| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PUP.Optional.Opencandy: 3 Virenfunde durch MalwarebytesWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.11.2013, 15:26
| #4 |
 |  PUP.Optional.Opencandy: 3 Virenfunde durch Malwarebytes Hallo Jonas, dankeschön für die schnelle Antwort!  Hier die beiden gewünschten Logfiles: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-11-2013 01
Ran by *** (administrator) on CENTAURI on 27-11-2013 20:41:02
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Uniblue Systems Ltd) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\System32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\CONEXANT\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] - C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe [281960 2011-05-25] (Lenovo Group Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MountPoints2: {56211a46-094c-11e1-8d0c-806e6f6e6963} - Q:\LenovoQDrive.exe
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] - C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [1629544 2011-08-31] (Lenovo Group Limited)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutoRunReg.exe [159744 2009-03-24] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=d2f018d00000000000003859f9e88dee
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {E655AC64-E7AB-4E40-A3B3-8762BFFD39A6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=d2f018d00000000000003859f9e88dee&r=95
SearchScopes: HKCU - {E655AC64-E7AB-4E40-A3B3-8762BFFD39A6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=d2f018d00000000000003859f9e88dee&r=95
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 172.16.99.254
FireFox:
========
FF ProfilePath: C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default
FF user.js: detected! => C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\user.js
FF Homepage: www.google.de
FF Keyword.URL: www.google.de
FF NetworkProxy: "http", "202.85.215.250"
FF NetworkProxy: "http_port", 1080
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Steffi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\ich@maltegoetz.de
FF Extension: FoxLingo - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF Extension: client - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\client@anonymox.net.xpi
FF Extension: jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi
FF Extension: lieferheld - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\lieferheld@extensions.partneraddons.de.xpi
FF Extension: Adblock Plus - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
Chrome:
=======
CHR Extension: (Freemake Video Downloader) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Skype Click to Call) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [74752 2011-12-30] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2011-12-30] (Microsoft)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-27 20:41 - 2013-11-27 20:41 - 00028680 _____ C:\Users\Steffi\Desktop\FRST.txt
2013-11-27 20:40 - 2013-11-27 20:40 - 00000000 ____D C:\FRST
2013-11-27 20:40 - 2013-11-27 20:40 - 00000000 _____ C:\Users\Steffi\defogger_reenable
2013-11-27 20:39 - 2013-11-27 20:40 - 00000474 _____ C:\Users\Steffi\Desktop\defogger_disable.log
2013-11-27 20:39 - 2013-11-27 20:39 - 00000246 _____ C:\Users\Steffi\Desktop\defogger_enable.log
2013-11-27 20:38 - 2013-11-27 20:38 - 01958850 _____ (Farbar) C:\Users\Steffi\Desktop\FRST64.exe
2013-11-27 20:38 - 2013-11-27 20:38 - 00050477 _____ C:\Users\Steffi\Desktop\Defogger.exe
2013-11-27 03:07 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-27 03:03 - 2013-11-27 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 03:03 - 2013-11-27 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 03:03 - 2013-11-27 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 03:03 - 2013-11-27 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 03:03 - 2013-11-27 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 03:03 - 2013-11-27 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 03:03 - 2013-11-27 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 03:03 - 2013-11-27 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 03:03 - 2013-11-27 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 03:03 - 2013-11-27 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 03:03 - 2013-11-27 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 03:01 - 2013-11-27 03:08 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-22 21:54 - 2013-11-22 22:26 - 345820622 _____ C:\Users\Steffi\Downloads\The.Mentalist.S06E08.LEAKED.WEBRip.mp4
2013-11-18 11:54 - 2013-11-18 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-17 23:32 - 2013-11-17 23:32 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-17 23:31 - 2013-11-17 23:32 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-17 23:31 - 2013-11-17 23:32 - 00000000 ____D C:\Program Files\iTunes
