| |
| |||||||
Log-Analyse und Auswertung: a2ZLyrics - ich verzweifeleWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.11.2013, 23:34
| #1 |
 |  a2ZLyrics - ich verzweifele Tja, ich bin ja wohl die die Einzige, die es erwischt hat: A2Zlyrics macht mir das Leben schwer. Ich brauche dringend Hilfe. Ganz herzlichen Dank schon mal! FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Maria Gabriela (administrator) on MOONLIGHTSONATA on 02-11-2013 23:14:38
Running from C:\Documents and Settings\Maria Gabriela\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
() C:\WINDOWS\system32\AppleOSSMgr.exe
(Apple Inc.) C:\WINDOWS\system32\AppleTimeSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(SigmaTel, Inc.) C:\WINDOWS\system32\STacSV.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Apple Inc.) C:\WINDOWS\system32\IRW.exe
(Apple Inc.) C:\Program Files\Boot Camp\KbdMgr.exe
(Lavasoft) C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Repkasoft) C:\Program Files\YoWindow\yowindow.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IRW] - C:\WINDOWS\system32\IRW.exe [147456 2007-10-08] (Apple Inc.)
HKLM\...\Run: [Apple_KbdMgr] - C:\Program Files\Boot Camp\KbdMgr.exe [419120 2007-10-08] (Apple Inc.)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe [542104 2012-11-16] (Lavasoft)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\InprocServer32: [Default-wbemess] wbemess.dll ATTENTION! ====> ZeroAccess?
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
MountPoints2: {071b8471-de90-11df-b5bb-001b6313f77e} - E:\LaunchU3.exe -a
MountPoints2: {f21a3798-4e9a-11e1-b63e-001b6313f77e} - E:\LaunchU3.exe -a
AppInit_DLLs: c:\docume~1\alluse~1\applic~1\browse~1\261095~1.52\{c16c1~1\browse~1.dll [ 2006-02-28] ()
IMEO\capture.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\coreldrw.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\corelpp.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\excel.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\hddlifepro.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\mstore.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\offdiag.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\ois.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\onenote.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\onenotem.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\pdapp.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\powerpnt.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\skype.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
IMEO\winword.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\Maria Gabriela\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Documents and Settings\Maria Gabriela\Start Menu\Programs\Startup\YoWindow.lnk
ShortcutTarget: YoWindow.lnk -> C:\Program Files\YoWindow\yowindow.exe (Repkasoft)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://downloads.phpnuke.org/de/index.php?rvs=google
HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = Sign In
HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Sign In
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {36683662-D727-4AD9-8794-1F5B902999CB} URL = hxxp://downloads.phpnuke.org/de/index.php?rvs=google
SearchScopes: HKLM - {581A8400-3854-4532-901A-91BC91655A73} URL = hxxp://downloads.phpnuke.org/de/index.php?rvs=google
SearchScopes: HKLM - {9EACB0BE-EDB1-4D60-9266-354A0CC6E2AD} URL = hxxp://downloads.phpnuke.org/de/index.php?rvs=google
SearchScopes: HKCU - {30A741AB-839D-4E72-A2A1-4A1D76493F67} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {36683662-D727-4AD9-8794-1F5B902999CB} URL = hxxp://downloads.phpnuke.org.anonymize-me.de/?anonymto=687474703A2F2F646F776E6C6F6164732E7068706E756B652E6F72672F64652F696E6465782E7068703F7276733D676F6F676C65&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&k=0
SearchScopes: HKCU - {581A8400-3854-4532-901A-91BC91655A73} URL = hxxp://downloads.phpnuke.org.anonymize-me.de/?anonymto=687474703A2F2F646F776E6C6F6164732E7068706E756B652E6F72672F64652F696E6465782E7068703F7276733D676F6F676C65&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&k=0
SearchScopes: HKCU - {6469811C-FFC9-493A-8AFC-82E43F2B9999} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {91E3CAF0-5F77-4DAE-A72A-B70F5FC2C8B8} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {9EACB0BE-EDB1-4D60-9266-354A0CC6E2AD} URL = hxxp://downloads.phpnuke.org.anonymize-me.de/?anonymto=687474703A2F2F646F776E6C6F6164732E7068706E756B652E6F72672F64652F696E6465782E7068703F7276733D676F6F676C65&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&k=0
SearchScopes: HKCU - {AA5E1114-9742-4A64-8CB6-DA405CB24949} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {B75492BF-CF43-4F46-A7AA-E49EE9FF740A} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {E4B2A159-30F8-49D3-AC1E-EF854DD92BB7} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=05311972-0023-4301-9558-e44692d67ada&pid=freewarede&mode=bounce&k=0
