| |
| |||||||
Log-Analyse und Auswertung: Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.01.2014, 08:58
| #1 |
| |  Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. Hallo, da ich nicht wirklich ein Computerexperte bin hoffe ich das ihr mir helfen könnt. Habe vor kurzem Bekanntschaft mit dem BkA-Virus gemacht. Habe mir in meiner Panik Programme runtergeladen um ihm zu entfernen , was auch geklappt (zumindest habe ich das gedacht) und danach alles vom Pc entfernt was damit zutun hat. Ich weiss, das ist alles nicht sonderlich clever gewesen. Augenscheinlich funktioniert wieder alles und es gibt keine Beeinträchtigungen außer halt diese Meldung beim hochfahren.Aber ich bin Laie und habe keine Ahnung. Ich hoffe ihr könnt mir helfen. Anbei die geforderten Logfiles laut eurer Anleitung MfG Gawer Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:43 on 05/01/2014 (Melanie)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Melanie (administrator) on KID on 05-01-2014 22:38:01
Running from C:\Users\Melanie\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\DCService.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
() C:\Program Files (x86)\maxdome\DCBin\DCTrayApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(SAMSUNG ELECTRONICS) C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2779024 2011-03-15] (CANON INC.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [NPSStartup] - [x]
HKLM-x32\...\Run: [SMSTray] - C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKCU\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\Melanie\AppData\Local\Temp\rdfpwjhivygsvnnur.exe <===== ATTENTION
HKCU\...\Run: [Nero MediaHome 4] - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Command Processor: "C:\Users\Melanie\AppData\Local\Temp\rdfpwjhivygsvnnur.exe" <======= ATTENTION
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {9d1b30e7-603b-11e3-bfc2-00262d9bc414} - E:\Startme.exe
MountPoints2: {f8587243-63e7-11e3-ba0f-806e6f6e6963} - E:\Startme.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk
ShortcutTarget: PMB Medien-Prüfung.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
ShortcutTarget: regmonstd.lnk -> C:\Users\Melanie\AppData\Local\Temp\b34btbztdb0vavaw.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7736&r=27360110g116l0368z185t58m1a091
URLSearchHook: HKLM-x32 - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKCU - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE362DE362
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121139&babsrc=SP_ss&mntrId=FE98964CE5630FF3
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE362DE362
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default
FF user.js: detected! => C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\user.js
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://mixidj.delta-search.com/?affID=121139&babsrc=HP_ss&mntrId=FE98964CE5630FF3
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FoxTrick - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}
FF Extension: Amazon 1Button App for Firefox - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\3ewt8rrh.default\Extensions\abb@amazon.com.xpi
FF Extension: Yahoo! Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-06-01] (Adobe Systems)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [908856 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 Prosieben; C:\Program Files (x86)\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2012-03-01] (Synaptics Incorporated)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-05 22:38 - 2014-01-05 22:39 - 00020642 _____ C:\Users\Melanie\Desktop\FRST.txt
2014-01-05 22:37 - 2014-01-05 22:37 - 00000000 ____D C:\FRST
