:27 - 2013-07-19 05:27 - 00010752 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\nphwndproxy.dll
2013-07-23 19:51 - 2013-07-23 19:51 - 16166280 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\NPSWF32.dll
2013-07-19 04:34 - 2013-07-19 04:34 - 00583168 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\unicodedata.pyd
2013-07-19 05:39 - 2013-07-19 05:39 - 00068096 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\_audiere.pyd
2013-07-19 05:13 - 2013-07-19 05:13 - 00249344 _____ () C:\Users\Privat\AppData\Roaming\IMVUClient\audiere.dll
2013-03-27 23:50 - 2013-03-27 23:50 - 00020480 _____ () C:\Program Files\OpenIt\Open It!\libgcc_s_dw2-1.dll
2011-12-02 02:30 - 2011-12-02 02:30 - 00979982 _____ () C:\Program Files\OpenIt\Open It!\libstdc++-6.dll
2013-03-27 23:50 - 2013-03-27 23:50 - 00009826 _____ () C:\Program Files\OpenIt\Open It!\mingwm10.dll
2013-10-04 11:53 - 2013-09-23 13:55 - 02704352 _____ () C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2013-09-22 10:13 - 2013-09-17 05:20 - 00709584 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-22 10:13 - 2013-09-17 05:20 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-22 10:13 - 2013-09-17 05:21 - 04053456 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-22 10:13 - 2013-09-17 05:21 - 00410576 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-22 10:13 - 2013-09-17 05:20 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-09-22 10:13 - 2013-09-17 05:21 - 13611984 _____ () C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/04/2013 11:54:31 AM) (Source: MsiInstaller) (User: Privat-NB)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi
Error: (10/04/2013 09:30:02 AM) (Source: Application Hang) (User: )
Description: Programm avcenter.exe, Version 14.0.0.225 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 13b0
Startzeit: 01cec0d25835b70a
Endzeit: 60000
Anwendungspfad: C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
Berichts-ID: 9b9963da-2cc6-11e3-97bb-00245411e84e
Error: (10/04/2013 09:17:56 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (10/03/2013 06:35:26 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (10/03/2013 04:11:04 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (10/03/2013 00:24:30 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (10/03/2013 00:19:36 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (10/02/2013 04:33:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ArcMediaService.exe, Version: 1.0.0.24, Zeitstempel: 0x4af2ddc6
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4cf4536a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x7751bb89
ID des fehlerhaften Prozesses: 0xbe4
Startzeit der fehlerhaften Anwendung: 0xArcMediaService.exe0
Pfad der fehlerhaften Anwendung: ArcMediaService.exe1
Pfad des fehlerhaften Moduls: ArcMediaService.exe2
Berichtskennung: ArcMediaService.exe3
Error: (10/02/2013 04:27:32 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ArcMediaService.exe, Version: 1.0.0.24, Zeitstempel: 0x4af2ddc6
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4cf4536a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x7751bb89
ID des fehlerhaften Prozesses: 0x1414
Startzeit der fehlerhaften Anwendung: 0xArcMediaService.exe0
Pfad der fehlerhaften Anwendung: ArcMediaService.exe1
Pfad des fehlerhaften Moduls: ArcMediaService.exe2
Berichtskennung: ArcMediaService.exe3
Error: (10/02/2013 04:22:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ArcMediaService.exe, Version: 1.0.0.24, Zeitstempel: 0x4af2ddc6
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4cf4536a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x7751bb89
ID des fehlerhaften Prozesses: 0xa48
Startzeit der fehlerhaften Anwendung: 0xArcMediaService.exe0
Pfad der fehlerhaften Anwendung: ArcMediaService.exe1
Pfad des fehlerhaften Moduls: ArcMediaService.exe2
Berichtskennung: ArcMediaService.exe3
System errors:
=============
Error: (10/04/2013 11:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BitGuard" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1001
Error: (10/04/2013 10:51:03 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (10/04/2013 10:47:28 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (10/04/2013 10:47:11 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (10/04/2013 10:46:48 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (10/04/2013 10:46:37 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (10/04/2013 10:46:14 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (10/04/2013 10:45:55 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (10/04/2013 10:45:30 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (10/04/2013 10:45:06 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Microsoft Office Sessions:
=========================
Error: (10/04/2013 11:54:31 AM) (Source: MsiInstaller)(User: Privat-NB)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/04/2013 09:30:02 AM) (Source: Application Hang)(User: )
Description: avcenter.exe14.0.0.22513b001cec0d25835b70a60000C:\Program Files\Avira\AntiVir Desktop\avcenter.exe9b9963da-2cc6-11e3-97bb-00245411e84e
Error: (10/04/2013 09:17:56 AM) (Source: Windows Backup)(User: )
Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (10/03/2013 06:35:26 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (10/03/2013 04:11:04 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (10/03/2013 00:24:30 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (10/03/2013 00:19:36 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (10/02/2013 04:33:32 PM) (Source: Application Error)(User: )