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Handler: fluxhttp\0x00000007 - {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Program Files\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax (ACE GmbH)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Maria Gabriela\Application Data\Mozilla\Firefox\Profiles\rok8adw3.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @fluxdvd.com/NPWMDRMWrapper - C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( )
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @protectdisc.com/NPMPDRM - C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin: @real.com/nppl3260;version=15.0.6.14 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Documents and Settings\Maria Gabriela\Application Data\Mozilla\Firefox\Profiles\rok8adw3.default\searchplugins\nation-secure-search.xml
FF SearchPlugin: C:\Documents and Settings\Maria Gabriela\Application Data\Mozilla\Firefox\Profiles\rok8adw3.default\searchplugins\{08AA91A0-A545-47D5-AA85-6C91694EAC34}.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\nation-secure-search.xml
FF Extension: a2zLyrics-16 - C:\Documents and Settings\Maria Gabriela\Application Data\Mozilla\Firefox\Profiles\rok8adw3.default\Extensions\2f86d471-1122-4c15-901a-d7fd67316cd9@ca42b8d2-0eb6-47be-84a2-6d95abe186e8.com
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Maria Gabriela\Application Data\Mozilla\Firefox\Profiles\rok8adw3.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: AddThis - C:\Documents and Settings\Maria Gabriela\Application Data\Mozilla\Firefox\Profiles\rok8adw3.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
FF Extension: noscript - C:\Documents and Settings\Maria Gabriela\Application Data\Mozilla\Firefox\Profiles\rok8adw3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Documents and Settings\Maria Gabriela\Application Data\Mozilla\Firefox\Profiles\rok8adw3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Microsoft\u00C3\u00C2\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00C3\u00C2\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (fluxDVD Browser Plugin) - C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (fluxDVD Placeholder Plugin) - C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( )
CHR Plugin: (Windows Live\u00C3\u00C2\u00AE Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Koji NISHIDA) - C:\DOCUME~1\MARIAG~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\acganlmcjehnfmehkmlimgkaloifodlf\2_0
CHR Extension: (Google Docs) - C:\DOCUME~1\MARIAG~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (YouTube) - C:\DOCUME~1\MARIAG~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\MARIAG~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\DOCUME~1\MARIAG~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Gmail) - C:\DOCUME~1\MARIAG~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM\...\Chrome\Extension: [kdneagjiboclldmglpjofpeipkbollcf] - C:\Documents and Settings\Maria Gabriela\Local Settings\Application Data\CRE\kdneagjiboclldmglpjofpeipkbollcf.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
========================== Services (Whitelisted) =================
R2 AppleOSSMgr; C:\WINDOWS\system32\AppleOSSMgr.exe [140592 2007-10-08] ()
R2 AppleTimeSrv; C:\WINDOWS\system32\AppleTimeSrv.exe [99632 2007-10-08] (Apple Inc.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2007-06-14] ()
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
S4 HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2095368 2013-02-14] (BinarySense, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S4 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 STacSV; C:\WINDOWS\system32\STacSV.exe [86016 2007-10-08] (SigmaTel, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1739064 2013-10-08] (AVG)
S4 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
R3 applebmt; C:\Windows\System32\DRIVERS\applebmt.sys [34304 2009-10-15] (Apple Inc.)
R3 applebt; C:\Windows\System32\DRIVERS\applebt.sys [8064 2007-10-08] (Apple Inc.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-11-01] (AVG Technologies)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [592256 2007-10-08] (Broadcom Corporation)
S3 BthKicker; C:\Windows\System32\DRIVERS\BthKicker.sys [7424 2007-10-08] (Apple Inc.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
R3 DevUpper; C:\Windows\System32\DRIVERS\iSightFT.sys [8320 2007-10-08] (Apple Inc.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [41984 2004-08-11] (Samsung Electronics Co., Ltd.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2012-12-12] (GFI Software)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51088 2004-06-22] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2004-06-22] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2004-06-22] (HP)
R3 IRRemoteFlt; C:\Windows\System32\DRIVERS\IRFilter.sys [16512 2007-10-08] (Apple Inc.)
