| |
| |||||||
Log-Analyse und Auswertung: Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.01.2014, 08:58
| #1 |
| |  Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. Hallo, da ich nicht wirklich ein Computerexperte bin hoffe ich das ihr mir helfen könnt. Habe vor kurzem Bekanntschaft mit dem BkA-Virus gemacht. Habe mir in meiner Panik Programme runtergeladen um ihm zu entfernen , was auch geklappt (zumindest habe ich das gedacht) und danach alles vom Pc entfernt was damit zutun hat. Ich weiss, das ist alles nicht sonderlich clever gewesen. Augenscheinlich funktioniert wieder alles und es gibt keine Beeinträchtigungen außer halt diese Meldung beim hochfahren.Aber ich bin Laie und habe keine Ahnung. Ich hoffe ihr könnt mir helfen. Anbei die geforderten Logfiles laut eurer Anleitung MfG Gawer Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:43 on 05/01/2014 (Melanie)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Melanie (administrator) on KID on 05-01-2014 22:38:01
Running from C:\Users\Melanie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\DCService.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
() C:\Program Files (x86)\maxdome\DCBin\DCTrayApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(SAMSUNG ELECTRONICS) C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2779024 2011-03-15] (CANON INC.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [NPSStartup] - [x]
HKLM-x32\...\Run: [SMSTray] - C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKCU\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Melanie\AppData\Local\Temp\rdfpwjhivygsvnnur.exe <===== ATTENTION
HKCU\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Command Processor: "C:\Users\Melanie\AppData\Local\Temp\rdfpwjhivygsvnnur.exe" <======= ATTENTION
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {9d1b30e7-603b-11e3-bfc2-00262d9bc414} - E:\Startme.exe
MountPoints2: {f8587243-63e7-11e3-ba0f-806e6f6e6963} - E:\Startme.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk
ShortcutTarget: PMB Medien-Prüfung.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
ShortcutTarget: regmonstd.lnk -> C:\Users\Melanie\AppData\Local\Temp\b34btbztdb0vavaw.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360110g116l0368z185t58m1a091
URLSearchHook: HKLM-x32 - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKCU - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE362DE362
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121139&babsrc=SP_ss&mntrId=FE98964CE5630FF3
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE362DE362
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default
FF user.js: detected! => C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\user.js
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://mixidj.delta-search.com/?affID=121139&babsrc=HP_ss&mntrId=FE98964CE5630FF3
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxTrick - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}
FF Extension: Amazon 1Button App for Firefox - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Extensions\abb@amazon.com.xpi
FF Extension: Yahoo! Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-06-01] (Adobe Systems)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [908856 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 Prosieben; C:\Program Files (x86)\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2012-03-01] (Synaptics Incorporated)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-05 22:38 - 2014-01-05 22:39 - 00020642 _____ C:\Users\Melanie\Desktop\FRST.txt
2014-01-05 22:37 - 2014-01-05 22:37 - 00000000 ____D C:\FRST
2014-01-05 22:36 - 2014-01-05 22:37 - 01931368 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-01-05 22:35 - 2014-01-05 22:35 - 00000476 _____ C:\Users\Melanie\Desktop\defogger_disable.log
2014-01-05 22:35 - 2014-01-05 22:35 - 00000000 _____ C:\Users\Melanie\defogger_reenable
2014-01-05 22:33 - 2014-01-05 22:33 - 00050477 _____ C:\Users\Melanie\Desktop\Defogger.exe
2014-01-05 21:37 - 2014-01-05 21:37 - 00000000 ____D C:\Users\Melanie\AppData\Local\{262078E9-179A-4705-8257-0AAC7B88404C}
2014-01-04 21:46 - 2014-01-04 21:46 - 00000000 ____D C:\Users\Melanie\AppData\Local\{58D0141E-6D13-4F37-AB91-B8A7868565A4}
2013-12-28 18:56 - 2013-12-28 18:56 - 00551488 _____ C:\Windows\Minidump\122813-34679-01.dmp
2013-12-26 17:23 - 2013-12-26 17:23 - 00000000 ____D C:\Users\Melanie\AppData\Local\{AD057798-9258-4C37-B777-E1820F2F4288}
2013-12-24 22:03 - 2014-01-05 21:50 - 00000000 ____D C:\Users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-24 22:03 - 2013-12-24 22:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-24 21:54 - 2014-01-04 21:40 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-24 21:53 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAW.DLL
2013-12-24 21:49 - 2013-12-24 21:49 - 00002083 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2013-12-24 21:49 - 2013-12-24 21:49 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2013-12-24 21:47 - 2013-12-24 21:47 - 00000000 ____D C:\Program Files\Canon
2013-12-24 21:46 - 2013-12-24 21:46 - 00002364 _____ C:\Users\Public\Desktop\Canon iP4900 series Online-Handbuch.lnk
2013-12-24 21:45 - 2013-12-24 21:45 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 21:44 - 2013-12-24 21:44 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 21:44 - 2011-02-03 09:20 - 00256000 _____ (CANON INC.) C:\Windows\system32\CNMIUAW.DLL
2013-12-24 19:56 - 2013-12-25 21:45 - 00000789 _____ C:\Users\Melanie\AppData\Local\cookies.ini
2013-12-24 19:56 - 2013-12-24 19:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\cache
2013-12-24 19:55 - 2013-12-24 19:55 - 00001213 _____ C:\Users\Melanie\Desktop\VTech Download Manager.lnk
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\ProgramData\VTech
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\Program Files (x86)\VTech
2013-12-24 03:49 - 2013-12-24 03:50 - 00000000 ____D C:\Users\Melanie\AppData\Local\{01B42FD6-7BF2-4A6E-A7BF-34CEA8B274F3}
2013-12-22 03:29 - 2013-12-22 03:29 - 00002960 _____ C:\Windows\System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F}
2013-12-22 03:23 - 2012-09-27 15:33 - 00934784 _____ (CANON INC.) C:\Users\Melanie\WirelessCameraConnectionSetting.exe
2013-12-21 00:50 - 2013-12-21 00:50 - 00001151 _____ C:\Users\Melanie\Desktop\MyCamera.lnk
2013-12-21 00:48 - 2013-12-21 01:06 - 00000000 ____D C:\Users\Melanie\Documents\Canon Utilities
2013-12-21 00:28 - 2013-12-21 00:28 - 00673080 _____ ( ) C:\Users\Melanie\Downloads\DownloadAcceleratorSetup.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00000000 ____D C:\Users\Public\Documents\Canon MyCameraFiles
2013-12-20 23:58 - 2013-12-21 00:00 - 62808100 _____ C:\Users\Melanie\Downloads\cdw-inst-8-8-0-17-u01-9l.zip
2013-12-20 01:43 - 2013-12-20 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 11:02 - 2013-12-18 11:02 - 00000000 ____D C:\Users\Melanie\AppData\Local\{ADFE457A-BE32-4BB2-93C2-6FCB8460CA10}
2013-12-14 21:40 - 2013-12-14 21:40 - 00000000 ____D C:\1d2bcc69de0586588798b18195a5
2013-12-14 20:42 - 2013-12-14 20:42 - 00000000 ____D C:\Users\Melanie\AppData\Local\{1E0F61B0-9F21-4B53-95EF-92943CD93EAE}
2013-12-13 13:14 - 2013-12-13 13:14 - 00002106 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-12-13 12:25 - 2013-12-13 12:25 - 00000000 ____D C:\Users\Melanie\AppData\Local\{E9034D4C-4BB4-482C-BAD0-7E9A81DB52F5}
2013-12-13 09:26 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-13 09:26 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 09:26 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-13 09:26 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 09:20 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 09:20 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 09:20 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-13 09:20 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-13 09:20 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-13 09:20 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 09:20 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-13 09:20 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-13 09:20 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-12 18:46 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 18:46 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 18:46 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 18:46 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 18:46 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 18:46 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 18:46 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 18:46 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 18:46 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 18:46 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 18:46 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 18:46 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 18:46 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 18:46 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 18:46 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 18:46 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 18:46 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 18:46 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 18:46 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 21:11 - 2013-12-11 21:11 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 09:26 - 2013-12-11 09:26 - 00000000 ____D C:\Users\Melanie\AppData\Local\{52B72984-FAAE-4792-9820-86051C1DCB63}
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2013-12-09 23:38 - 2013-12-09 23:38 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2013-12-09 23:38 - 2013-12-09 23:38 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2013-12-09 23:37 - 2013-12-09 23:37 - 00000000 ____D C:\ProgramData\Sony Mobile
2013-12-09 23:36 - 2013-12-09 23:36 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2013-12-09 23:34 - 2013-12-13 13:17 - 00323898 _____ C:\Windows\DPINST.LOG
2013-12-09 23:31 - 2013-12-09 23:31 - 00000000 ____D C:\ProgramData\Sony
2013-12-09 23:08 - 2013-12-09 23:08 - 02084951 _____ C:\Users\Melanie\Downloads\userguide_DE_C1904-C1905_1_Android4.1.pdf.zip
2013-12-09 08:03 - 2013-12-09 08:03 - 00000000 ____D C:\Users\Melanie\AppData\Local\{8726D9DD-B715-4C58-9B59-F7F5F0120434}
2013-12-08 20:34 - 2013-12-08 20:34 - 00000508 _____ C:\Users\Melanie\Desktop\P1070459.JPGBild2,31 MB08.12.2013 2034.URL
2013-12-08 14:34 - 2013-12-08 14:34 - 00000000 ____D C:\Users\Melanie\AppData\Local\{07A5ECD2-B320-4CEA-8E20-C4DB2EAF73C8}
2013-12-06 15:12 - 2013-12-06 15:10 - 00042466 _____ C:\Users\Melanie\Downloads\S_20131206_151032_Neue_Nachrichten.zip
==================== One Month Modified Files and Folders =======
2014-01-05 22:39 - 2014-01-05 22:38 - 00020642 _____ C:\Users\Melanie\Desktop\FRST.txt
2014-01-05 22:37 - 2014-01-05 22:37 - 00000000 ____D C:\FRST
2014-01-05 22:37 - 2014-01-05 22:36 - 01931368 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-01-05 22:35 - 2014-01-05 22:35 - 00000476 _____ C:\Users\Melanie\Desktop\defogger_disable.log
2014-01-05 22:35 - 2014-01-05 22:35 - 00000000 _____ C:\Users\Melanie\defogger_reenable
2014-01-05 22:35 - 2010-01-11 12:04 - 00000000 ____D C:\Users\Melanie
2014-01-05 22:33 - 2014-01-05 22:33 - 00050477 _____ C:\Users\Melanie\Desktop\Defogger.exe