2013-11-17 23:31 - 2013-11-17 23:32 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-17 23:31 - 2013-11-17 23:31 - 00000000 ____D C:\Program Files\iPod
2013-11-13 08:05 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 08:05 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 08:04 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 08:04 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 08:04 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 08:04 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 08:04 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 08:04 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 08:04 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 08:04 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 08:04 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 08:04 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 08:04 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 08:04 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 08:04 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 08:04 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 08:04 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 08:04 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 08:04 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 08:04 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 08:04 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 08:04 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 08:04 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 08:04 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 08:04 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 08:04 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 08:04 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 08:04 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 08:04 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 08:04 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-01 15:33 - 2013-11-01 15:34 - 00000000 ____D C:\Users\Steffi\Desktop\MPlus-Seminar - WS 2013-14
==================== One Month Modified Files and Folders =======
2013-11-27 20:41 - 2013-11-27 20:41 - 00028680 _____ C:\Users\Steffi\Desktop\FRST.txt
2013-11-27 20:40 - 2013-11-27 20:40 - 00000000 ____D C:\FRST
2013-11-27 20:40 - 2013-11-27 20:40 - 00000000 _____ C:\Users\Steffi\defogger_reenable
2013-11-27 20:40 - 2013-11-27 20:39 - 00000474 _____ C:\Users\Steffi\Desktop\defogger_disable.log
2013-11-27 20:40 - 2012-04-02 09:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-27 20:40 - 2012-01-05 18:49 - 00000000 ____D C:\Users\Steffi
2013-11-27 20:39 - 2013-11-27 20:39 - 00000246 _____ C:\Users\Steffi\Desktop\defogger_enable.log
2013-11-27 20:38 - 2013-11-27 20:38 - 01958850 _____ (Farbar) C:\Users\Steffi\Desktop\FRST64.exe
2013-11-27 20:38 - 2013-11-27 20:38 - 00050477 _____ C:\Users\Steffi\Desktop\Defogger.exe
2013-11-27 20:20 - 2011-11-07 15:28 - 02047246 _____ C:\Windows\WindowsUpdate.log
2013-11-27 20:00 - 2011-11-07 16:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 19:07 - 2011-11-07 16:00 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-27 10:31 - 2012-01-05 18:50 - 00003494 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2013-11-27 10:31 - 2012-01-05 18:50 - 00003448 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2013-11-27 10:31 - 2012-01-05 18:50 - 00000466 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2013-11-27 10:30 - 2013-03-30 12:07 - 00000342 _____ C:\Windows\Tasks\dsmonitor.job
2013-11-27 10:30 - 2012-01-05 18:54 - 00001432 _____ C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 10:17 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-27 10:17 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-27 10:16 - 2011-11-08 00:09 - 05238240 _____ C:\Windows\system32\perfh007.dat
2013-11-27 10:16 - 2011-11-08 00:09 - 01602054 _____ C:\Windows\system32\perfc007.dat
2013-11-27 10:16 - 2009-07-14 06:13 - 00006528 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-27 10:09 - 2012-01-06 18:15 - 00000000 _____ C:\sniffer.log
2013-11-27 10:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-27 10:07 - 2009-07-14 05:51 - 00088442 _____ C:\Windows\setupact.log
2013-11-27 03:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-27 03:08 - 2013-11-27 03:01 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-27 03:03 - 2013-11-27 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 03:03 - 2013-11-27 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 03:03 - 2013-11-27 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 03:03 - 2013-11-27 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 03:03 - 2013-11-27 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 03:03 - 2013-11-27 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 03:03 - 2013-11-27 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 03:03 - 2013-11-27 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 03:03 - 2013-11-27 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 03:03 - 2013-11-27 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 03:03 - 2013-11-27 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 05:18 - 2013-10-24 23:41 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\OpenCandy