S3 iSightUpdate; C:\Windows\System32\DRIVERS\iSightUP.sys [18304 2007-10-08] (Apple Inc.)
R2 KeyAgent; C:\WINDOWS\system32\drivers\KeyAgent.sys [4864 2007-10-08] (Apple Inc.)
R3 KeyMagic; C:\Windows\System32\DRIVERS\KeyMagic.sys [17920 2007-10-08] (Apple Inc.)
R2 MacHALDriver; C:\WINDOWS\system32\drivers\MacHALDriver.sys [6528 2007-10-08] (Apple Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
R1 SBRE; C:\Windows\system32\drivers\SBREDrv.sys [101720 2012-02-14] (Sunbelt Software)
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2006-02-28] ()
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1177864 2007-10-08] (SigmaTel, Inc.)
R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
S3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [255232 2007-10-08] (Marvell)
S3 cpuz132; \??\C:\DOCUME~1\MARIAG~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys [x]
S4 IntelIde; No ImagePath
S3 NSNDIS5; \??\C:\WINDOWS\system32\NSNDIS5.SYS [x]
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-02 23:14 - 2013-11-02 23:14 - 00000000 ____D C:\FRST
2013-11-02 22:51 - 2013-11-02 22:51 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\AVG
2013-11-02 22:48 - 2013-11-02 22:55 - 00000000 ____D C:\AdwCleaner
2013-11-01 22:25 - 2013-11-01 22:25 - 00001747 _____ C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2013-11-01 22:25 - 2013-11-01 22:25 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Application Data\AVG
2013-11-01 22:25 - 2013-11-01 22:25 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp 2014
2013-11-01 22:25 - 2013-10-08 13:46 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2013-11-01 22:22 - 2013-11-01 22:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG
2013-11-01 22:21 - 2013-11-01 22:30 - 00000000 __SHD C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-01 22:15 - 2013-11-01 22:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-11-01 22:09 - 2013-11-01 22:09 - 00001702 _____ C:\Program Files\Mozilla Firefoxnation-secure-search.xml
2013-11-01 22:09 - 2013-11-01 22:08 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-11-01 22:06 - 2013-11-01 22:23 - 00000000 ____D C:\Program Files\AVG
2013-11-01 21:41 - 2013-11-01 22:09 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-01 21:36 - 2013-11-02 22:36 - 00000420 _____ C:\WINDOWS\Tasks\At2.job
2013-11-01 21:35 - 2013-11-02 22:35 - 00000416 _____ C:\WINDOWS\Tasks\At1.job
2013-11-01 21:35 - 2013-11-01 21:35 - 00000000 ____D C:\Program Files\Foxtab
2013-11-01 21:35 - 2013-11-01 21:35 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Application Data\FoxTab
2013-11-01 18:49 - 2013-11-01 18:49 - 00000000 ____D C:\Program Files\Zula Games
2013-11-01 18:49 - 2013-11-01 18:49 - 00000000 ____D C:\Program Files\ffdshow
2013-11-01 18:49 - 2013-11-01 18:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
2013-11-01 18:17 - 2013-11-01 18:17 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Local Settings\Application Data\NativeMessaging
2013-11-01 18:10 - 2013-11-01 18:10 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Application Data\AVAST Software
2013-11-01 18:07 - 2013-11-01 18:07 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-01 18:07 - 2013-11-01 18:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2013-11-01 08:47 - 2013-11-01 08:49 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\301013(2)
2013-10-30 13:34 - 2013-10-30 13:37 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\101MSDCF
2013-10-27 16:50 - 2013-10-27 18:31 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\Anneliese Forwick
2013-10-17 08:03 - 2013-11-01 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Netzmanager
2013-10-17 08:03 - 2013-10-19 08:23 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\{87B61FE8-334F-4066-B7AA-68DC81782D4D}
2013-10-17 08:03 - 2013-10-17 08:03 - 00000792 _____ C:\Documents and Settings\All Users\Start Menu\Netzmanager.lnk
2013-10-17 08:03 - 2013-10-17 08:03 - 00000000 ____D C:\Program Files\Netzmanager
2013-10-17 08:03 - 2013-10-17 08:03 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-10-17 08:03 - 2013-10-17 08:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Netzmanager
2013-10-17 07:45 - 2013-10-17 07:45 - 00000000 ___HD C:\Documents and Settings\All Users\Application Data\CanonIJFAX