2014-01-05 22:36 - 2014-01-05 22:37 - 01931368 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-01-05 22:35 - 2014-01-05 22:35 - 00000476 _____ C:\Users\Melanie\Desktop\defogger_disable.log
2014-01-05 22:35 - 2014-01-05 22:35 - 00000000 _____ C:\Users\Melanie\defogger_reenable
2014-01-05 22:33 - 2014-01-05 22:33 - 00050477 _____ C:\Users\Melanie\Desktop\Defogger.exe
2014-01-05 21:37 - 2014-01-05 21:37 - 00000000 ____D C:\Users\Melanie\AppData\Local\{262078E9-179A-4705-8257-0AAC7B88404C}
2014-01-04 21:46 - 2014-01-04 21:46 - 00000000 ____D C:\Users\Melanie\AppData\Local\{58D0141E-6D13-4F37-AB91-B8A7868565A4}
2013-12-28 18:56 - 2013-12-28 18:56 - 00551488 _____ C:\Windows\Minidump\122813-34679-01.dmp
2013-12-26 17:23 - 2013-12-26 17:23 - 00000000 ____D C:\Users\Melanie\AppData\Local\{AD057798-9258-4C37-B777-E1820F2F4288}
2013-12-24 22:03 - 2014-01-05 21:50 - 00000000 ____D C:\Users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-24 22:03 - 2013-12-24 22:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-24 21:54 - 2014-01-04 21:40 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-24 21:53 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMAW.DLL
2013-12-24 21:49 - 2013-12-24 21:49 - 00002083 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2013-12-24 21:49 - 2013-12-24 21:49 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2013-12-24 21:47 - 2013-12-24 21:47 - 00000000 ____D C:\Program Files\Canon
2013-12-24 21:46 - 2013-12-24 21:46 - 00002364 _____ C:\Users\Public\Desktop\Canon iP4900 series Online-Handbuch.lnk
2013-12-24 21:45 - 2013-12-24 21:45 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 21:44 - 2013-12-24 21:44 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 21:44 - 2011-02-03 09:20 - 00256000 _____ (CANON INC.) C:\Windows\system32\CNMIUAW.DLL
2013-12-24 19:56 - 2013-12-25 21:45 - 00000789 _____ C:\Users\Melanie\AppData\Local\cookies.ini
2013-12-24 19:56 - 2013-12-24 19:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\cache
2013-12-24 19:55 - 2013-12-24 19:55 - 00001213 _____ C:\Users\Melanie\Desktop\VTech Download Manager.lnk
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\ProgramData\VTech
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\Program Files (x86)\VTech
2013-12-24 03:49 - 2013-12-24 03:50 - 00000000 ____D C:\Users\Melanie\AppData\Local\{01B42FD6-7BF2-4A6E-A7BF-34CEA8B274F3}
2013-12-22 03:29 - 2013-12-22 03:29 - 00002960 _____ C:\Windows\System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F}
2013-12-22 03:23 - 2012-09-27 15:33 - 00934784 _____ (CANON INC.) C:\Users\Melanie\WirelessCameraConnectionSetting.exe
2013-12-21 00:50 - 2013-12-21 00:50 - 00001151 _____ C:\Users\Melanie\Desktop\MyCamera.lnk
2013-12-21 00:48 - 2013-12-21 01:06 - 00000000 ____D C:\Users\Melanie\Documents\Canon Utilities
2013-12-21 00:28 - 2013-12-21 00:28 - 00673080 _____ ( ) C:\Users\Melanie\Downloads\DownloadAcceleratorSetup.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00000000 ____D C:\Users\Public\Documents\Canon MyCameraFiles
2013-12-20 23:58 - 2013-12-21 00:00 - 62808100 _____ C:\Users\Melanie\Downloads\cdw-inst-8-8-0-17-u01-9l.zip
2013-12-20 01:43 - 2013-12-20 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 11:02 - 2013-12-18 11:02 - 00000000 ____D C:\Users\Melanie\AppData\Local\{ADFE457A-BE32-4BB2-93C2-6FCB8460CA10}
2013-12-14 21:40 - 2013-12-14 21:40 - 00000000 ____D C:\1d2bcc69de0586588798b18195a5
2013-12-14 20:42 - 2013-12-14 20:42 - 00000000 ____D C:\Users\Melanie\AppData\Local\{1E0F61B0-9F21-4B53-95EF-92943CD93EAE}
2013-12-13 13:14 - 2013-12-13 13:14 - 00002106 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-12-13 12:25 - 2013-12-13 12:25 - 00000000 ____D C:\Users\Melanie\AppData\Local\{E9034D4C-4BB4-482C-BAD0-7E9A81DB52F5}