2014-01-05 22:30 - 2009-11-25 06:49 - 01129596 _____ C:\Windows\WindowsUpdate.log
2014-01-05 22:27 - 2010-02-27 00:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-05 22:19 - 2012-07-17 21:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-05 21:50 - 2013-12-24 22:03 - 00000000 ____D C:\Users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-05 21:42 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-05 21:37 - 2014-01-05 21:37 - 00000000 ____D C:\Users\Melanie\AppData\Local\{262078E9-179A-4705-8257-0AAC7B88404C}
2014-01-05 21:26 - 2012-06-15 23:32 - 00696832 ___SH C:\Users\Melanie\Desktop\Thumbs.db
2014-01-05 21:22 - 2013-03-14 22:17 - 00000000 ____D C:\Users\Melanie\Desktop\CAKE-BABY
2014-01-05 14:34 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 14:34 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 14:27 - 2010-02-27 00:12 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-05 14:26 - 2013-05-14 12:18 - 00000430 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-05 14:24 - 2013-10-11 08:11 - 00011759 _____ C:\Windows\setupact.log
2014-01-05 14:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 14:09 - 2013-11-27 08:14 - 00209079 _____ C:\Windows\IE11_main.log
2014-01-05 14:00 - 2011-01-21 20:58 - 00000000 ___RD C:\Users\Melanie\Desktop\musik
2014-01-05 14:00 - 2010-09-09 12:35 - 00000000 ____D C:\Users\Melanie\Desktop\max
2014-01-04 22:07 - 2010-03-03 06:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\Paint.NET
2014-01-04 21:46 - 2014-01-04 21:46 - 00000000 ____D C:\Users\Melanie\AppData\Local\{58D0141E-6D13-4F37-AB91-B8A7868565A4}
2014-01-04 21:40 - 2013-12-24 21:54 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-01-01 18:53 - 2012-08-10 10:00 - 00000294 _____ C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2013-12-28 18:56 - 2013-12-28 18:56 - 00551488 _____ C:\Windows\Minidump\122813-34679-01.dmp
2013-12-28 18:56 - 2013-10-23 15:32 - 340431824 _____ C:\Windows\MEMORY.DMP
2013-12-28 18:56 - 2013-10-11 08:10 - 00122480 _____ C:\Windows\PFRO.log
2013-12-28 18:56 - 2011-09-14 19:39 - 00000000 ____D C:\Windows\Minidump
2013-12-26 17:23 - 2013-12-26 17:23 - 00000000 ____D C:\Users\Melanie\AppData\Local\{AD057798-9258-4C37-B777-E1820F2F4288}
2013-12-25 21:45 - 2013-12-24 19:56 - 00000789 _____ C:\Users\Melanie\AppData\Local\cookies.ini
2013-12-24 22:03 - 2013-12-24 22:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-24 21:59 - 2013-12-02 18:07 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\canon
2013-12-24 21:50 - 2010-01-12 10:26 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-24 21:49 - 2013-12-24 21:49 - 00002083 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2013-12-24 21:49 - 2013-12-24 21:49 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2013-12-24 21:47 - 2013-12-24 21:47 - 00000000 ____D C:\Program Files\Canon
2013-12-24 21:46 - 2013-12-24 21:46 - 00002364 _____ C:\Users\Public\Desktop\Canon iP4900 series Online-Handbuch.lnk
2013-12-24 21:45 - 2013-12-24 21:45 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 21:44 - 2013-12-24 21:44 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 20:08 - 2009-11-25 15:36 - 00697098 _____ C:\Windows\system32\perfh007.dat
2013-12-24 20:08 - 2009-11-25 15:36 - 00148362 _____ C:\Windows\system32\perfc007.dat
2013-12-24 20:08 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-24 19:56 - 2013-12-24 19:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\cache
2013-12-24 19:55 - 2013-12-24 19:55 - 00001213 _____ C:\Users\Melanie\Desktop\VTech Download Manager.lnk
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\ProgramData\VTech
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\Program Files (x86)\VTech
2013-12-24 03:50 - 2013-12-24 03:49 - 00000000 ____D C:\Users\Melanie\AppData\Local\{01B42FD6-7BF2-4A6E-A7BF-34CEA8B274F3}
2013-12-22 03:29 - 2013-12-22 03:29 - 00002960 _____ C:\Windows\System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F}
2013-12-22 01:20 - 2013-12-02 21:27 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\CANON INC
2013-12-21 10:04 - 2012-11-28 01:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 01:06 - 2013-12-21 00:48 - 00000000 ____D C:\Users\Melanie\Documents\Canon Utilities
2013-12-21 00:50 - 2013-12-21 00:50 - 00001151 _____ C:\Users\Melanie\Desktop\MyCamera.lnk
2013-12-21 00:28 - 2013-12-21 00:28 - 00673080 _____ ( ) C:\Users\Melanie\Downloads\DownloadAcceleratorSetup.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00000000 ____D C:\Users\Public\Documents\Canon MyCameraFiles
2013-12-21 00:00 - 2013-12-20 23:58 - 62808100 _____ C:\Users\Melanie\Downloads\cdw-inst-8-8-0-17-u01-9l.zip
2013-12-20 01:43 - 2013-12-20 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 11:02 - 2013-12-18 11:02 - 00000000 ____D C:\Users\Melanie\AppData\Local\{ADFE457A-BE32-4BB2-93C2-6FCB8460CA10}
2013-12-14 21:40 - 2013-12-14 21:40 - 00000000 ____D C:\1d2bcc69de0586588798b18195a5
2013-12-14 21:40 - 2010-01-13 01:02 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 20:42 - 2013-12-14 20:42 - 00000000 ____D C:\Users\Melanie\AppData\Local\{1E0F61B0-9F21-4B53-95EF-92943CD93EAE}
2013-12-13 13:17 - 2013-12-09 23:34 - 00323898 _____ C:\Windows\DPINST.LOG
2013-12-13 13:14 - 2013-12-13 13:14 - 00002106 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-12-13 13:13 - 2009-10-28 18:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-13 12:25 - 2013-12-13 12:25 - 00000000 ____D C:\Users\Melanie\AppData\Local\{E9034D4C-4BB4-482C-BAD0-7E9A81DB52F5}
2013-12-13 09:55 - 2009-07-14 05:45 - 00359384 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-13 09:26 - 2009-10-29 06:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 12:55 - 2013-05-02 09:26 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 12:55 - 2013-03-21 13:43 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 12:55 - 2013-03-21 13:43 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-11 21:11 - 2013-12-11 21:11 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 21:11 - 2012-07-17 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 21:11 - 2012-07-17 21:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 21:11 - 2011-05-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 09:26 - 2013-12-11 09:26 - 00000000 ____D C:\Users\Melanie\AppData\Local\{52B72984-FAAE-4792-9820-86051C1DCB63}
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2013-12-09 23:38 - 2013-12-09 23:38 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2013-12-09 23:38 - 2013-12-09 23:38 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2013-12-09 23:37 - 2013-12-09 23:37 - 00000000 ____D C:\ProgramData\Sony Mobile
2013-12-09 23:36 - 2013-12-09 23:36 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2013-12-09 23:31 - 2013-12-09 23:31 - 00000000 ____D C:\ProgramData\Sony
2013-12-09 23:31 - 2010-01-12 09:48 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-09 23:08 - 2013-12-09 23:08 - 02084951 _____ C:\Users\Melanie\Downloads\userguide_DE_C1904-C1905_1_Android4.1.pdf.zip
2013-12-09 08:03 - 2013-12-09 08:03 - 00000000 ____D C:\Users\Melanie\AppData\Local\{8726D9DD-B715-4C58-9B59-F7F5F0120434}
2013-12-09 00:30 - 2013-05-20 20:41 - 02553344 ___SH C:\Users\Melanie\Documents\Thumbs.db
2013-12-08 23:39 - 2012-06-15 23:32 - 00194048 ___SH C:\Users\Melanie\Downloads\Thumbs.db
2013-12-08 20:34 - 2013-12-08 20:34 - 00000508 _____ C:\Users\Melanie\Desktop\P1070459.JPGBild2,31 MB08.12.2013 2034.URL
2013-12-08 14:34 - 2013-12-08 14:34 - 00000000 ____D C:\Users\Melanie\AppData\Local\{07A5ECD2-B320-4CEA-8E20-C4DB2EAF73C8}
2013-12-08 09:54 - 2010-01-12 12:04 - 00000000 ____D C:\Users\Melanie\AppData\Local\Adobe
2013-12-06 15:10 - 2013-12-06 15:12 - 00042466 _____ C:\Users\Melanie\Downloads\S_20131206_151032_Neue_Nachrichten.zip
Files to move or delete:
====================
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Users\Melanie\WirelessCameraConnectionSetting.exe
C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
Some content of TEMP:
====================
C:\Users\Melanie\AppData\Local\Temp\4vvfjg0g.dll
C:\Users\Melanie\AppData\Local\Temp\avgnt.exe
C:\Users\Melanie\AppData\Local\Temp\ICReinstall_DownloadAcceleratorSetup.exe
C:\Users\Melanie\AppData\Local\Temp\install_reader11_de_ltr5x64d_awc_aih.exe
C:\Users\Melanie\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Melanie\AppData\Local\Temp\Storio2_DE_ger_Setup.exe
C:\Users\Melanie\AppData\Local\Temp\tbDVD0.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2010-11-07 21:27
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by Melanie at 2014-01-05 22:40:28
Running from C:\Users\Melanie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
AAVUpdateManager (x32 Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.7.1 - Suyin Optronics Corp)
Acer ePower Management (x32 Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (x32 Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (x32 Version: 3.01.0730 - Acer Inc.)
Acer Registration (x32 Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.7.0715 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 4.0 (x32 Version: - )
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Advanced Driver Updater (x32 Version: 2.1.1086.11897 - Systweak Inc)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alice Greenfingers (x32 Version: - Oberon Media)
Amazonia (x32 Version: - Oberon Media)
ArcSoft PhotoBase (x32 Version: - )
Avira Antivirus Suite (x32 Version: 14.0.2.286 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Bing-Desktop (x32 Version: 1.3.171.0 - Microsoft Corporation)
Broadcom Gigabit NetLink Controller (Version: 12.26.02 - Broadcom Corporation)
Canon Easy-PhotoPrint EX (x32 Version: - )
Canon Easy-WebPrint EX (x32 Version: 1.4.0.0 - Canon Inc.)
Canon Inkjet Printer Driver Add-On Module (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32 Version: - )
Canon iP4900 series Benutzerregistrierung (x32 Version: - )
Canon iP4900 series On-screen Manual (x32 Version: - )
Canon iP4900 series Printer Driver (Version: - )
Canon My Printer (x32 Version: - )
Canon Solution Menu EX (x32 Version: - )
Canon Utilities CameraWindow DC 8 (x32 Version: 8.10.0.16 - Canon Inc.)
Canon Utilities ImageBrowser EX (x32 Version: 1.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (x32 Version: 3.1.23.47 - Canon Inc.)
CCleaner (Version: 3.23 - Piriform)
Chicken Invaders 2 (x32 Version: - Oberon Media)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Conduit Engine (x32 Version: - Conduit Ltd.)
ContentSAFER for Wizmax (x32 Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (x32 Version: - Oberon Media)
DHTML Editing Component (x32 Version: 6.02.0001 - Microsoft Corporation)
Dream Day First Home (x32 Version: - Oberon Media)
eBay Worldwide (x32 Version: 2.1.0901 - OEM)
EmoDio (x32 Version: 1.0 - SAMSUNG)
EmoDio (x32 Version: 1.0 - SAMSUNG) Hidden
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (x32 Version: - Oberon Media)
First Class Flurry (x32 Version: - Oberon Media)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Granny In Paradise (x32 Version: - Oberon Media)
Heroes of Hellas (x32 Version: - Oberon Media)
Identity Card (x32 Version: 1.00.3002 - Acer Incorporated)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Launch Manager (x32 Version: 3.0.05 - Acer Inc.)