2013-10-17 07:45 - 2010-09-13 13:44 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC360U.dll
2013-10-17 07:45 - 2010-09-13 13:42 - 01347584 _____ (CANON INC.) C:\WINDOWS\system32\CNC360C.dll
2013-10-17 07:45 - 2010-09-13 13:42 - 00114688 _____ (CANON INC.) C:\WINDOWS\system32\CNC360I.dll
2013-10-17 07:45 - 2010-09-06 16:03 - 00315392 _____ (CANON INC.) C:\WINDOWS\system32\CNC360L.dll
2013-10-17 07:45 - 2010-05-14 09:45 - 00015104 _____ C:\WINDOWS\system32\CNC174DD.TBL
2013-10-17 07:45 - 2008-08-25 17:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll
2013-10-17 06:41 - 2013-10-17 06:41 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
2013-10-14 15:07 - 2013-10-14 15:07 - 00000000 ____D C:\output
2013-10-09 11:16 - 2013-10-09 14:17 - 17813896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
2013-11-02 23:16 - 2012-04-09 09:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-02 23:14 - 2013-11-02 23:14 - 00000000 ____D C:\FRST
2013-11-02 23:03 - 2010-10-23 10:02 - 00521444 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-02 22:59 - 2013-03-13 20:38 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-02 22:59 - 2012-10-27 07:01 - 00000296 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1275210071-839522115-1003.job
2013-11-02 22:59 - 2010-10-23 10:04 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-02 22:59 - 2006-02-28 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-02 22:58 - 2010-10-23 23:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-02 22:57 - 2013-05-06 21:33 - 00327640 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-11-02 22:57 - 2011-02-11 07:56 - 00004956 _____ C:\WINDOWS\bthservsdp.dat
2013-11-02 22:57 - 2010-11-25 12:39 - 00131072 _____ C:\WINDOWS\system32\config\TuneUp.evt
2013-11-02 22:57 - 2010-10-23 23:30 - 00032208 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-02 22:56 - 2013-03-18 23:01 - 00268203 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-02 22:56 - 2010-10-23 23:33 - 00000178 ___SH C:\Documents and Settings\Maria Gabriela\ntuser.ini
2013-11-02 22:56 - 2010-10-23 23:33 - 00000000 ____D C:\Documents and Settings\Maria Gabriela
2013-11-02 22:55 - 2013-11-02 22:48 - 00000000 ____D C:\AdwCleaner
2013-11-02 22:51 - 2013-11-02 22:51 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\AVG
2013-11-02 22:36 - 2013-11-01 21:36 - 00000420 _____ C:\WINDOWS\Tasks\At2.job
2013-11-02 22:35 - 2013-11-01 21:35 - 00000416 _____ C:\WINDOWS\Tasks\At1.job
2013-11-02 22:35 - 2013-09-21 11:41 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\Love Ohlala
2013-11-02 22:30 - 2010-10-23 14:22 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\Programme
2013-11-02 22:29 - 2010-10-27 12:49 - 00002519 _____ C:\Documents and Settings\Maria Gabriela\Desktop\Word.lnk
2013-11-02 18:51 - 2013-03-02 18:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-11-02 11:34 - 2010-10-23 18:07 - 00000000 ____D C:\WINDOWS\SxsCaPendDel
2013-11-02 09:49 - 2013-07-16 19:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2013-11-02 08:59 - 2010-11-08 15:34 - 00001114 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-02 08:59 - 2010-11-08 15:34 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-02 02:23 - 2012-05-02 19:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-01 22:30 - 2013-11-01 22:21 - 00000000 __SHD C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-01 22:25 - 2013-11-01 22:25 - 00001747 _____ C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2013-11-01 22:25 - 2013-11-01 22:25 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Application Data\AVG
2013-11-01 22:25 - 2013-11-01 22:25 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp 2014
2013-11-01 22:25 - 2013-11-01 22:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG
2013-11-01 22:23 - 2013-11-01 22:06 - 00000000 ____D C:\Program Files\AVG
2013-11-01 22:22 - 2012-12-18 21:08 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2013-11-01 22:15 - 2013-11-01 22:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-11-01 22:15 - 2013-05-10 08:38 - 01146461 _____ C:\WINDOWS\setupapi.log
2013-11-01 22:11 - 2013-09-24 16:59 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2014