2013-11-26 05:18 - 2012-07-22 12:27 - 00000000 ____D C:\ProgramData\Real
2013-11-26 05:18 - 2012-02-02 04:40 - 00000000 ____D C:\Users\Gast
2013-11-26 05:18 - 2012-01-06 15:53 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-26 05:18 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-26 05:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-26 05:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-23 00:53 - 2012-03-01 23:03 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\uTorrent
2013-11-22 22:26 - 2013-11-22 21:54 - 345820622 _____ C:\Users\Steffi\Downloads\The.Mentalist.S06E08.LEAKED.WEBRip.mp4
2013-11-22 20:29 - 2013-10-20 21:44 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\vlc
2013-11-20 10:47 - 2012-01-06 18:17 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\Skype
2013-11-20 06:35 - 2012-05-04 15:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-19 16:24 - 2013-03-29 12:46 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-19 16:24 - 2013-03-29 12:46 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-18 11:54 - 2013-11-18 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 11:38 - 2012-01-06 16:40 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\Apple Computer
2013-11-18 11:36 - 2012-01-05 18:50 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2013-11-17 23:32 - 2013-11-17 23:32 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-17 23:32 - 2013-11-17 23:31 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-17 23:32 - 2013-11-17 23:31 - 00000000 ____D C:\Program Files\iTunes
2013-11-17 23:32 - 2013-11-17 23:31 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-17 23:31 - 2013-11-17 23:31 - 00000000 ____D C:\Program Files\iPod
2013-11-17 23:31 - 2012-01-06 16:39 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-15 16:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-15 15:16 - 2012-01-05 18:50 - 00004234 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2013-11-15 03:09 - 2012-05-15 00:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 03:05 - 2013-07-23 01:05 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 03:03 - 2012-07-13 13:18 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-06 21:29 - 2012-01-06 16:56 - 00000000 ____D C:\Users\Steffi\AppData\Local\Paint.NET
2013-11-01 15:34 - 2013-11-01 15:33 - 00000000 ____D C:\Users\Steffi\Desktop\MPlus-Seminar - WS 2013-14
Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Steffi\AppData\Local\Temp\avgnt.exe
C:\Users\Steffi\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Steffi\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Steffi\AppData\Local\Temp\setup.exe
C:\Users\Steffi\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 07:49
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- Additional Log: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2013 01
Ran by *** at 2013-11-27 20:42:10
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (x32 Version: 3.1.2)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Anzeige am Bildschirm (Version: 6.60.00)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 14.0.1.749)
BatteryBar (remove only)
BisonCam Twain Pro (x32 Version: 1.5.4.7)
Bonjour (Version: 3.0.0.10)
Brain Workshop 4.8.4 (x32 Version: 4.8.4)
Broadcom InConcert Maestro (Version: 1.0.1.2200)
Burn.Now 4.5 (x32 Version: 4.5.0)
Canon Easy-PhotoPrint EX (x32)
Canon MG5200 series Benutzerregistrierung (x32)
Canon MG5200 series MP Drivers
Canon MP Navigator EX 4.0 (x32)
Canon My Printer (x32)
Canon Solution Menu EX (x32)
CCleaner (Version: 3.14)
CD-LabelPrint (x32)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Cisco Systems VPN Client 5.0.07.0440 (Version: 5.0.7)
Citrix Online Plug-in - Web (x32 Version: 12.3.0.8)
Citrix Online Plug-in (DV) (x32 Version: 12.3.0.8)
Citrix Online Plug-in (HDX) (x32 Version: 12.3.0.8)
Citrix Online Plug-in (USB) (x32 Version: 12.3.0.8)
Citrix Online Plug-in (Web) (x32 Version: 12.3.0.8)
ClipGrab 3.2.1.2 (x32)
Conexant HD Audio (Version: 8.32.27.0)
Corel Burn.Now Lenovo Edition (x32 Version: 4.5.0)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0)
Corel DVD MovieFactory Lenovo Edition (x32 Version: 7.0.0)
Corel WinDVD (x32 Version: 10.0.5.828)
Create Recovery Media (x32 Version: 1.20.0.00)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Direct DiscRecorder (x32 Version: 1.00.0000)
DivX-Setup (x32 Version: 2.6.1.24)
DriverScanner (x32 Version: 4.0.10.0)
Dropbox (HKCU Version: 1.4.7)
ElectriCalm 3D Screensaver (remove only) (x32)
Error Messages for Windows (x32 Version: Error Messages for Windows - Version 2.9)