LSI HDA Modem (Version: 2.1.94 - LSI Corporation)
maxdome Download Manager 4.1.300.78 (x32 Version: 4.1.30078 - Prosieben)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Merriam Websters Spell Jam (x32 Version: - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyAshampoo Toolbar (x32 Version: 6.2.7.3 - MyAshampoo)
MyWinLocker (x32 Version: 3.1.76.0 - Egis Technology Inc.)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero MediaHome 4 (x32 Version: 4.5.9.2 - Nero AG) Hidden
Nero MediaHome 4 Essentials (x32 Version: - Nero AG)
Nero MediaHome 4 Help (x32 Version: 4.5.5.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
NTI Backup Now 5 (x32 Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA Grafiktreiber 296.17 (Version: 296.17 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0203 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0203 (Version: 9.12.0203 - NVIDIA Corporation)
NVIDIA Systemsteuerung 296.17 (Version: 296.17 - NVIDIA Corporation) Hidden
OpenOffice.org 3.2 (x32 Version: 3.2.9483 - OpenOffice.org)
Paint.NET v3.5.10 (Version: 3.60.0 - dotPDN LLC)
PIXELA AAC LC CODEC (x32 Version: 1.1.0.1 - Canon Inc.)
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Samsung Mobile phone USB driver Drive Software (Version: - )
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SmartPCFixer 4.2 (Version: 4.2 - LionSea Software) <==== ATTENTION
Sony Mobile Update Engine (x32 Version: 2.13.14.201311281309 - Sony Mobile Communications AB)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
Sony Picture Utility (x32 Version: 4.2.00.15030 - Sony Corporation)
Steuer-Spar-Erklärung 2013 (x32 Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Synaptics Pointing Device Driver (Version: 14.0.6.0 - Synaptics Incorporated)
T-Online 6.0 (x32 Version: - )
Uninstall 1.0.0.1 (x32 Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (x32 Version: - VTech)
Welcome Center (x32 Version: 1.00.3008 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
==================== Restore Points =========================
20-12-2013 09:04:23 Windows Update
21-12-2013 09:12:05 Windows Update
22-12-2013 02:00:21 Windows Update
22-12-2013 02:30:34 Windows Update
23-12-2013 14:24:20 Windows Update
24-12-2013 02:10:21 Windows Update
25-12-2013 09:38:21 Windows Update
26-12-2013 06:19:55 Windows Update
28-12-2013 09:13:23 Windows Update
28-12-2013 23:52:39 Windows Update
29-12-2013 06:58:11 Windows Update
30-12-2013 08:37:20 Windows Update
31-12-2013 08:19:13 Windows Update
01-01-2014 17:51:11 Windows Update
02-01-2014 04:30:33 Windows Update
03-01-2014 02:00:51 Windows Update
03-01-2014 07:25:50 Windows Update
05-01-2014 13:06:53 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0709BDC6-0B81-4AE1-82D4-58C1166F5A97} - System32\Tasks\{EE59B01C-67D9-4AD7-8877-C56C4DFF2F28} => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {280C14FC-9B26-435B-BA36-8DA60ACCC61B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {28EE9630-9013-4AD6-8FF6-1DB8706C0EFA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {331D470B-FC5B-4ED4-A705-CB6600EE9A2B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {4813AA35-E11E-45E5-A912-E3235D79C651} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files (x86)\Advanced Driver Updater\adu.exe [2012-07-23] (Systweak Inc)
Task: {72EDD5AF-D1F9-4920-A7E1-83612D489AE9} - System32\Tasks\{0100F523-01AA-4A2D-B83F-A6D31D46D889} => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {744CE7C6-C406-4AB4-A0A7-C5E86F97B484} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: {8638B5EA-A071-4A1F-9234-7F1A20B2F009} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {90F034A2-DA41-4665-830E-5AC0D64DC9A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27] (Google Inc.)
Task: {ACD177C4-6390-44DC-BCE7-9AE48ABFA780} - System32\Tasks\{E9AC9F95-2A40-40C0-8FDD-43E82D153F3D} => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {DCC526BA-0581-4A3D-AFAA-D95A45C90846} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27] (Google Inc.)
Task: {FF103E8A-E8E9-4A5F-8609-1075D0712064} - System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F} => C:\Program Files (x86)\Canon\MyCamera\MyCamera.exe [2011-03-29] (CANON INC.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-20 16:50 - 2012-12-20 16:40 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 01057512 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoFoundation.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00627944 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoNet.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00514352 _____ () C:\Program Files (x86)\maxdome\DCBin\sqlite3.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00517352 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoXML.dll
2013-12-09 23:31 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2013-12-09 23:31 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2013-12-09 23:31 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2013-12-09 23:31 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2013-10-18 15:04 - 2013-10-18 15:04 - 00645632 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2012-08-30 13:39 - 2013-10-03 10:42 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2009-10-20 20:02 - 2010-06-01 22:10 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2013-12-20 01:43 - 2013-12-20 01:43 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:E8BE05FA
AlternateDataStreams: C:\Users\Melanie\Documents\Bilder Maximilian&Mette.eml:OECustomProperty
AlternateDataStreams: C:\Users\Melanie\Documents\Hotelreservierung Reservierungs-Code „Study Nurse Ausbildung“.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/05/2014 09:26:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CNSEUPDT.EXE, Version: 1.3.5.0, Zeitstempel: 0x4e3a32f0
Name des fehlerhaften Moduls: CNMDWLD.DLL, Version: 1.0.0.0, Zeitstempel: 0x4cad61a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000024c0
ID des fehlerhaften Prozesses: 0x14d0
Startzeit der fehlerhaften Anwendung: 0xCNSEUPDT.EXE0
Pfad der fehlerhaften Anwendung: CNSEUPDT.EXE1
Pfad des fehlerhaften Moduls: CNSEUPDT.EXE2
Berichtskennung: CNSEUPDT.EXE3
Error: (01/05/2014 08:25:07 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (01/05/2014 08:15:32 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (01/04/2014 01:37:47 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (12/31/2013 01:22:15 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a7c
Startzeit: 01cf062281b9868d
Endzeit: 452
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 24ebed75-7216-11e3-83ad-00262d9bc414
Error: (12/29/2013 07:35:09 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (12/22/2013 07:00:18 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (12/22/2013 01:46:50 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c34
Startzeit: 01cefefc94537615
Endzeit: 590
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 0c1dd5bc-6b07-11e3-9c8b-00262d9bc414
Error: (12/21/2013 00:03:08 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 25.0.1.5064, Zeitstempel: 0x5282f204
Name des fehlerhaften Moduls: xul.dll, Version: 25.0.1.5064, Zeitstempel: 0x5282f10e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00118f87
ID des fehlerhaften Prozesses: 0xf58
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (12/15/2013 07:00:04 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
System errors:
=============
Error: (01/05/2014 09:58:54 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 08:15:05 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 06:33:51 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.23
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/05/2014 06:33:36 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 06:31:24 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 06:31:23 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
Error: (01/05/2014 06:22:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/05/2014 06:19:41 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/05/2014 06:16:51 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 06:16:44 PM) (Source: ipnathlp) (User: )
Description: 0
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-02-23 21:54:07.842
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 4090.93 MB
Available physical RAM: 2781.39 MB
Total Pagefile: 8180.03 MB
Available Pagefile: 6282.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:175.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 4E694E69)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2014-01-05 22:56:18
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Melanie\AppData\Local\Temp\ugtdqpow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800033ab000 64 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff800033ab042 5 bytes [00, 00, E0, 00, 40]
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [980:1772] 000007fef1e36b8c
Thread C:\Windows\System32\svchost.exe [980:992] 000007fef1e31d88
Thread C:\Windows\System32\svchost.exe [980:3836] 000007fefd8020b0
Thread C:\Windows\System32\svchost.exe [1012:1280] 000007fefafe59a0
Thread C:\Windows\System32\svchost.exe [1012:1344] 000007fefd051a70
Thread C:\Windows\System32\svchost.exe [1012:2804] 000007fef55d88f8
Thread C:\Windows\System32\svchost.exe [1012:2472] 000007fef1e83efc
Thread C:\Windows\System32\svchost.exe [1012:1336] 000007fef1ec8a4c
Thread C:\Windows\system32\svchost.exe [364:1296] 000007fefa6b1e00
Thread C:\Windows\system32\svchost.exe [364:1380] 000007fefa471a50
Thread C:\Windows\system32\svchost.exe [364:1532] 000007fefd051a70
Thread C:\Windows\system32\svchost.exe [364:3084] 000007fefd051a70
Thread C:\Windows\system32\svchost.exe [364:3284] 000007fef43b84d8
Thread C:\Windows\system32\svchost.exe [364:3372] 000007fef43723a8
Thread C:\Windows\system32\svchost.exe [364:3408] 000007fef43f0d00
Thread C:\Windows\system32\svchost.exe [364:3412] 000007fef3e59498
Thread C:\Windows\system32\svchost.exe [364:3724] 000007fef374506c
Thread C:\Windows\system32\svchost.exe [364:3736] 000007fef3e81c20
Thread C:\Windows\system32\svchost.exe [364:3740] 000007fef3e81c20
Thread C:\Windows\system32\svchost.exe [364:2512] 000007fef8b85124
Thread C:\Windows\system32\svchost.exe [364:4704] 000007fef2a74164
Thread C:\Windows\system32\svchost.exe [364:3892] 000007fef3981ab0
Thread C:\Windows\system32\svchost.exe [364:3148] 000007feeff0cb70
Thread C:\Windows\system32\svchost.exe [1036:1376] 000007fefbb18274
Thread C:\Windows\system32\svchost.exe [1036:1716] 000007fefbb18274
Thread C:\Windows\system32\svchost.exe [1128:540] 000007fef8cdbd88
Thread C:\Windows\system32\svchost.exe [1128:2956] 000007fef4ac83d8
Thread C:\Windows\system32\svchost.exe [1128:2724] 000007fef4ac83d8
Thread C:\Windows\system32\svchost.exe [1128:3336] 000007fef4223f1c
Thread C:\Windows\system32\svchost.exe [1128:3340] 000007fef41f22b8
Thread C:\Windows\system32\svchost.exe [1128:3344] 000007fef41f1a38
Thread C:\Windows\system32\svchost.exe [1128:3348] 000007fef3ed5388
Thread C:\Windows\system32\svchost.exe [1128:3352] 000007fef3eb7738
Thread C:\Windows\system32\svchost.exe [1128:3356] 000007fef3ea1f90
Thread C:\Windows\system32\svchost.exe [1128:3860] 000007fef85a5170
Thread C:\Windows\system32\svchost.exe [1128:4724] 000007fef8b85124
Thread C:\Windows\System32\spoolsv.exe [1404:2120] 000007fef84f10c8
Thread C:\Windows\System32\spoolsv.exe [1404:2140] 000007fef84b6144
Thread C:\Windows\System32\spoolsv.exe [1404:2144] 000007fef80d5fd0
Thread C:\Windows\System32\spoolsv.exe [1404:2148] 000007fef80c3438
Thread C:\Windows\System32\spoolsv.exe [1404:2152] 000007fef80d63ec
Thread C:\Windows\System32\spoolsv.exe [1404:2176] 000007fef8985e5c
Thread C:\Windows\System32\spoolsv.exe [1404:2220] 000007fef8a35074
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:4188] 000007fefb3d2a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:3580] 000007fef0944830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:240] 000007fef8b85124
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:3792] 000007fef08c9d90
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:2404] 000007fef0944830
---- EOF - GMER 2.1 ----
Code:
ATTFilter Exportierte Ereignisse:
06.01.2014 08:43 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Melanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\13f8d54d-116
6fb52'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2013-2423.F.Gen'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '17228b18.qua'
verschoben!