2013-11-01 22:09 - 2013-11-01 22:09 - 00001702 _____ C:\Program Files\Mozilla Firefoxnation-secure-search.xml
2013-11-01 22:09 - 2013-11-01 21:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-01 22:08 - 2013-11-01 22:09 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-11-01 22:07 - 2013-03-02 18:11 - 00000000 ___HD C:\$AVG
2013-11-01 21:35 - 2013-11-01 21:35 - 00000000 ____D C:\Program Files\Foxtab
2013-11-01 21:35 - 2013-11-01 21:35 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Application Data\FoxTab
2013-11-01 21:30 - 2013-01-22 12:18 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\FOTOS 2013
2013-11-01 18:53 - 2010-10-23 23:30 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-11-01 18:53 - 2010-10-23 23:29 - 00000000 __SHD C:\Documents and Settings\NetworkService
2013-11-01 18:53 - 2010-10-23 23:22 - 00000000 ____D C:\WINDOWS\Registration
2013-11-01 18:49 - 2013-11-01 18:49 - 00000000 ____D C:\Program Files\Zula Games
2013-11-01 18:49 - 2013-11-01 18:49 - 00000000 ____D C:\Program Files\ffdshow
2013-11-01 18:49 - 2013-11-01 18:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
2013-11-01 18:49 - 2013-09-10 07:42 - 00000000 ____D C:\Program Files\EPSON
2013-11-01 18:47 - 2013-09-29 15:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\GamePacks
2013-11-01 18:47 - 2013-09-10 07:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\EPSON
2013-11-01 18:45 - 2013-10-17 08:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Netzmanager
2013-11-01 18:17 - 2013-11-01 18:17 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Local Settings\Application Data\NativeMessaging
2013-11-01 18:10 - 2013-11-01 18:10 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Application Data\AVAST Software
2013-11-01 18:07 - 2013-11-01 18:07 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-01 18:07 - 2013-11-01 18:07 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2013-11-01 08:49 - 2013-11-01 08:47 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\301013(2)
2013-10-30 13:37 - 2013-10-30 13:34 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\101MSDCF
2013-10-29 17:33 - 2012-10-27 07:01 - 00000304 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1275210071-839522115-1003.job
2013-10-27 18:31 - 2013-10-27 16:50 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\Anneliese Forwick
2013-10-25 14:25 - 2013-09-25 05:45 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\Originals
2013-10-25 08:01 - 2013-01-11 08:49 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Desktop\Neuendorf
2013-10-25 05:36 - 2013-09-24 16:56 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\Local Settings\Application Data\Avg2014
2013-10-24 22:24 - 2010-10-26 19:12 - 02036584 ___SH C:\Documents and Settings\Maria Gabriela\Desktop\Thumbs.db
2013-10-19 21:23 - 2010-10-26 06:19 - 00002875 _____ C:\Documents and Settings\Maria Gabriela\Start Menu\Program Updates.lnk
2013-10-19 08:23 - 2013-10-17 08:03 - 00000000 __HDC C:\Documents and Settings\All Users\Application Data\{87B61FE8-334F-4066-B7AA-68DC81782D4D}
2013-10-17 17:39 - 2010-10-23 23:42 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-10-17 08:03 - 2013-10-17 08:03 - 00000792 _____ C:\Documents and Settings\All Users\Start Menu\Netzmanager.lnk
2013-10-17 08:03 - 2013-10-17 08:03 - 00000000 ____D C:\Program Files\Netzmanager
2013-10-17 08:03 - 2013-10-17 08:03 - 00000000 ____D C:\Program Files\Microsoft WSE
2013-10-17 08:03 - 2013-10-17 08:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Netzmanager
2013-10-17 07:45 - 2013-10-17 07:45 - 00000000 ___HD C:\Documents and Settings\All Users\Application Data\CanonIJFAX
2013-10-17 07:45 - 2010-10-23 09:53 - 00000000 ____D C:\WINDOWS\twain_32
2013-10-17 07:45 - 2010-10-23 09:53 - 00000000 ____D C:\WINDOWS\Media
2013-10-17 06:41 - 2013-10-17 06:41 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
2013-10-17 06:41 - 2013-08-18 06:41 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-15 06:48 - 2013-08-01 21:44 - 00000000 ___RD C:\Program Files\Skype
2013-10-14 15:07 - 2013-10-14 15:07 - 00000000 ____D C:\output