Evernote v. 4.2.3 (x32 Version: 4.2.3.15)
FlashGet 1.9.6.1073 (x32 Version: 1.9.6.1073)
Free-Jahreskalender 2013 (x32 Version: 9.00.2013)
Freemake Video Downloader (x32 Version: 3.0.0)
Google Earth (x32 Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
IBM SPSS Statistics 20 (Version: 20.0.0.0)
iCloud (Version: 3.0.2.163)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (x32 Version: 1.1.0.1147)
Intel Processor Diagnostic Tool 64Bit (Version: 17.0.0)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2476)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 21 (64-bit) (Version: 6.0.210)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 8.8.0 (Full) (x32 Version: 8.8.0)
Lenovo Auto Scroll Utility (Version: 1.10)
Lenovo Patch Utility (x32 Version: 1.0.1.1)
Lenovo Patch Utility 64 bit (Version: 1.2.0.1)
Lenovo Registration (x32 Version: 1.0.4)
Lenovo SimpleTap (Version: 2.1.0003.00)
Lenovo System Interface Driver (Version: 1.05)
Lenovo ThinkVantage Toolbox (Version: 6.0.5849.23)
Lenovo User Guide (x32 Version: 1.0.0008.00)
Lenovo Warranty Information (x32 Version: 1.0.0005.00)
Lenovo Welcome (x32 Version: 3.00.006.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Message Center Plus (x32 Version: 2.0.0012.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MozBackup 1.5.1 (x32)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Paint.NET v3.5.10 (Version: 3.60.0)
PDF24 Creator 4.9.0 (x32)
PDF-XChange Viewer (Version: 2.5.200.0)
Picasa 3 (x32 Version: 3.8)
QuickTime (x32 Version: 7.74.80.86)
RapidBoot (Version: 1.11)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealPlayer (x32 Version: 15.0.5)
Realtek Ethernet Controller Driver (x32 Version: 7.37.1229.2010)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00)
RICOH_Media_Driver_v2.14.18.01 (x32 Version: 2.14.18.01)
Secunia PSI (2.0.0.4002) (x32)
Skype Click to Call (x32 Version: 5.6.8442)
Skype™ 5.10 (x32 Version: 5.10.116)
Softonic toolbar on IE and Chrome (x32 Version: 1.8.21.14)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Steam (x32 Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
System Update (x32 Version: 4.01.0015)
TeamViewer 7 (x32 Version: 7.0.12313)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.2200)
ThinkPad Energie-Manager (x32 Version: 3.63)
ThinkPad Power Management Driver (Version: 1.64.00.00)
ThinkPad UltraNav Driver (Version: 15.3.8.0)
ThinkPad Wireless LAN Adapter Software (x32 Version: 1.00.0029.8)
ThinkVantage AutoLock (Version: 1.03)
ThinkVantage Communications Utility (Version: 2.07)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.75)
Trine 2 (x32)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 2.1.0 (x32 Version: 2.1.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows-Treiberpaket - Intel (iaStor) hdc (11/06/2010 10.1.0.1008) (Version: 11/06/2010 10.1.0.1008)
Windows-Treiberpaket - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00) (Version: 07/28/2011 1.64.00.00)
Windows-Treiberpaket - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010) (Version: 12/29/2010 7.037.1229.2010)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (Version: 05/19/2011 15.3.8.0)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
==================== Restore Points =========================
20-10-2013 19:16:03 Installed Java 7 Update 45 (64-bit)
20-10-2013 19:25:14 Installed Java 7 Update 45
28-10-2013 09:46:20 Geplanter Prüfpunkt
06-11-2013 09:44:23 Geplanter Prüfpunkt
15-11-2013 02:00:34 Geplanter Prüfpunkt
15-11-2013 02:00:34 Windows Update
23-11-2013 12:31:23 Geplanter Prüfpunkt
27-11-2013 02:00:27 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {32C128F8-60B5-4F03-A1BB-739BAD766C7A} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {41946192-8B41-4D24-B62A-F15F2263A2A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-07] (Google Inc.)
Task: {44845285-3271-4179-9318-A513FA9E6175} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {51D7526D-1E8D-4542-AFE2-435CC2E58C8E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5AD049F5-16D8-4F1C-8E15-4EA18C385A5B} - System32\Tasks\{FB2FF831-3CAF-4A3C-852D-C35B374CBA32} => Firefox.exe
Task: {66DB5056-EFA7-409D-A964-E63E728B5E5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-07] (Google Inc.)
Task: {6948EB98-FE0E-4EC7-AD6E-77F0F9A86E2E} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2013-01-16] (Uniblue Systems Ltd)
Task: {6C4ACA37-B888-4BBB-8B37-0AF134DF76C3} - System32\Tasks\{6E423486-25FA-4AEB-A700-E1BE0C842CED} => Firefox.exe hxxp://ui.skype.com/ui/0/5.0.0.152.375/de/go/help.faq.installer?LastError=1603
Task: {6D37EDC1-C8DA-46AE-AF1C-74819CD5E02B} - System32\Tasks\{81459E6B-14C3-4751-8C2B-1CEA807C5807} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {942F7A86-EBE8-476D-868C-DE9806FA3DFB} - System32\Tasks\{5E68570B-BD88-4E51-BEA4-FB5916815DA0} => C:\Users\Steffi\Downloads\CitrixOnlinePluginWeb.exe [2013-07-22] (Citrix Systems, Inc.)