06.01.2014 08:43 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Melanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\59db9587-54fe
6fb3'
enthielt einen Virus oder unerwünschtes Programm 'EXP/Java.HLP.NZ' [exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5df4fe52.qua'
verschoben!
06.01.2014 08:43 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Melanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\15c9b722-2ea
13d2c'
enthielt einen Virus oder unerwünschtes Programm 'TR/Ransom.Foreign.evtn'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4560d1f1.qua'
verschoben!
|
|
06.01.2014, 11:56
| #2 | |
| /// the machine /// TB-Ausbilder    | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. hi,
__________________sauber ist anders  Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ |
|
07.01.2014, 00:06
| #3 |
| | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. Jeep, keine Ahnung und davon sehr viel...
__________________ Danke für die schnelle Antwort! Code:
ATTFilter ComboFix 14-01-04.03 - Melanie 06.01.2014 23:29:51.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4091.684 [GMT 1:00]
ausgeführt von:: c:\users\Melanie\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\programdata\2433f433
c:\programdata\wavav0bdtzbtb43b.bat
c:\users\Melanie\AppData\Roaming\2433f433
c:\users\Melanie\AppData\Roaming\Microsoft\Windows\Recent\MUSIKDateiordner06.11.2013 2102.URL
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-06 bis 2014-01-06 ))))))))))))))))))))))))))))))
.
.
2014-01-06 22:42 . 2014-01-06 22:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-05 21:37 . 2014-01-05 21:37 -------- d-----w- C:\FRST
2013-12-24 21:03 . 2013-12-24 21:03 -------- d--h--w- c:\programdata\CanonIJEPPEX
2013-12-24 21:03 . 2014-01-06 12:51 -------- d-----w- c:\users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-24 20:59 . 2013-12-24 20:59 -------- d--h--w- c:\programdata\CanonIJSolutionMenuEX
2013-12-24 20:59 . 2013-12-24 20:59 -------- d--h--w- c:\programdata\CanonEPP
2013-12-24 20:59 . 2013-12-24 20:59 -------- d--h--w- c:\programdata\CanonIJMyPrinter
2013-12-24 20:54 . 2014-01-04 20:40 -------- d-----w- c:\programdata\CanonIJPLM
2013-12-24 20:53 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAW.DLL
2013-12-24 20:49 . 2013-12-24 20:49 -------- d-----w- c:\programdata\CanonIJWSpt
2013-12-24 20:47 . 2013-12-24 20:47 -------- d-----w- c:\program files\Canon
2013-12-24 20:45 . 2012-03-14 04:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAW.DLL
2013-12-24 20:45 . 2012-03-14 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAW.DLL
2013-12-24 20:45 . 2013-12-24 20:45 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-12-24 20:44 . 2011-02-03 08:20 256000 ----a-w- c:\windows\system32\CNMIUAW.DLL
2013-12-24 18:56 . 2013-12-24 18:56 -------- d-----w- c:\users\Melanie\AppData\Local\cache
2013-12-24 18:55 . 2013-12-24 18:55 -------- d-----w- c:\programdata\VTech
2013-12-24 18:55 . 2013-12-24 18:55 -------- d-----w- c:\program files (x86)\VTech
2013-12-22 02:23 . 2012-09-27 14:33 934784 ----a-w- c:\users\Melanie\WirelessCameraConnectionSetting.exe
2013-12-14 20:40 . 2013-12-14 20:40 -------- d-----w- C:\1d2bcc69de0586588798b18195a5
2013-12-13 08:26 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-13 08:26 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-13 08:26 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-13 08:26 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-13 08:26 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-12 17:46 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 20:11 . 2013-12-11 20:11 9272200 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-09 22:38 . 2013-12-09 22:38 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2013-12-09 22:38 . 2013-12-09 22:38 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys
2013-12-09 22:37 . 2013-12-09 22:37 -------- d-----w- c:\programdata\Sony Mobile
2013-12-09 22:36 . 2013-12-09 22:36 -------- d-----w- c:\program files (x86)\Sony Mobile
2013-12-09 22:31 . 2013-12-09 22:31 -------- d-----w- c:\programdata\Sony
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 20:40 . 2010-01-13 00:02 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-14 03:22 . 2010-01-12 11:50 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-12-14 03:22 . 2010-05-22 20:51 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-12 11:55 . 2013-05-02 08:26 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-12-12 11:55 . 2013-03-21 12:43 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-12-12 11:55 . 2013-03-21 12:43 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-12-11 20:11 . 2012-07-17 20:30 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 20:11 . 2011-05-23 18:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-14 14:34 . 2013-03-21 12:43 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-11-07 21:00 . 2013-11-07 21:01 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-12 02:30 . 2013-11-13 13:52 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 13:52 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 13:52 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 13:52 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 13:52 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\tbMyAs.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 10:51 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2010-12-09 10:51 3911776 ----a-w- c:\program files (x86)\MyAshampoo\tbMyAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\tbMyAs.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nero MediaHome 4"="c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2010-10-26 5178664]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-09-24 261888]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1094736]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-06 419112]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-05 181480]
"SMSTray"="c:\program files (x86)\Samsung\EmoDio\SMSTray.exe" [2009-04-16 479232]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-12 684600]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2013-06-20 2249352]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
"Nero MediaHome 4"="c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2010-10-26 5178664]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2013-06-20 391040]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
.
c:\users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]
PMB Medien-Prüfung.lnk - c:\program files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe /noballoononstart [2010-1-12 333088]
regmonstd.lnk - c:\windows\System32\rundll32.exe c:\users\Melanie\AppData\Local\Temp\b34btbztdb0vavaw.exe,XFG00 [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Image Transfer Utility.lnk - c:\program files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe [2012-11-1 1952768]
ImageBrowser EX Agent.lnk - c:\program files (x86)\Canon\ImageBrowser EX\MFManager.exe [2012-8-30 69120]
maxdome Download Manager.lnk - c:\program files (x86)\maxdome\DCBin\DCTrayApp.exe /accountId:Prosieben [2009-5-1 88808]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [x]
S2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Prosieben;maxdome Download Manager;c:\program files (x86)\maxdome\DCBin\DCService.exe;c:\program files (x86)\maxdome\DCBin\DCService.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-17 20:11]
.
2014-01-01 c:\windows\Tasks\AdvancedDriverUpdater_UPDATES.job
- c:\program files (x86)\Advanced Driver Updater\adu.exe [2012-08-10 13:49]
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26 23:12]
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26 23:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 12:33 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 12:33 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 12:33 2331336 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-11 05:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-11 349480]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-15 2779024]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://mixidj.delta-search.com/?affID=121139&babsrc=HP_ss&mntrId=FE98964CE5630FF3
FF - ExtSQL: 2013-12-01 23:20; abb@amazon.com; c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\extensions\abb@amazon.com.xpi
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - fe98f693000000000000964ce5630ff3
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15778
FF - user.js: extensions.mixidj.vrsn - 1.8.4.1
FF - user.js: extensions.mixidj.vrsni - 1.8.4.1
FF - user.js: extensions.mixidj_i.vrsnTs - 1.8.4.116:42
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj_i.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - mdelta
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - en
FF - user.js: extensions.mixidj_i.excTlbr - false
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj_i.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - (no file)
URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
WebBrowser-{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0407.EXE
AddRemove-ArcSoft PhotoBase - c:\windows\IsUn0407.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Prosieben]
"ImagePath"="\"c:\program files (x86)\maxdome\DCBin\DCService.exe\" /accountid:Prosieben"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000004
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\ACPI_HAL\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\ACPI_HAL\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\blbdrive\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\blbdrive\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\COMPOSITEBUS\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\COMPOSITEBUS\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\COMPOSITE_BATTERY\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\COMPOSITE_BATTERY\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\mssmbios\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\mssmbios\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_AGILEVPNMINIPORT\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_L2TPMINIPORT\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_L2TPMINIPORT\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_NDISWANBH\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_NDISWANBH\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_NDISWANIP\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_NDISWANIP\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_NDISWANIPV6\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_NDISWANIPV6\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_PPPOEMINIPORT\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_PPPOEMINIPORT\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_PPTPMINIPORT\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_PPTPMINIPORT\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_SSTPMINIPORT\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\MS_SSTPMINIPORT\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\RDP_KBD\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\RDP_KBD\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\RDP_MOU\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\RDP_MOU\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\SYSTEM\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\SYSTEM\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\UMBUS\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\UMBUS\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\vdrvroot\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\vdrvroot\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\volmgr\0000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\Root\volmgr\0000\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
Zeit der Fertigstellung: 2014-01-06 23:45:32
ComboFix-quarantined-files.txt 2014-01-06 22:45
.
Vor Suchlauf: 15 Verzeichnis(se), 201.916.157.952 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 203.178.553.344 Bytes frei
.