Description: ArcMediaService.exe1.0.0.244af2ddc6QuickTime.qts_unloaded0.0.0.04cf4536ac00000057751bb89be401cebf7c5ae7de13C:\Program Files\Common Files\ArcSoft\Media Browser\ArcMediaService.exeQuickTime.qts9c33cd00-2b6f-11e3-af9b-00245411e84e
Error: (10/02/2013 04:27:32 PM) (Source: Application Error)(User: )
Description: ArcMediaService.exe1.0.0.244af2ddc6QuickTime.qts_unloaded0.0.0.04cf4536ac00000057751bb89141401cebf7af219707cC:\Program Files\Common Files\ArcSoft\Media Browser\ArcMediaService.exeQuickTime.qtsc5a14a70-2b6e-11e3-af9b-00245411e84e
Error: (10/02/2013 04:22:51 PM) (Source: Application Error)(User: )
Description: ArcMediaService.exe1.0.0.244af2ddc6QuickTime.qts_unloaded0.0.0.04cf4536ac00000057751bb89a4801cebf7ade5c0cbeC:\Program Files\Common Files\ArcSoft\Media Browser\ArcMediaService.exeQuickTime.qts1e0457a6-2b6e-11e3-af9b-00245411e84e
==================== Memory info ===========================
Percentage of memory in use: 71%
Total physical RAM: 3004.61 MB
Available physical RAM: 868.99 MB
Total Pagefile: 6005.46 MB
Available Pagefile: 3245.19 MB
Total Virtual: 2047.88 MB
Available Virtual: 1884.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.65 GB) (Free:24.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:102.78 GB) (Free:102.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 52430735)
Partition 1: (Not Active) - (Size=98 GB) - (Type=17)
Partition 2: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=103 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1487 KB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
04.10.2013, 22:25
| #4 | |
| /// the machine /// TB-Ausbilder | Windows-Firewall Fehlercode 0x80070424Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.10.2013, 23:42
| #5 |
| | Windows-Firewall Fehlercode 0x80070424 Ja also ich habe mir das jetzt mal runtergeladen und musste etwas deinstalieren, was ich natürlich auch getan habe. Als ich mein Laptop neustarten ließ bekam ich halt die erfreuliche Nachricht das ich meine Windows CD einlegen soll um das System zu reparieren. Mein problemchen ist einfach nur, dass ich keine CD habe, da es unser alter Schullaptop ist, denn wir früher für die Laptopklasse gebraucht haben. Da ich ihn abbezahlt habe gehört er im grunde mir.. halt nur ohne CD.. Was auch erstaunlich ist ist, dass ich 2 sagen wir ,,Benutzeroberflächen" habe. Privat und Schule. Privat ist wie soll ich sagen.. ,,In die Mülltonne gekloppt" aber auf Schule habe ich noch vollen zugriff.. Hilfe?!  |
|
05.10.2013, 11:24
| #6 |
| /// the machine /// TB-Ausbilder | Windows-Firewall Fehlercode 0x80070424 Was genau hast Du gemacht, im Detail?
__________________ --> Windows-Firewall Fehlercode 0x80070424 |
|
05.10.2013, 11:47
| #7 |
| | Windows-Firewall Fehlercode 0x80070424 Ich habe vor der Installation AVG Viren Scanner runtergeschmissen weil ich irgendwie 2 Virenscanner hatte und der unnütz für mich war.. dann habe ich halt Combofix runtergeladen und musste den Pc neu starten.. Ja gesagt, getan und später stand da, dass ich die CD einlegen muss weil alles beschädigt sei. Auf die 2. Partition (schule) kam ich prima drauf halt nur auf Privat nicht. Mein Onkel hat auch ein bisschen mit PC's zutun und er meinte ich soll F8 beim start drücken um im abgesicherten Modus drauf zu kommen oder es wenigstens zu probieren. Nun komme ich auf keine Partition mehr drauf. Ich glaube ich sollte mir ne Windows 7 CD kaufen und alles neu aufsetzen oder? |
|
05.10.2013, 19:20
| #8 |
| /// the machine /// TB-Ausbilder | Windows-Firewall Fehlercode 0x80070424 Wann wurde gesagt du sollst neu starten? Vor Combofix? Danach? Ist CF überhapt gelaufen? Drück beim booten F8 und wähle letzte als funktionierend bekannte Version.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.10.2013, 09:04
| #9 |
| | Windows-Firewall Fehlercode 0x80070424 Es funktioniert nichts wenn ich F8 drücke. Dafür benötige ich die Windows CD. Der neustart war vor CF und CF ist nicht zuende gelaufen (meist von selbst abgebrochen) |
|
06.10.2013, 16:35
| #10 | |
| /// the machine /// TB-Ausbilder | Windows-Firewall Fehlercode 0x80070424 Dann war das nicht Combofix. Zitat:
Bedenke das ich nicht vor dem Ding sitze....
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.10.2013, 17:44
| #11 |
| | Windows-Firewall Fehlercode 0x80070424 Tut mir leid  Ja also ich Starte das Gerät und normalerweise kommt dann die Auswahl auf welche Partition ich zugreifen möchte. Das ist jetzt aber nicht der Fall, jetzt werde ich aufgefordert die Windows CD einzulegen, damit ich das System reparieren kann, egal ob ich F8 drücke oder einfach nur den Rechner starte. Ich kann weder auf eine Partition starten noch auf irgendwas zugreifen wie z.B im Abgesicherten Modus starten, weil dann immer die Aufforderung kommt, dass ich die CD einlegen soll :/ |
|
07.10.2013, 08:27
| #12 |
| /// the machine /// TB-Ausbilder | Windows-Firewall Fehlercode 0x80070424 Versuchs nochmal mit F8, dau musst nach Einschalten des Rechners direkt F8 drücken, mehrfach. WEnn dann immer noch nix ghet bote von der Win CD.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows-Firewall Fehlercode 0x80070424 |
| 0x8007042, aktualisieren, antivirenprogramm, arbeiten, avira, betriebssystem, browserschutz, center, control, defender, dienste, fehlercode, firewall, gen, geändert, hoffe, klicke, korrekt, meldung, problem, programm, start, starte, starten, systemsteuerung, viren, windows 7, windows-defender, windows-firewall, wirklich, öffnet |
Linear-Darstellung