2013-12-13 09:26 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-13 09:26 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 09:26 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-13 09:26 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 09:20 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-13 09:20 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 09:20 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 09:20 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-13 09:20 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-13 09:20 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-13 09:20 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-13 09:20 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-13 09:20 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 09:20 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-13 09:20 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-13 09:20 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-12 18:46 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 18:46 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 18:46 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 18:46 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 18:46 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 18:46 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 18:46 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 18:46 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 18:46 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 18:46 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 18:46 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 18:46 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 18:46 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 18:46 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 18:46 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 18:46 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 18:46 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 18:46 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 18:46 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 21:11 - 2013-12-11 21:11 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 09:26 - 2013-12-11 09:26 - 00000000 ____D C:\Users\Melanie\AppData\Local\{52B72984-FAAE-4792-9820-86051C1DCB63}
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2013-12-09 23:38 - 2013-12-09 23:38 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2013-12-09 23:38 - 2013-12-09 23:38 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2013-12-09 23:37 - 2013-12-09 23:37 - 00000000 ____D C:\ProgramData\Sony Mobile
2013-12-09 23:36 - 2013-12-09 23:36 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2013-12-09 23:34 - 2013-12-13 13:17 - 00323898 _____ C:\Windows\DPINST.LOG
2013-12-09 23:31 - 2013-12-09 23:31 - 00000000 ____D C:\ProgramData\Sony
2013-12-09 23:08 - 2013-12-09 23:08 - 02084951 _____ C:\Users\Melanie\Downloads\userguide_DE_C1904-C1905_1_Android4.1.pdf.zip
2013-12-09 08:03 - 2013-12-09 08:03 - 00000000 ____D C:\Users\Melanie\AppData\Local\{8726D9DD-B715-4C58-9B59-F7F5F0120434}
2013-12-08 20:34 - 2013-12-08 20:34 - 00000508 _____ C:\Users\Melanie\Desktop\P1070459.JPGBild2,31 MB08.12.2013 2034.URL
2013-12-08 14:34 - 2013-12-08 14:34 - 00000000 ____D C:\Users\Melanie\AppData\Local\{07A5ECD2-B320-4CEA-8E20-C4DB2EAF73C8}
2013-12-06 15:12 - 2013-12-06 15:10 - 00042466 _____ C:\Users\Melanie\Downloads\S_20131206_151032_Neue_Nachrichten.zip
==================== One Month Modified Files and Folders =======
2014-01-05 22:39 - 2014-01-05 22:38 - 00020642 _____ C:\Users\Melanie\Desktop\FRST.txt
2014-01-05 22:37 - 2014-01-05 22:37 - 00000000 ____D C:\FRST
2014-01-05 22:37 - 2014-01-05 22:36 - 01931368 _____ (Farbar) C:\Users\Melanie\Desktop\FRST64.exe
2014-01-05 22:35 - 2014-01-05 22:35 - 00000476 _____ C:\Users\Melanie\Desktop\defogger_disable.log