- - End Of File - - 7E45EAFD8A36264020C1A59F2013F5E3
|
|
07.01.2014, 13:10
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.01.2014, 00:04
| #5 |
| | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. Hey, Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.07.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16750 Melanie :: KID [Administrator] Schutz: Aktiviert 07.01.2014 23:49:07 mbam-log-2014-01-07 (23-49-07).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 236542 Laufzeit: 9 Minute(n), 27 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 7 HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\Software\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Users\Melanie\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 5 C:\Users\Melanie\Downloads\DownloadAcceleratorSetup.exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Melanie\Downloads\installer_adobe_photoshop_cs2_Deutsch_Deutsch.exe (PUP.SmsPay.pns) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Melanie\AppData\Local\2433f433 (Trojan.Agent.TPL) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk (Malware.Trace.E) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Melanie\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 08/01/2014 um 00:20:30
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Melanie - KID
# Gestartet von : C:\Users\Melanie\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\ConduitEngine
Ordner Gelöscht : C:\Program Files (x86)\Driver Pro
Ordner Gelöscht : C:\Program Files (x86)\optimizer pro
Ordner Gelöscht : C:\Program Files (x86)\MyAshampoo
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Melanie\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Melanie\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Melanie\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Melanie\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Melanie\AppData\LocalLow\MyAshampoo
Ordner Gelöscht : C:\Users\Melanie\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Conduit
Ordner Gelöscht : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\ConduitEngine
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Datei Gelöscht : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\searchplugins\mixidj.xml
Datei Gelöscht : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdaterHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKCU\Software\d53d7d1e23ae542
Schlüssel Gelöscht : HKLM\SOFTWARE\d53d7d1e23ae542
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7EA92447-D760-4D7B-9DCC-DC91C2E45F6C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7EA92447-D760-4D7B-9DCC-DC91C2E45F6C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EA92447-D760-4D7B-9DCC-DC91C2E45F6C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9050328-379E-4035-BA78-EB4EA928E383}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EE0ADA8-6DF4-46BF-88B9-715EDD23DF5B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyAshampoo
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\conduitEngine
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\MyAshampoo\toolbar
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\MyAshampoo
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16750
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\prefs.js ]
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2475029");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "myashampoo");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Jun 30 2011 20:32:22 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jul 08 2011 19:14:25 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Jul 09 2011 20:11:26 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Zeile gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userId", "b0837798-189c-445d-8cea-f9628e5eac06");
Zeile gelöscht : user_pref("avg.install.userHPSettings", "hxxp://mixidj.delta-search.com/?affID=121139&babsrc=HP_ss&mntrId=FE98964CE5630FF3");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "MyAshampoo Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://mixidj.delta-search.com/?affID=121139&babsrc=HP_ss&mntrId=FE98964CE5630FF3");
Zeile gelöscht : user_pref("extensions.mixidj.tlbrId", "mdelta");
*************************
AdwCleaner[R0].txt - [20790 octets] - [08/01/2014 00:17:25]
AdwCleaner[S0].txt - [18376 octets] - [08/01/2014 00:20:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18437 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Melanie on 08.01.2014 at 0:34:52,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4171608714-3049288231-3826949010-1000\Software\sweetim
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{019FFC38-C5C7-4DAE-A2C6-50DC1319DDB9}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{01B42FD6-7BF2-4A6E-A7BF-34CEA8B274F3}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{01B6E47B-6080-4D41-A94C-F39898479BBE}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{021FDCBF-5492-491A-8F3B-43740236B9AE}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{038D13D4-D03A-453D-B77A-11EFD357AD4B}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{07A5ECD2-B320-4CEA-8E20-C4DB2EAF73C8}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{0D66980E-4E1B-4D78-A20B-A4537BF11F16}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{0DD75C8F-E8AD-4D11-A2C1-764318B8414F}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{0ED96F72-921C-4712-9447-064A96BDCD47}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{106497EC-F5CC-4DF0-B0F2-0A58C834A200}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{16A746D3-D491-411A-8C8D-7E047424F703}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{16BA370D-A1E1-4973-A925-9ABA5A395388}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{181DCD4C-632E-40E8-ADC2-5C03A0B7BB31}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{196D5002-6991-4730-8E1F-2563352A2863}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{198337BB-195A-4853-A05F-DB6FE762E70D}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{1A85A944-8683-4B61-8EE6-7FBFB3A5032D}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{1E0F61B0-9F21-4B53-95EF-92943CD93EAE}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{20CF7EC1-E04A-4984-A7DC-CF81AD5D0EB7}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{22604D86-F206-4505-BB9D-36494E43C485}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{23AE0800-2422-4C10-A07E-B94A08C05395}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{2537DDC2-A979-4229-A314-D10CBA6766B3}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{262078E9-179A-4705-8257-0AAC7B88404C}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{2A62BBCA-B488-42E8-848F-AA12327161DF}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{2A93B279-D3FE-4281-94C4-BC22DAACC5A2}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{2C081309-9B50-4533-AD54-C29326DC3716}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{32FFF0FC-F9EB-4808-B4AB-D74F57BD9A7F}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{3DB6B94F-4722-4176-B3D5-20E017CDD20F}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{4D36B5A5-D833-41F9-9754-8C867DF31F47}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{52B72984-FAAE-4792-9820-86051C1DCB63}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{583C049C-08F8-457B-BBD3-F64F22371EC8}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{58D0141E-6D13-4F37-AB91-B8A7868565A4}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{58E95DE4-74EB-4B6E-85A6-BFD6C8C1C66B}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{5EC64F71-31E1-49EC-9EAE-BE6C7C63CB6D}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{6072F0ED-38C0-4233-8020-80CDD995CC60}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{61DD63A5-F708-465E-9589-C57750554488}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{62EE477A-20FF-4B42-9D9A-A43255AA1521}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{650310F2-0C35-420A-8A82-187E8BB445B8}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{6527A206-77CB-4A33-BA73-C6D8D3C7986E}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{68C94985-0DF3-4CD8-A2C1-A004B99F40F2}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{715271AE-D44E-4E2A-86C0-B3DE239A83BC}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{719E97E6-6F8E-404B-BEFA-0EF2D489091A}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{71F07BCC-5B7B-40BC-B2BA-F89915503309}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{746B3CBC-D4B1-4EDE-8603-9382271EF2D5}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{7B11AAF2-3BBE-4C70-ABE9-BAAB8A5E5D21}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{82733057-376C-4C72-9091-211BE1E8C8E3}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{8273389E-C977-4034-8341-256B2BCB94F5}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{848C1EBD-8B1C-41AB-8264-0D90A33F8651}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{8726D9DD-B715-4C58-9B59-F7F5F0120434}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{8E53F004-2554-4A9E-BD37-3023175F6DAB}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{8EC09482-0BD7-40F8-A6E4-B9948272FC01}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{90AB465D-B17D-4AAA-AC82-08D67168D8EB}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{966AF3B9-6820-495F-8BE2-E1C9A6A478A5}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{971D2FD9-C4EA-4367-9ACE-00188A5FEF79}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{9CBE48F2-C719-4A09-9C8B-10E27FDD635A}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{9CCD5146-AE62-410F-82C0-25BBC06F8AA1}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{9FE8FF7D-3A58-475E-B87B-B14BE01AAA36}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{A2FDAB68-84F3-4F47-901F-A87F2EA60647}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{A48F5113-BB63-42AB-88F8-CC556BD9BE13}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{AA9AFE41-532C-4176-AA11-9AAD6B4DCE39}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{AD057798-9258-4C37-B777-E1820F2F4288}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{AD37376A-3B89-498C-8FA3-4014D07FA8DC}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{ADFE457A-BE32-4BB2-93C2-6FCB8460CA10}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{AF4780ED-6CE4-4558-952C-D172AE8725E5}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{B4EA8661-64B8-46C9-B768-DC50F53DDC1F}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{B697A10B-94EF-4E15-96AB-98D4223CE99E}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{B798D81D-232F-449E-A3B1-2D7B292009FC}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{B9829C91-850A-4709-AC50-C499ABB3A6CB}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{BB6138CF-9B42-4B3C-8DBE-64A1B5FF4F0F}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{BBE0FE1D-B5C4-4B0B-BAF3-E0079F2C7FCF}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{C610A2F7-84DD-4A34-8889-94D3CBFCA322}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{C64DCC45-F9E9-4314-8733-44E355123342}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{C80208EB-C0F8-4763-B101-3C283AC9F756}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{CAE60662-FC3E-4C29-B0D8-C5B0A09A47B0}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{D52EC0DC-CBD3-4454-A77A-B82DE2D3AA07}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{D72C0076-4568-4CD7-A63C-793C4F33A317}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{D826BCB9-804B-4F05-840D-59EFEC02F9F6}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{DB40453A-C167-4DC3-90BE-DE714E532CE7}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{DC83BC5B-0C52-4393-889D-41DFB233180C}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{DE0E5FE3-0872-4791-99FF-82F727B63272}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{E3F54513-4856-4C51-B1E3-E1034A03EBF3}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{E774EEFE-9004-4179-9081-AB098E9C9270}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{E800A364-0DC1-4A0C-8838-3B0C3C501516}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{E9034D4C-4BB4-482C-BAD0-7E9A81DB52F5}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{EDF01DAB-140D-444E-A6D8-46ED47E4CDB6}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{EE9C350B-57A1-4A65-A802-B165D4A34F01}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{F008A092-478D-4D08-AC3C-3BDD27B1A032}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{F0ACEBC0-9F80-465C-88FC-5BDB459E2A4B}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{F4066FE3-F3CE-4E54-B9F7-5DBFF819D54B}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{F779457E-E697-41F2-A0A3-33BB06AC6A9C}