2013-10-09 14:17 - 2013-10-09 11:16 - 17813896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-10-09 14:17 - 2012-04-09 09:30 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 14:17 - 2011-07-17 09:17 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-09 06:42 - 2010-10-23 10:01 - 03550776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-08 13:46 - 2013-11-01 22:25 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2013-10-08 08:27 - 2010-10-23 14:49 - 00063280 _____ C:\Documents and Settings\Maria Gabriela\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-08 06:31 - 2006-02-28 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-10-05 07:25 - 2013-04-12 06:09 - 00000000 ___RD C:\Documents and Settings\Maria Gabriela\My Documents\Gabriela
2013-10-05 07:25 - 2013-02-24 11:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Wincert
2013-10-04 08:40 - 2012-12-27 11:00 - 00000000 ____D C:\Documents and Settings\Maria Gabriela\My Documents\27122012
2013-10-03 14:51 - 2013-05-22 16:40 - 00000000 ____D C:\WINDOWS\system32\cache
ZeroAccess:
C:\Windows\Installer\{eb3cff83-d5a6-217a-70c7-1ed2c89a0249}
C:\Windows\Installer\{eb3cff83-d5a6-217a-70c7-1ed2c89a0249}\@
ZeroAccess:
C:\Documents and Settings\Maria Gabriela\Local Settings\Application Data\{eb3cff83-d5a6-217a-70c7-1ed2c89a0249}
C:\Documents and Settings\Maria Gabriela\Local Settings\Application Data\{eb3cff83-d5a6-217a-70c7-1ed2c89a0249}\@
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
Some content of TEMP:
====================
C:\Documents and Settings\Maria Gabriela\Local Settings\Temp\FLVPlayerSetup.exe
C:\Documents and Settings\Maria Gabriela\Local Settings\Temp\LiveSupport_setup.exe
C:\Documents and Settings\Maria Gabriela\Local Settings\Temp\oi_{1E12F16D-2758-4948-8334-1E5347A15231}.exe
C:\Documents and Settings\Maria Gabriela\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Maria Gabriela\Local Settings\Temp\tbappb.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-02-28 13:00] - [2006-02-28 13:00] - 1032192 ____A (Microsoft Corporation) a0732187050030ae399b241436565e64
C:\Windows\System32\winlogon.exe
[2006-02-28 13:00] - [2006-02-28 13:00] - 0502272 ____A (Microsoft Corporation) 01c3346c241652f43aed8e2149881bfe
C:\Windows\System32\svchost.exe
[2006-02-28 13:00] - [2006-02-28 13:00] - 0014336 ____A (Microsoft Corporation) 8f078ae4ed187aaabc0a305146de6716
C:\Windows\System32\services.exe
[2006-02-28 13:00] - [2009-02-06 18:14] - 0110592 ____A (Microsoft Corporation) 37561f8d4160d62da86d24ae41fae8de
C:\Windows\System32\User32.dll
[2006-02-28 13:00] - [2006-02-28 13:00] - 0577024 ____A (Microsoft Corporation) c72661f8552ace7c5c85e16a3cf505c4
C:\Windows\System32\userinit.exe
[2006-02-28 13:00] - [2012-05-02 19:19] - 0024576 ____A (Microsoft Corporation) 39b1ffb03c2296323832acbae50d2aff
C:\Windows\System32\Drivers\volsnap.sys
[2006-02-28 13:00] - [2006-02-28 13:00] - 0052352 ____A (Microsoft Corporation) ee4660083deba849ff6c485d944b379b
==================== End Of Log ============================
--- --- --- --- --- --- ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:55B41E6A AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:9B013599 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Faulty Device Manager Devices ============= Name: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Marvell Service: yukonwxp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Bluetooth Device (Personal Area Network) Description: Bluetooth Device (Personal Area Network) Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Nokia 6600 fold Description: Nokia 6600 fold Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Manufacturer: Nokia Service: WUDFRd Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/01/2013 09:35:52 PM) (Source: MsiInstaller) (User: MOONLIGHTSONATA) Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\GoogleUpdateHelper.msi Error: (11/01/2013 06:43:43 PM) (Source: Application Error) (User: ) Description: Fault bucket -362004852. The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected. Error: (11/01/2013 06:43:12 PM) (Source: Application Error) (User: ) Description: Faulting application McCHSvc.exe, version 3.8.130.0, faulting module ntdll.dll, version 5.1.2600.3520, fault address 0x00011948. Processing media-specific event for [McCHSvc.exe!ws!] Error: (11/01/2013 03:20:23 