2014-01-05 22:35 - 2014-01-05 22:35 - 00000000 _____ C:\Users\Melanie\defogger_reenable
2014-01-05 22:35 - 2010-01-11 12:04 - 00000000 ____D C:\Users\Melanie
2014-01-05 22:33 - 2014-01-05 22:33 - 00050477 _____ C:\Users\Melanie\Desktop\Defogger.exe
2014-01-05 22:30 - 2009-11-25 06:49 - 01129596 _____ C:\Windows\WindowsUpdate.log
2014-01-05 22:27 - 2010-02-27 00:12 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-05 22:19 - 2012-07-17 21:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-05 21:50 - 2013-12-24 22:03 - 00000000 ____D C:\Users\Melanie\AppData\Local\Canon Easy-PhotoPrint EX
2014-01-05 21:42 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-05 21:37 - 2014-01-05 21:37 - 00000000 ____D C:\Users\Melanie\AppData\Local\{262078E9-179A-4705-8257-0AAC7B88404C}
2014-01-05 21:26 - 2012-06-15 23:32 - 00696832 ___SH C:\Users\Melanie\Desktop\Thumbs.db
2014-01-05 21:22 - 2013-03-14 22:17 - 00000000 ____D C:\Users\Melanie\Desktop\CAKE-BABY
2014-01-05 14:34 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 14:34 - 2009-07-14 05:45 - 00017376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 14:27 - 2010-02-27 00:12 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-05 14:26 - 2013-05-14 12:18 - 00000430 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2014-01-05 14:24 - 2013-10-11 08:11 - 00011759 _____ C:\Windows\setupact.log
2014-01-05 14:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 14:09 - 2013-11-27 08:14 - 00209079 _____ C:\Windows\IE11_main.log
2014-01-05 14:00 - 2011-01-21 20:58 - 00000000 ___RD C:\Users\Melanie\Desktop\musik
2014-01-05 14:00 - 2010-09-09 12:35 - 00000000 ____D C:\Users\Melanie\Desktop\max
2014-01-04 22:07 - 2010-03-03 06:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\Paint.NET
2014-01-04 21:46 - 2014-01-04 21:46 - 00000000 ____D C:\Users\Melanie\AppData\Local\{58D0141E-6D13-4F37-AB91-B8A7868565A4}
2014-01-04 21:40 - 2013-12-24 21:54 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-01-01 18:53 - 2012-08-10 10:00 - 00000294 _____ C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2013-12-28 18:56 - 2013-12-28 18:56 - 00551488 _____ C:\Windows\Minidump\122813-34679-01.dmp
2013-12-28 18:56 - 2013-10-23 15:32 - 340431824 _____ C:\Windows\MEMORY.DMP
2013-12-28 18:56 - 2013-10-11 08:10 - 00122480 _____ C:\Windows\PFRO.log
2013-12-28 18:56 - 2011-09-14 19:39 - 00000000 ____D C:\Windows\Minidump
2013-12-26 17:23 - 2013-12-26 17:23 - 00000000 ____D C:\Users\Melanie\AppData\Local\{AD057798-9258-4C37-B777-E1820F2F4288}
2013-12-25 21:45 - 2013-12-24 19:56 - 00000789 _____ C:\Users\Melanie\AppData\Local\cookies.ini
2013-12-24 22:03 - 2013-12-24 22:03 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJSolutionMenuEX
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJMyPrinter
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX2
2013-12-24 21:59 - 2013-12-24 21:59 - 00000000 ___HD C:\ProgramData\CanonEPP
2013-12-24 21:59 - 2013-12-02 18:07 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\canon
2013-12-24 21:50 - 2010-01-12 10:26 - 00000000 ____D C:\Program Files (x86)\Canon
2013-12-24 21:49 - 2013-12-24 21:49 - 00002083 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2013-12-24 21:49 - 2013-12-24 21:49 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2013-12-24 21:47 - 2013-12-24 21:47 - 00000000 ____D C:\Program Files\Canon
2013-12-24 21:46 - 2013-12-24 21:46 - 00002364 _____ C:\Users\Public\Desktop\Canon iP4900 series Online-Handbuch.lnk
2013-12-24 21:45 - 2013-12-24 21:45 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2013-12-24 21:44 - 2013-12-24 21:44 - 00000000 ___HD C:\Program Files\CanonBJ
2013-12-24 20:08 - 2009-11-25 15:36 - 00697098 _____ C:\Windows\system32\perfh007.dat