Successfully deleted: [Empty Folder] C:\Users\Melanie\appdata\local\{FB252F0E-57E5-4C53-92A5-3A6C82A2C3CA}
~~~ FireFox
Emptied folder: C:\Users\Melanie\AppData\Roaming\mozilla\firefox\profiles\3ewt8rrh.default\minidumps [631 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.01.2014 at 0:47:09,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Melanie (administrator) on KID on 08-01-2014 00:54:18
Running from C:\Users\Melanie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\DCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
() C:\Program Files (x86)\maxdome\DCBin\DCTrayApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(SAMSUNG ELECTRONICS) C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2779024 2011-03-15] (CANON INC.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [SMSTray] - C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKCU\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk
ShortcutTarget: PMB Medien-Prüfung.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE362DE362
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxTrick - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}
FF Extension: Amazon 1Button App for Firefox - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Extensions\abb@amazon.com.xpi
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-06-01] (Adobe Systems)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [908856 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 Prosieben; C:\Program Files (x86)\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2012-03-01] (Synaptics Incorporated)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-08 00:53 - 2014-01-08 00:53 - 00000000 ____D C:\Users\Melanie\Desktop\FRST-OlderVersion
2014-01-08 00:47 - 2014-01-08 00:47 - 00010674 _____ C:\Users\Melanie\Desktop\JRT.txt
2014-01-08 00:34 - 2014-01-08 00:34 - 00000000 ____D C:\Windows\ERUNT
2014-01-08 00:32 - 2014-01-08 00:32 - 01036305 _____ (Thisisu) C:\Users\Melanie\Desktop\JRT.exe
2014-01-08 00:17 - 2014-01-08 00:21 - 00000000 ____D C:\AdwCleaner
2014-01-08 00:16 - 2014-01-08 00:16 - 01233962 _____ C:\Users\Melanie\Desktop\adwcleaner.exe
2014-01-07 23:43 - 2014-01-07 23:43 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\Malwarebytes
2014-01-07 23:42 - 2014-01-07 23:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-07 23:42 - 2014-01-07 23:42 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-07 23:42 - 2014-01-07 23:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-07 23:42 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-07 23:41 - 2014-01-07 23:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Melanie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-07 12:30 - 2014-01-07 12:30 - 00000000 ____D C:\Users\Melanie\Desktop\Neuer Ordner (2)
2014-01-06 23:45 - 2014-01-06 23:45 - 00032202 _____ C:\ComboFix.txt
2014-01-06 23:26 - 2014-01-06 23:45 - 00000000 ____D C:\Qoobox
2014-01-06 23:26 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-06 23:26 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-06 23:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-06 23:23 - 2014-01-06 23:42 - 00000000 ____D C:\Windows\erdnt
2014-01-06 23:18 - 2014-01-06 23:19 - 05160001 ____R (Swearware) C:\Users\Melanie\Desktop\ComboFix.exe
2014-01-06 08:48 - 2014-01-06 08:48 - 00002466 _____ C:\Users\Melanie\Desktop\Ereignisse.txt
2014-01-05 22:56 - 2014-01-05 22:56 - 00005262 _____ C:\Users\Melanie\Desktop\Gmer.txt
2014-01-05 22:44 - 2014-01-05 22:44 - 00377856 _____ C:\Users\Melanie\Desktop\gmer_2.1.19163.exe
2014-01-05 22:40 - 2014-01-05 22:41 - 00033381 _____ C:\Users\Melanie\Desktop\Addition.txt
2014-01-05 22:38 - 2014-01-08 00:54 - 00018018 _____ C:\Users\Melanie\Desktop\FRST.txt
2014-01-05 22:37 - 2014-01-08 00:53 - 00000000 ____D C:\FRST
2014-01-05 22:36 - 2014-01-08 00:53 - 01931762 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-01-05 22:35 - 2014-01-05 22:43 - 00000476 _____ C:\Users\Melanie\Desktop\defogger_disable.log
2014-01-05 22:35 - 2014-01-05 22:35 - 00000000 _____ C:\Users\Melanie\defogger_reenable
2014-01-05 22:33 - 2014-01-05 22:33 - 00050477 _____ C:\Users\Melanie\Desktop\Defogger.exe
2013-12-28 18:56 - 2013-12-28 18:56 - 00551488 _____ C:\Windows\Minidump\122813-34679-01.dmp
2013-12-24 22:03 - 2014-01-07 08:28 - 00000000 ____D C:\Users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-24 22:03 - 2013-12-24 22:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-24 21:54 - 2014-01-04 21:40 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-24 21:53 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAW.DLL
2013-12-24 21:49 - 2013-12-24 21:49 - 00002083 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2013-12-24 21:49 - 2013-12-24 21:49 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2013-12-24 21:47 - 2013-12-24 21:47 - 00000000 ____D C:\Program Files\Canon
2013-12-24 21:46 - 2013-12-24 21:46 - 00002364 _____ C:\Users\Public\Desktop\Canon iP4900 series Online-Handbuch.lnk
2013-12-24 21:45 - 2013-12-24 21:45 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 21:44 - 2013-12-24 21:44 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 21:44 - 2011-02-03 09:20 - 00256000 _____ (CANON INC.) C:\Windows\system32\CNMIUAW.DLL
2013-12-24 19:56 - 2013-12-25 21:45 - 00000789 _____ C:\Users\Melanie\AppData\Local\cookies.ini
2013-12-24 19:56 - 2013-12-24 19:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\cache
2013-12-24 19:55 - 2013-12-24 19:55 - 00001213 _____ C:\Users\Melanie\Desktop\VTech Download Manager.lnk
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\ProgramData\VTech
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\Program Files (x86)\VTech
2013-12-22 03:29 - 2013-12-22 03:29 - 00002960 _____ C:\Windows\System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F}
2013-12-22 03:23 - 2012-09-27 15:33 - 00934784 _____ (CANON INC.) C:\Users\Melanie\WirelessCameraConnectionSetting.exe
2013-12-21 00:50 - 2013-12-21 00:50 - 00001151 _____ C:\Users\Melanie\Desktop\MyCamera.lnk
2013-12-21 00:48 - 2013-12-21 01:06 - 00000000 ____D C:\Users\Melanie\Documents\Canon Utilities
2013-12-21 00:02 - 2013-12-21 00:02 - 00000000 ____D C:\Users\Public\Documents\Canon MyCameraFiles
2013-12-20 23:58 - 2013-12-21 00:00 - 62808100 _____ C:\Users\Melanie\Downloads\cdw-inst-8-8-0-17-u01-9l.zip
2013-12-20 01:43 - 2013-12-20 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 21:40 - 2013-12-14 21:40 - 00000000 ____D C:\1d2bcc69de0586588798b18195a5
2013-12-13 13:14 - 2013-12-13 13:14 - 00002106 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-12-13 09:26 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-13 09:26 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 09:26 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-13 09:26 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 09:20 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 09:20 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 09:20 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-13 09:20 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-13 09:20 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-13 09:20 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 09:20 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-13 09:20 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-13 09:20 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-12 18:46 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 18:46 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 18:46 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 18:46 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 18:46 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 18:46 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 18:46 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 18:46 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 18:46 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 18:46 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 18:46 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 18:46 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 18:46 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 18:46 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 18:46 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 18:46 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 18:46 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 18:46 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 18:46 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 21:11 - 2013-12-11 21:11 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2013-12-09 23:38 - 2013-12-09 23:38 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2013-12-09 23:38 - 2013-12-09 23:38 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2013-12-09 23:37 - 2013-12-09 23:37 - 00000000 ____D C:\ProgramData\Sony Mobile
2013-12-09 23:36 - 2013-12-09 23:36 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2013-12-09 23:34 - 2013-12-13 13:17 - 00323898 _____ C:\Windows\DPINST.LOG
2013-12-09 23:31 - 2013-12-09 23:31 - 00000000 ____D C:\ProgramData\Sony
2013-12-09 23:08 - 2013-12-09 23:08 - 02084951 _____ C:\Users\Melanie\Downloads\userguide_DE_C1904-C1905_1_Android4.1.pdf.zip
==================== One Month Modified Files and Folders =======
2014-01-08 00:55 - 2014-01-05 22:38 - 00018018 _____ C:\Users\Melanie\Desktop\FRST.txt
2014-01-08 00:53 - 2014-01-08 00:53 - 00000000 ____D C:\Users\Melanie\Desktop\FRST-OlderVersion
2014-01-08 00:53 - 2014-01-05 22:37 - 00000000 ____D C:\FRST
2014-01-08 00:53 - 2014-01-05 22:36 - 01931762 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-01-08 00:51 - 2009-11-25 06:49 - 01412588 _____ C:\Windows\WindowsUpdate.log
2014-01-08 00:47 - 2014-01-08 00:47 - 00010674 _____ C:\Users\Melanie\Desktop\JRT.txt
2014-01-08 00:34 - 2014-01-08 00:34 - 00000000 ____D C:\Windows\ERUNT
2014-01-08 00:33 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-08 00:33 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-08 00:32 - 2014-01-08 00:32 - 01036305 _____ (Thisisu) C:\Users\Melanie\Desktop\JRT.exe
2014-01-08 00:27 - 2010-02-27 00:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-08 00:26 - 2013-05-14 12:18 - 00000430 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-08 00:23 - 2013-10-11 08:11 - 00012207 _____ C:\Windows\setupact.log
2014-01-08 00:23 - 2010-02-27 00:12 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-08 00:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-08 00:21 - 2014-01-08 00:17 - 00000000 ____D C:\AdwCleaner
2014-01-08 00:19 - 2012-07-17 21:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-08 00:16 - 2014-01-08 00:16 - 01233962 _____ C:\Users\Melanie\Desktop\adwcleaner.exe
2014-01-08 00:07 - 2013-10-11 08:10 - 00124652 _____ C:\Windows\PFRO.log
2014-01-08 00:01 - 2010-01-11 12:04 - 00000000 ___RD C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-07 23:43 - 2014-01-07 23:43 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\Malwarebytes
2014-01-07 23:43 - 2014-01-07 23:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-07 23:42 - 2014-01-07 23:42 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-07 23:42 - 2014-01-07 23:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-07 23:41 - 2014-01-07 23:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Melanie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-07 17:53 - 2013-03-14 22:17 - 00000000 ____D C:\Users\Melanie\Desktop\CAKE-BABY
2014-01-07 12:30 - 2014-01-07 12:30 - 00000000 ____D C:\Users\Melanie\Desktop\Neuer Ordner (2)
2014-01-07 12:08 - 2009-11-25 15:36 - 00697098 _____ C:\Windows\system32\perfh007.dat
2014-01-07 12:08 - 2009-11-25 15:36 - 00148362 _____ C:\Windows\system32\perfc007.dat
2014-01-07 12:08 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 08:49 - 2013-11-27 08:14 - 00237983 _____ C:\Windows\IE11_main.log
2014-01-07 08:41 - 2011-01-21 20:58 - 00000000 ___RD C:\Users\Melanie\Desktop\musik
2014-01-07 08:38 - 2010-01-12 01:13 - 00004124 _____ C:\Users\Melanie\AppData\Roaming\wklnhst.dat
2014-01-07 08:38 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-07 08:28 - 2013-12-24 22:03 - 00000000 ____D C:\Users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-06 23:45 - 2014-01-06 23:45 - 00032202 _____ C:\ComboFix.txt
2014-01-06 23:45 - 2014-01-06 23:26 - 00000000 ____D C:\Qoobox
2014-01-06 23:42 - 2014-01-06 23:23 - 00000000 ____D C:\Windows\erdnt
2014-01-06 23:42 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-06 23:19 - 2014-01-06 23:18 - 05160001 ____R (Swearware) C:\Users\Melanie\Desktop\ComboFix.exe