Task: {9FDA9612-D04E-46E6-943C-B39851F72FED} - System32\Tasks\MCP => C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {BACD5A5E-C885-469D-A09B-D5DAFEEAF02B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2011-09-22] (Lenovo)
Task: {BFC59D6A-87C3-442A-B393-6C779EE5E1BA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C463E434-D55D-47C4-8B38-633E14A93533} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2617601996-74598242-3223451816-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {C98501C6-E991-48B5-8C70-C9CE83714A1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {D346E136-E98C-47AC-B1B0-9DE695678E42} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {D891213D-109A-4F26-905B-80709B50C11D} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-08-31] (Lenovo Group Limited)
Task: {E60C8C3C-C936-435F-BB82-D485EE81F83F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {F83E5140-7C30-49BC-94B8-9498F59CA7CB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2617601996-74598242-3223451816-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2011-11-07 15:49 - 2011-08-31 19:03 - 00055808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2011-11-08 00:04 - 2011-05-19 13:04 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-11-07 15:46 - 2011-08-19 06:20 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-03-16 17:29 - 2013-03-16 16:20 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 11:49 - 2011-03-04 11:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2011-11-07 15:50 - 2010-04-06 09:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-11-07 15:50 - 2010-04-06 09:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-11-18 11:54 - 2013-11-18 11:54 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 22:40 - 2013-10-09 22:40 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:B606BA34
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Integrated Camera
Description: Integrated Camera
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Ricoh
Service: 5U877
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3120
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3120
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2122
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2122
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123
System errors:
=============
Error: (11/27/2013 10:10:33 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/27/2013 06:44:59 AM) (Source: iaStor) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (11/27/2013 03:23:36 AM) (Source: DCOM) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (11/26/2013 11:39:05 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/25/2013 08:25:40 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/25/2013 07:03:00 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/25/2013 11:43:44 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/24/2013 09:54:34 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/24/2013 09:51:58 PM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (11/24/2013 09:51:54 PM) (Source: DCOM) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Microsoft Office Sessions:
=========================
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3120
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3120
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2122
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2122
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123
==================== Memory info ===========================
Percentage of memory in use: 60%
Total physical RAM: 4007.23 MB
Available physical RAM: 1574.82 MB
Total Pagefile: 8012.65 MB
Available Pagefile: 5197.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:452.58 GB) (Free:364.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.42 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 3693D307)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-27 21:26:57
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Steffi\AppData\Local\Temp\kfliqpoc.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe[1968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe[1968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe[2640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe[2640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2216] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2216] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[1408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[1408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Windows\SysWOW64\RunDll32.exe[2188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Windows\SysWOW64\RunDll32.exe[2188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
? C:\Windows\system32\mssprxy.dll [5804] entry point in ".rdata" section 00000000686b71e6
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\402cf46a4c73
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\402cf46a4c73 (not active ControlSet)
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
estella Hallo, ich würde mich freuen, wenn sich jemand meinem Problem heute annehmen könnte, weil die Trojaner mittlerweile mein System zerschießen (selbst vermutete Kausalität). Erst der zigste Boot-Vorgang hat gerade geklappt, vorher Blue Screen und mehrfaches Aufhängen, trotz Starthilfe. Ich könnte, falls es hilft, hier noch das Adwcleaner-Log posten: Code:
ATTFilter # AdwCleaner v3.013 - Bericht erstellt am 27/11/2013 um 23:34:20
# Updated 24/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : *** - ***
# Gestartet von : C:\Users\Steffi\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\DriverScanner
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\Uniblue\DriverScanner
Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\Softonic
Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\Uniblue\DriverScanner
Ordner Gelöscht : C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Datei Gelöscht : C:\Users\Public\Desktop\driverscanner.lnk
Datei Gelöscht : C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\searchplugins\softonic.xml
Datei Gelöscht : C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\user.js
Datei Gelöscht : C:\Windows\Tasks\dsmonitor.job
Datei Gelöscht : C:\Windows\System32\Tasks\dsmonitor
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_electricalm-3d-screensaver_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_electricalm-3d-screensaver_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16736
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=d2f018d00000000000003859f9e88dee");
Zeile gelöscht : user_pref("extensions.Softonic.id", "d2f018d00000000000003859f9e88dee");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16002");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=d2f018d00000000000003859f9e88dee");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=d2f018d00000000000003859f9e88dee&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.140:41:30");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.ffxtlbr@Facemoods.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"20\": {\"id\": \"20\",\"title\": \"Babylon\",\"type\": \"EXE\",\"url\": \"hxxps://www.addonfox.com/partners/rd/babylon/\",\"hom[...]
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\3276zffz.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : homepage
Gelöscht : search_url
Gelöscht : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [13147 octets] - [27/11/2013 23:33:36]
AdwCleaner[S0].txt - [12689 octets] - [27/11/2013 23:34:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12750 octets] ##########
Herzlich, estella Geändert von Estella123 (27.11.2013 um 21:32 Uhr) |
| Themen zu PUP.Optional.Opencandy: 3 Virenfunde durch Malwarebytes |
| aktuelle, alten, antivirus, avira, beschädigt, bildschirm, entdeck, entfernen, funde, funktioniert, großes, herzlichen, kurzzeitig, laptop, malwarebytes, nicht mehr, problem, probleme, registry, reparatur, starte, stärke, toolkit, versucht, windows |
Baum-Darstellung