2013-12-24 20:08 - 2009-11-25 15:36 - 00148362 _____ C:\Windows\system32\perfc007.dat
2013-12-24 20:08 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-24 19:56 - 2013-12-24 19:56 - 00000000 ____D C:\Users\Melanie\AppData\Local\cache
2013-12-24 19:55 - 2013-12-24 19:55 - 00001213 _____ C:\Users\Melanie\Desktop\VTech Download Manager.lnk
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\ProgramData\VTech
2013-12-24 19:55 - 2013-12-24 19:55 - 00000000 ____D C:\Program Files (x86)\VTech
2013-12-24 03:50 - 2013-12-24 03:49 - 00000000 ____D C:\Users\Melanie\AppData\Local\{01B42FD6-7BF2-4A6E-A7BF-34CEA8B274F3}
2013-12-22 03:29 - 2013-12-22 03:29 - 00002960 _____ C:\Windows\System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F}
2013-12-22 01:20 - 2013-12-02 21:27 - 00000000 ____D C:\Users\Melanie\AppData\Roaming\CANON INC
2013-12-21 10:04 - 2012-11-28 01:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-21 01:06 - 2013-12-21 00:48 - 00000000 ____D C:\Users\Melanie\Documents\Canon Utilities
2013-12-21 00:50 - 2013-12-21 00:50 - 00001151 _____ C:\Users\Melanie\Desktop\MyCamera.lnk
2013-12-21 00:28 - 2013-12-21 00:28 - 00673080 _____ ( ) C:\Users\Melanie\Downloads\DownloadAcceleratorSetup.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00000000 ____D C:\Users\Public\Documents\Canon MyCameraFiles
2013-12-21 00:00 - 2013-12-20 23:58 - 62808100 _____ C:\Users\Melanie\Downloads\cdw-inst-8-8-0-17-u01-9l.zip
2013-12-20 01:43 - 2013-12-20 01:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-18 11:02 - 2013-12-18 11:02 - 00000000 ____D C:\Users\Melanie\AppData\Local\{ADFE457A-BE32-4BB2-93C2-6FCB8460CA10}
2013-12-14 21:40 - 2013-12-14 21:40 - 00000000 ____D C:\1d2bcc69de0586588798b18195a5
2013-12-14 21:40 - 2010-01-13 01:02 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 20:42 - 2013-12-14 20:42 - 00000000 ____D C:\Users\Melanie\AppData\Local\{1E0F61B0-9F21-4B53-95EF-92943CD93EAE}
2013-12-13 13:17 - 2013-12-09 23:34 - 00323898 _____ C:\Windows\DPINST.LOG
2013-12-13 13:14 - 2013-12-13 13:14 - 00002106 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-12-13 13:13 - 2009-10-28 18:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-13 12:25 - 2013-12-13 12:25 - 00000000 ____D C:\Users\Melanie\AppData\Local\{E9034D4C-4BB4-482C-BAD0-7E9A81DB52F5}
2013-12-13 09:55 - 2009-07-14 05:45 - 00359384 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-13 09:26 - 2009-10-29 06:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 12:55 - 2013-05-02 09:26 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-12 12:55 - 2013-03-21 13:43 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 12:55 - 2013-03-21 13:43 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-11 21:11 - 2013-12-11 21:11 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 21:11 - 2012-07-17 21:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 21:11 - 2012-07-17 21:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 21:11 - 2011-05-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 09:26 - 2013-12-11 09:26 - 00000000 ____D C:\Users\Melanie\AppData\Local\{52B72984-FAAE-4792-9820-86051C1DCB63}
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2013-12-09 23:38 - 2013-12-09 23:38 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2013-12-09 23:38 - 2013-12-09 23:38 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2013-12-09 23:37 - 2013-12-09 23:37 - 00000000 ____D C:\ProgramData\Sony Mobile
2013-12-09 23:36 - 2013-12-09 23:36 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2013-12-09 23:31 - 2013-12-09 23:31 - 00000000 ____D C:\ProgramData\Sony
2013-12-09 23:31 - 2010-01-12 09:48 - 00000000 ____D C:\Program Files (x86)\Sony
2013-12-09 23:08 - 2013-12-09 23:08 - 02084951 _____ C:\Users\Melanie\Downloads\userguide_DE_C1904-C1905_1_Android4.1.pdf.zip