2014-01-06 08:48 - 2014-01-06 08:48 - 00002466 _____ C:\Users\Melanie\Desktop\Ereignisse.txt
2014-01-05 22:56 - 2014-01-05 22:56 - 00005262 _____ C:\Users\Melanie\Desktop\Gmer.txt
2014-01-05 22:44 - 2014-01-05 22:44 - 00377856 _____ C:\Users\Melanie\Desktop\gmer_2.1.19163.exe
2014-01-05 22:43 - 2014-01-05 22:35 - 00000476 _____ C:\Users\Melanie\Desktop\defogger_disable.log
2014-01-05 22:41 - 2014-01-05 22:40 - 00033381 _____ C:\Users\Melanie\Desktop\Addition.txt
2014-01-05 22:35 - 2014-01-05 22:35 - 00000000 _____ C:\Users\Melanie\defogger_reenable
2014-01-05 22:35 - 2010-01-11 12:04 - 00000000 ____D C:\Users\Melanie
2014-01-05 22:33 - 2014-01-05 22:33 - 00050477 _____ C:\Users\Melanie\Desktop\Defogger.exe
2014-01-05 21:26 - 2012-06-15 23:32 - 00696832 ___SH C:\Users\Melanie\Desktop\Thumbs.db
2014-01-05 14:00 - 2010-09-09 12:35 - 00000000 ____D C:\Users\Melanie\Desktop\max
2014-01-04 22:07 - 2010-03-03 06:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\Paint.NET
2014-01-04 21:40 - 2013-12-24 21:54 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-01-01 18:53 - 2012-08-10 10:00 - 00000294 _____ C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2013-12-28 18:56 - 2013-12-28 18:56 - 00551488 _____ C:\Windows\Minidump\122813-34679-01.dmp
2013-12-28 18:56 - 2013-10-23 15:32 - 340431824 _____ C:\Windows\MEMORY.DMP
2013-12-28 18:56 - 2011-09-14 19:39 - 00000000 ____D C:\Windows\Minidump
2013-12-25 21:45 - 2013-12-24 19:56 - 00000789 _____ C:\Users\Melanie\AppData\Local\cookies.ini
2013-12-24 22:03 - 2013-12-24 22:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-24 21:59 - 2013-12-02 18:07 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\canon
2013-12-24 21:50 - 2010-01-12 10:26 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-24 21:49 - 2013-12-24 21:49 - 00002083 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2013-12-24 21:49 - 2013-12-24 21:49 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2013-12-24 21:47 - 2013-12-24 21:47 - 00000000 ____D C:\Program Files\Canon
2013-12-24 21:46 - 2013-12-24 21:46 - 00002364 _____ C:\Users\Public\Desktop\Canon iP4900 series Online-Handbuch.lnk
2013-12-24 21:45 - 2013-12-24 21:45 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 21:44 - 2013-12-24 21:44 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 19:56 - 2013-12-24 19:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\cache
2013-12-24 19:55 - 2013-12-24 19:55 - 00001213 _____ C:\Users\Melanie\Desktop\VTech Download Manager.lnk
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\ProgramData\VTech
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\Program Files (x86)\VTech
2013-12-22 03:29 - 2013-12-22 03:29 - 00002960 _____ C:\Windows\System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F}
2013-12-22 01:20 - 2013-12-02 21:27 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\CANON INC
2013-12-21 10:04 - 2012-11-28 01:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 01:06 - 2013-12-21 00:48 - 00000000 ____D C:\Users\Melanie\Documents\Canon Utilities
2013-12-21 00:50 - 2013-12-21 00:50 - 00001151 _____ C:\Users\Melanie\Desktop\MyCamera.lnk
2013-12-21 00:02 - 2013-12-21 00:02 - 00000000 ____D C:\Users\Public\Documents\Canon MyCameraFiles
2013-12-21 00:00 - 2013-12-20 23:58 - 62808100 _____ C:\Users\Melanie\Downloads\cdw-inst-8-8-0-17-u01-9l.zip
2013-12-20 01:43 - 2013-12-20 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 21:40 - 2013-12-14 21:40 - 00000000 ____D C:\1d2bcc69de0586588798b18195a5
2013-12-14 21:40 - 2010-01-13 01:02 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 13:17 - 2013-12-09 23:34 - 00323898 _____ C:\Windows\DPINST.LOG
2013-12-13 13:14 - 2013-12-13 13:14 - 00002106 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-12-13 13:13 - 2009-10-28 18:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-13 09:55 - 2009-07-14 05:45 - 00359384 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-13 09:26 - 2009-10-29 06:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 12:55 - 2013-05-02 09:26 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 12:55 - 2013-03-21 13:43 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 12:55 - 2013-03-21 13:43 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-11 21:11 - 2013-12-11 21:11 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 21:11 - 2012-07-17 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 21:11 - 2012-07-17 21:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 21:11 - 2011-05-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2013-12-09 23:38 - 2013-12-09 23:38 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2013-12-09 23:38 - 2013-12-09 23:38 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2013-12-09 23:37 - 2013-12-09 23:37 - 00000000 ____D C:\ProgramData\Sony Mobile
2013-12-09 23:36 - 2013-12-09 23:36 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2013-12-09 23:31 - 2013-12-09 23:31 - 00000000 ____D C:\ProgramData\Sony
2013-12-09 23:31 - 2010-01-12 09:48 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-09 23:08 - 2013-12-09 23:08 - 02084951 _____ C:\Users\Melanie\Downloads\userguide_DE_C1904-C1905_1_Android4.1.pdf.zip
2013-12-09 00:30 - 2013-05-20 20:41 - 02553344 ___SH C:\Users\Melanie\Documents\Thumbs.db
Files to move or delete:
====================
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Users\Melanie\WirelessCameraConnectionSetting.exe
Some content of TEMP:
====================
C:\Users\Melanie\AppData\Local\Temp\avgnt.exe
C:\Users\Melanie\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2010-11-07 21:27
==================== End Of Log ============================
--- --- --- Geändert von gawer (08.01.2014 um 01:01 Uhr) Grund: So. ich hoffe alles ist sowet korrekt |
|
08.01.2014, 12:16
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. |
|
09.01.2014, 23:20
| #7 |
| | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. Hey schrauber, bin heute leider beruflich verhindert, reiche die Logfiles heute abend nach. Die Meldung ist übrigens weg und er läuft nicht mehr so holprig, bis jetzt alles super von dir, Danke nochmal!!!! Also sorry, bekommst die Daten heute abend Gruß Gawer Hey, Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=bcdd767c25c0be4e88379c46df12f11b
# engine=16577
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-09 01:13:15
# local_time=2014-01-09 02:13:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 8095890 140903045 0 0
# scanned=223214
# found=1
# cleaned=0
# scan_time=10602
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
Code:
ATTFilter Results of screen317's Security Check version 0.99.78 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java 7 Update 45 Adobe Flash Player 11.9.900.170 Adobe Reader XI Mozilla Firefox (26.0) Mozilla Thunderbird (17.0.8) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-01-2014
Ran by Melanie (administrator) on KID on 09-01-2014 23:17:00
Running from C:\Users\Melanie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\DCService.exe
(Systweak Inc) C:\Program Files (x86)\Advanced Driver Updater\adu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
() C:\Program Files (x86)\maxdome\DCBin\DCTrayApp.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(SAMSUNG ELECTRONICS) C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2779024 2011-03-15] (CANON INC.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [SMSTray] - C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKCU\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk
ShortcutTarget: PMB Medien-Prüfung.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE362DE362
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxTrick - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}
FF Extension: Amazon 1Button App for Firefox - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Extensions\abb@amazon.com.xpi
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-06-01] (Adobe Systems)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [908856 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 Prosieben; C:\Program Files (x86)\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2012-03-01] (Synaptics Incorporated)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-09 23:04 - 2014-01-09 23:04 - 00987410 _____ C:\Users\Melanie\Desktop\SecurityCheck.exe
2014-01-08 11:13 - 2014-01-09 22:49 - 00003156 _____ C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-01-08 11:13 - 2014-01-08 11:13 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\Systweak
2014-01-08 00:53 - 2014-01-09 23:16 - 00000000 ____D C:\Users\Melanie\Desktop\FRST-OlderVersion
2014-01-08 00:47 - 2014-01-08 00:47 - 00010674 _____ C:\Users\Melanie\Desktop\JRT.txt
2014-01-08 00:34 - 2014-01-08 00:34 - 00000000 ____D C:\Windows\ERUNT
2014-01-08 00:32 - 2014-01-08 00:32 - 01036305 _____ (Thisisu) C:\Users\Melanie\Desktop\JRT.exe
2014-01-08 00:17 - 2014-01-08 00:21 - 00000000 ____D C:\AdwCleaner
2014-01-08 00:16 - 2014-01-08 00:16 - 01233962 _____ C:\Users\Melanie\Desktop\adwcleaner.exe
2014-01-07 23:43 - 2014-01-07 23:43 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\Malwarebytes
2014-01-07 23:42 - 2014-01-07 23:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-07 23:42 - 2014-01-07 23:42 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-07 23:42 - 2014-01-07 23:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-07 23:42 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-07 23:41 - 2014-01-07 23:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Melanie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-07 12:30 - 2014-01-07 12:30 - 00000000 ____D C:\Users\Melanie\Desktop\Neuer Ordner (2)
2014-01-06 23:45 - 2014-01-06 23:45 - 00032202 _____ C:\ComboFix.txt
2014-01-06 23:26 - 2014-01-06 23:45 - 00000000 ____D C:\Qoobox
2014-01-06 23:26 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-06 23:26 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-06 23:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-06 23:26 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-06 23:23 - 2014-01-06 23:42 - 00000000 ____D C:\Windows\erdnt
2014-01-06 23:18 - 2014-01-06 23:19 - 05160001 ____R (Swearware) C:\Users\Melanie\Desktop\ComboFix.exe
2014-01-06 08:48 - 2014-01-06 08:48 - 00002466 _____ C:\Users\Melanie\Desktop\Ereignisse.txt
2014-01-05 22:56 - 2014-01-05 22:56 - 00005262 _____ C:\Users\Melanie\Desktop\Gmer.txt
2014-01-05 22:44 - 2014-01-05 22:44 - 00377856 _____ C:\Users\Melanie\Desktop\gmer_2.1.19163.exe
2014-01-05 22:40 - 2014-01-05 22:41 - 00033381 _____ C:\Users\Melanie\Desktop\Addition.txt
2014-01-05 22:38 - 2014-01-09 23:17 - 00018151 _____ C:\Users\Melanie\Desktop\FRST.txt
2014-01-05 22:37 - 2014-01-09 23:16 - 00000000 ____D C:\FRST
2014-01-05 22:36 - 2014-01-09 23:16 - 01931772 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-01-05 22:35 - 2014-01-05 22:43 - 00000476 _____ C:\Users\Melanie\Desktop\defogger_disable.log
2014-01-05 22:35 - 2014-01-05 22:35 - 00000000 _____ C:\Users\Melanie\defogger_reenable
2014-01-05 22:33 - 2014-01-05 22:33 - 00050477 _____ C:\Users\Melanie\Desktop\Defogger.exe
2013-12-28 18:56 - 2013-12-28 18:56 - 00551488 _____ C:\Windows\Minidump\122813-34679-01.dmp
2013-12-24 22:03 - 2014-01-07 08:28 - 00000000 ____D C:\Users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-24 22:03 - 2013-12-24 22:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-24 21:54 - 2014-01-04 21:40 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-24 21:53 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAW.DLL
2013-12-24 21:49 - 2013-12-24 21:49 - 00002083 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2013-12-24 21:49 - 2013-12-24 21:49 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2013-12-24 21:47 - 2013-12-24 21:47 - 00000000 ____D C:\Program Files\Canon
2013-12-24 21:46 - 2013-12-24 21:46 - 00002364 _____ C:\Users\Public\Desktop\Canon iP4900 series Online-Handbuch.lnk
2013-12-24 21:45 - 2013-12-24 21:45 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 21:44 - 2013-12-24 21:44 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 21:44 - 2011-02-03 09:20 - 00256000 _____ (CANON INC.) C:\Windows\system32\CNMIUAW.DLL
2013-12-24 19:56 - 2013-12-25 21:45 - 00000789 _____ C:\Users\Melanie\AppData\Local\cookies.ini
2013-12-24 19:56 - 2013-12-24 19:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\cache
2013-12-24 19:55 - 2013-12-24 19:55 - 00001213 _____ C:\Users\Melanie\Desktop\VTech Download Manager.lnk
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\ProgramData\VTech
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\Program Files (x86)\VTech