PM) (Source: Application Error) (User: ) Description: Fault bucket -964704830. The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected. Error: (11/01/2013 03:20:16 PM) (Source: Application Error) (User: ) Description: Faulting application webplayer.exe, version 1.1.0.0, faulting module shdocvw.dll, version 6.0.2900.3698, fault address 0x000342cd. Processing media-specific event for [webplayer.exe!ws!] Error: (11/01/2013 03:19:44 PM) (Source: Application Error) (User: ) Description: Fault bucket -964704830. The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected. Error: (11/01/2013 03:19:39 PM) (Source: Application Error) (User: ) Description: Faulting application webplayer.exe, version 1.1.0.0, faulting module shdocvw.dll, version 6.0.2900.3698, fault address 0x000342cd. Processing media-specific event for [webplayer.exe!ws!] Error: (10/31/2013 06:51:53 PM) (Source: Bonjour Service) (User: ) Description: Timed out waiting for acknowledgement of machine sleep Error: (10/31/2013 07:41:30 AM) (Source: Application Error) (User: ) Description: Faulting application McCHSvc.exe, version 3.8.130.0, faulting module ntdll.dll, version 5.1.2600.3520, fault address 0x0001817a. Processing media-specific event for [McCHSvc.exe!ws!] Error: (10/31/2013 06:46:58 AM) (Source: Application Error) (User: ) Description: Fault bucket -398071053. The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected. System errors: ============= Error: (11/02/2013 11:04:09 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service terminated with the following error: %%1460 Error: (11/02/2013 10:59:45 PM) (Source: Service Control Manager) (User: ) Description: The SSPORT service failed to start due to the following error: %%2 Error: (11/02/2013 10:59:45 PM) (Source: Service Control Manager) (User: ) Description: The DgiVecp service failed to start due to the following error: %%20 Error: (11/02/2013 10:01:18 PM) (Source: Service Control Manager) (User: ) Description: Timeout (30000 milliseconds) waiting for a transaction response from the AppleOSSMgr service. Error: (11/02/2013 10:00:41 PM) (Source: Service Control Manager) (User: ) Description: Timeout (30000 milliseconds) waiting for a transaction response from the AppleOSSMgr service. Error: (11/02/2013 10:00:07 PM) (Source: Service Control Manager) (User: ) Description: Timeout (30000 milliseconds) waiting for a transaction response from the AppleOSSMgr service. Error: (11/02/2013 10:00:07 PM) (Source: 0) (User: ) Description: Error: (11/02/2013 08:01:23 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service terminated with the following error: %%1460 Error: (11/02/2013 07:57:00 PM) (Source: Service Control Manager) (User: ) Description: The SSPORT service failed to start due to the following error: %%2 Error: (11/02/2013 07:57:00 PM) (Source: Service Control Manager) (User: ) Description: The DgiVecp service failed to start due to the following error: %%20 Microsoft Office Sessions: ========================= Error: (10/01/2013 04:40:59 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 36904 seconds with 420 seconds of active time. This session ended with a crash. Error: (09/15/2013 11:13:53 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3601 seconds with 180 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Percentage of memory in use: 60% Total physical RAM: 2032.27 MB Available physical RAM: 812.42 MB Total Pagefile: 3924.82 MB Available Pagefile: 2818.15 MB Total Virtual: 2047.88 MB Available Virtual: 1967.5 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:105.69 GB) (Free:55.55 GB) NTFS ==>[Drive with boot components (Windows XP)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 233 GB) (Disk ID: F21DF21D) Partition: GPT Partition TypePartition 2: (Not Active) - (Size=127 GB) - (Type=AF) Partition 3: (Active) - (Size=106 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
| Themen zu a2ZLyrics - ich verzweifele |
| 4d36e972-e325-11ce-bfc1-08002be10318, a2zlyrics, adblock, brauche, chromium, dringend, einzige, erwischt, farbar, farbar recovery scan tool, herzlichen, herzlichen dank, leben, msiinstaller, msn deutschland, ntdll.dll, plug-in, safer networking, verzweifel, verzweifele |
Baum-Darstellung