2013-12-22 03:29 - 2013-12-22 03:29 - 00002960 _____ C:\Windows\System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F}
2013-12-22 03:23 - 2012-09-27 15:33 - 00934784 _____ (CANON INC.) C:\Users\Melanie\WirelessCameraConnectionSetting.exe
2013-12-21 00:50 - 2013-12-21 00:50 - 00001151 _____ C:\Users\Melanie\Desktop\MyCamera.lnk
2013-12-21 00:48 - 2013-12-21 01:06 - 00000000 ____D C:\Users\Melanie\Documents\Canon Utilities
2013-12-21 00:02 - 2013-12-21 00:02 - 00000000 ____D C:\Users\Public\Documents\Canon MyCameraFiles
2013-12-20 23:58 - 2013-12-21 00:00 - 62808100 _____ C:\Users\Melanie\Downloads\cdw-inst-8-8-0-17-u01-9l.zip
2013-12-20 01:43 - 2013-12-20 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 21:40 - 2013-12-14 21:40 - 00000000 ____D C:\1d2bcc69de0586588798b18195a5
2013-12-13 13:14 - 2013-12-13 13:14 - 00002106 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-12-13 09:26 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-13 09:26 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 09:26 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-13 09:26 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 09:20 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 09:20 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 09:20 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-13 09:20 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-13 09:20 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-13 09:20 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 09:20 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-13 09:20 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-13 09:20 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-12 18:46 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 18:46 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 18:46 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 18:46 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 18:46 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 18:46 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 18:46 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 18:46 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 18:46 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 18:46 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 18:46 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 18:46 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 18:46 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 18:46 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 18:46 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 18:46 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 18:46 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 18:46 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 18:46 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 21:11 - 2013-12-11 21:11 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
2014-01-09 23:19 - 2012-07-17 21:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-09 23:18 - 2014-01-05 22:38 - 00018151 _____ C:\Users\Melanie\Desktop\FRST.txt
2014-01-09 23:16 - 2014-01-08 00:53 - 00000000 ____D C:\Users\Melanie\Desktop\FRST-OlderVersion
2014-01-09 23:16 - 2014-01-05 22:37 - 00000000 ____D C:\FRST
2014-01-09 23:16 - 2014-01-05 22:36 - 01931772 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-01-09 23:04 - 2014-01-09 23:04 - 00987410 _____ C:\Users\Melanie\Desktop\SecurityCheck.exe
2014-01-09 22:58 - 2009-11-25 06:49 - 01573603 _____ C:\Windows\WindowsUpdate.log
2014-01-09 22:55 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-09 22:55 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-09 22:49 - 2014-01-08 11:13 - 00003156 _____ C:\Windows\System32\Tasks\AdvancedDriverUpdaterRunAtStartup
2014-01-09 22:48 - 2013-05-14 12:18 - 00000430 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-09 22:46 - 2012-06-15 23:32 - 00696832 ___SH C:\Users\Melanie\Desktop\Thumbs.db
2014-01-09 22:45 - 2013-10-11 08:11 - 00012375 _____ C:\Windows\setupact.log
2014-01-09 22:45 - 2012-08-10 10:00 - 00000294 _____ C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2014-01-09 22:45 - 2010-02-27 00:12 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-09 22:45 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-09 18:46 - 2010-02-27 00:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 11:14 - 2009-11-25 15:36 - 00697098 _____ C:\Windows\system32\perfh007.dat
2014-01-09 11:14 - 2009-11-25 15:36 - 00148362 _____ C:\Windows\system32\perfc007.dat
2014-01-09 11:14 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 08:08 - 2013-11-27 08:14 - 00255576 _____ C:\Windows\IE11_main.log
2014-01-08 11:13 - 2014-01-08 11:13 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\Systweak
2014-01-08 11:13 - 2012-08-10 10:00 - 00003030 _____ C:\Windows\System32\Tasks\AdvancedDriverUpdater_UPDATES
2014-01-08 00:47 - 2014-01-08 00:47 - 00010674 _____ C:\Users\Melanie\Desktop\JRT.txt
2014-01-08 00:34 - 2014-01-08 00:34 - 00000000 ____D C:\Windows\ERUNT
2014-01-08 00:32 - 2014-01-08 00:32 - 01036305 _____ (Thisisu) C:\Users\Melanie\Desktop\JRT.exe
2014-01-08 00:21 - 2014-01-08 00:17 - 00000000 ____D C:\AdwCleaner
2014-01-08 00:16 - 2014-01-08 00:16 - 01233962 _____ C:\Users\Melanie\Desktop\adwcleaner.exe
2014-01-08 00:07 - 2013-10-11 08:10 - 00124652 _____ C:\Windows\PFRO.log
2014-01-08 00:01 - 2010-01-11 12:04 - 00000000 ___RD C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-07 23:43 - 2014-01-07 23:43 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\Malwarebytes
2014-01-07 23:43 - 2014-01-07 23:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-07 23:42 - 2014-01-07 23:42 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-07 23:42 - 2014-01-07 23:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-07 23:41 - 2014-01-07 23:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Melanie\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-07 17:53 - 2013-03-14 22:17 - 00000000 ____D C:\Users\Melanie\Desktop\CAKE-BABY
2014-01-07 12:30 - 2014-01-07 12:30 - 00000000 ____D C:\Users\Melanie\Desktop\Neuer Ordner (2)
2014-01-07 08:41 - 2011-01-21 20:58 - 00000000 ___RD C:\Users\Melanie\Desktop\musik
2014-01-07 08:38 - 2010-01-12 01:13 - 00004124 _____ C:\Users\Melanie\AppData\Roaming\wklnhst.dat
2014-01-07 08:38 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-07 08:28 - 2013-12-24 22:03 - 00000000 ____D C:\Users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-06 23:45 - 2014-01-06 23:45 - 00032202 _____ C:\ComboFix.txt
2014-01-06 23:45 - 2014-01-06 23:26 - 00000000 ____D C:\Qoobox
2014-01-06 23:42 - 2014-01-06 23:23 - 00000000 ____D C:\Windows\erdnt
2014-01-06 23:42 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-06 23:19 - 2014-01-06 23:18 - 05160001 ____R (Swearware) C:\Users\Melanie\Desktop\ComboFix.exe
2014-01-06 08:48 - 2014-01-06 08:48 - 00002466 _____ C:\Users\Melanie\Desktop\Ereignisse.txt
2014-01-05 22:56 - 2014-01-05 22:56 - 00005262 _____ C:\Users\Melanie\Desktop\Gmer.txt
2014-01-05 22:44 - 2014-01-05 22:44 - 00377856 _____ C:\Users\Melanie\Desktop\gmer_2.1.19163.exe
2014-01-05 22:43 - 2014-01-05 22:35 - 00000476 _____ C:\Users\Melanie\Desktop\defogger_disable.log
2014-01-05 22:41 - 2014-01-05 22:40 - 00033381 _____ C:\Users\Melanie\Desktop\Addition.txt
2014-01-05 22:35 - 2014-01-05 22:35 - 00000000 _____ C:\Users\Melanie\defogger_reenable
2014-01-05 22:35 - 2010-01-11 12:04 - 00000000 ____D C:\Users\Melanie
2014-01-05 22:33 - 2014-01-05 22:33 - 00050477 _____ C:\Users\Melanie\Desktop\Defogger.exe
2014-01-05 14:00 - 2010-09-09 12:35 - 00000000 ____D C:\Users\Melanie\Desktop\max
2014-01-04 22:07 - 2010-03-03 06:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\Paint.NET
2014-01-04 21:40 - 2013-12-24 21:54 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-28 18:56 - 2013-12-28 18:56 - 00551488 _____ C:\Windows\Minidump\122813-34679-01.dmp
2013-12-28 18:56 - 2013-10-23 15:32 - 340431824 _____ C:\Windows\MEMORY.DMP
2013-12-28 18:56 - 2011-09-14 19:39 - 00000000 ____D C:\Windows\Minidump
2013-12-25 21:45 - 2013-12-24 19:56 - 00000789 _____ C:\Users\Melanie\AppData\Local\cookies.ini
2013-12-24 22:03 - 2013-12-24 22:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-24 21:59 - 2013-12-02 18:07 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\canon
2013-12-24 21:50 - 2010-01-12 10:26 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-24 21:49 - 2013-12-24 21:49 - 00002083 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2013-12-24 21:49 - 2013-12-24 21:49 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2013-12-24 21:47 - 2013-12-24 21:47 - 00000000 ____D C:\Program Files\Canon
2013-12-24 21:46 - 2013-12-24 21:46 - 00002364 _____ C:\Users\Public\Desktop\Canon iP4900 series Online-Handbuch.lnk
2013-12-24 21:45 - 2013-12-24 21:45 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 21:44 - 2013-12-24 21:44 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 19:56 - 2013-12-24 19:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\cache
2013-12-24 19:55 - 2013-12-24 19:55 - 00001213 _____ C:\Users\Melanie\Desktop\VTech Download Manager.lnk
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\ProgramData\VTech
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\Program Files (x86)\VTech
2013-12-22 03:29 - 2013-12-22 03:29 - 00002960 _____ C:\Windows\System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F}
2013-12-22 01:20 - 2013-12-02 21:27 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\CANON INC
2013-12-21 10:04 - 2012-11-28 01:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 01:06 - 2013-12-21 00:48 - 00000000 ____D C:\Users\Melanie\Documents\Canon Utilities
2013-12-21 00:50 - 2013-12-21 00:50 - 00001151 _____ C:\Users\Melanie\Desktop\MyCamera.lnk
2013-12-21 00:02 - 2013-12-21 00:02 - 00000000 ____D C:\Users\Public\Documents\Canon MyCameraFiles
2013-12-21 00:00 - 2013-12-20 23:58 - 62808100 _____ C:\Users\Melanie\Downloads\cdw-inst-8-8-0-17-u01-9l.zip
2013-12-20 01:43 - 2013-12-20 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 21:40 - 2013-12-14 21:40 - 00000000 ____D C:\1d2bcc69de0586588798b18195a5
2013-12-14 21:40 - 2010-01-13 01:02 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-13 13:17 - 2013-12-09 23:34 - 00323898 _____ C:\Windows\DPINST.LOG
2013-12-13 13:14 - 2013-12-13 13:14 - 00002106 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-12-13 13:13 - 2009-10-28 18:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-13 09:55 - 2009-07-14 05:45 - 00359384 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-13 09:26 - 2009-10-29 06:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 12:55 - 2013-05-02 09:26 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 12:55 - 2013-03-21 13:43 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 12:55 - 2013-03-21 13:43 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-11 21:11 - 2013-12-11 21:11 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 21:11 - 2012-07-17 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 21:11 - 2012-07-17 21:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 21:11 - 2011-05-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Files to move or delete:
====================
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Users\Melanie\WirelessCameraConnectionSetting.exe
Some content of TEMP:
====================
C:\Users\Melanie\AppData\Local\Temp\avgnt.exe
C:\Users\Melanie\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2010-11-07 21:27
==================== End Of Log ============================
--- --- --- |
|
10.01.2014, 14:29
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\wavav0bdtzbtb43b.reg
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.01.2014, 01:21
| #9 |
| | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden.Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-01-2014
Ran by Melanie at 2014-01-11 00:04:46 Run:1
Running from C:\Users\Melanie\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\ProgramData\wavav0bdtzbtb43b.reg
*****************
C:\ProgramData\wavav0bdtzbtb43b.reg => Moved successfully.
==== End of Fixlog ====
|
|
11.01.2014, 15:28
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. |
| antivirus, canon, defender, device driver, entfernen, exp/cve-2013-2423.f.gen, exp/java.hlp.nz, flash player, icreinstall, installation, launch, malware.trace.e, minidump, mozilla, plug-in, pup.optional.babylon.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.iminent.a, pup.optional.installcore, pup.optional.mixidjtoolbar.a, pup.smspay.pns, realtek, security, services.exe, software, svchost.exe, tr/ransom.foreign.evtn, trojan.agent.tpl, win32/adware.yontoo.b, windows |
Linear-Darstellung