2013-12-09 08:03 - 2013-12-09 08:03 - 00000000 ____D C:\Users\Melanie\AppData\Local\{8726D9DD-B715-4C58-9B59-F7F5F0120434}
2013-12-09 00:30 - 2013-05-20 20:41 - 02553344 ___SH C:\Users\Melanie\Documents\Thumbs.db
2013-12-08 23:39 - 2012-06-15 23:32 - 00194048 ___SH C:\Users\Melanie\Downloads\Thumbs.db
2013-12-08 20:34 - 2013-12-08 20:34 - 00000508 _____ C:\Users\Melanie\Desktop\P1070459.JPGBild2,31 MB08.12.2013 2034.URL
2013-12-08 14:34 - 2013-12-08 14:34 - 00000000 ____D C:\Users\Melanie\AppData\Local\{07A5ECD2-B320-4CEA-8E20-C4DB2EAF73C8}
2013-12-08 09:54 - 2010-01-12 12:04 - 00000000 ____D C:\Users\Melanie\AppData\Local\Adobe
2013-12-06 15:10 - 2013-12-06 15:12 - 00042466 _____ C:\Users\Melanie\Downloads\S_20131206_151032_Neue_Nachrichten.zip
Files to move or delete:
====================
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Users\Melanie\WirelessCameraConnectionSetting.exe
C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regmonstd.lnk
Some content of TEMP:
====================
C:\Users\Melanie\AppData\Local\Temp\4vvfjg0g.dll
C:\Users\Melanie\AppData\Local\Temp\avgnt.exe
C:\Users\Melanie\AppData\Local\Temp\ICReinstall_DownloadAcceleratorSetup.exe
C:\Users\Melanie\AppData\Local\Temp\install_reader11_de_ltr5x64d_awc_aih.exe
C:\Users\Melanie\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Melanie\AppData\Local\Temp\Storio2_DE_ger_Setup.exe
C:\Users\Melanie\AppData\Local\Temp\tbDVD0.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2010-11-07 21:27
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by Melanie at 2014-01-05 22:40:28
Running from C:\Users\Melanie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
AAVUpdateManager (x32 Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7006 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (x32 Version: 5.2.7.1 - Suyin Optronics Corp)
Acer ePower Management (x32 Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (x32 Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (x32 Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (x32 Version: 3.01.0730 - Acer Inc.)
Acer Registration (x32 Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.7.0715 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 4.0 (x32 Version: - )
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Advanced Driver Updater (x32 Version: 2.1.1086.11897 - Systweak Inc)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alice Greenfingers (x32 Version: - Oberon Media)
Amazonia (x32 Version: - Oberon Media)
ArcSoft PhotoBase (x32 Version: - )
Avira Antivirus Suite (x32 Version: 14.0.2.286 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Bing-Desktop (x32 Version: 1.3.171.0 - Microsoft Corporation)
Broadcom Gigabit NetLink Controller (Version: 12.26.02 - Broadcom Corporation)
Canon Easy-PhotoPrint EX (x32 Version: - )
Canon Easy-WebPrint EX (x32 Version: 1.4.0.0 - Canon Inc.)
Canon Inkjet Printer Driver Add-On Module (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32 Version: - )
Canon iP4900 series Benutzerregistrierung (x32 Version: - )
Canon iP4900 series On-screen Manual (x32 Version: - )
Canon iP4900 series Printer Driver (Version: - )
Canon My Printer (x32 Version: - )
Canon Solution Menu EX (x32 Version: - )
Canon Utilities CameraWindow DC 8 (x32 Version: 8.10.0.16 - Canon Inc.)
Canon Utilities ImageBrowser EX (x32 Version: 1.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (x32 Version: 3.1.23.47 - Canon Inc.)
CCleaner (Version: 3.23 - Piriform)
Chicken Invaders 2 (x32 Version: - Oberon Media)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Conduit Engine (x32 Version: - Conduit Ltd.)
ContentSAFER for Wizmax (x32 Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (x32 Version: - Oberon Media)
DHTML Editing Component (x32 Version: 6.02.0001 - Microsoft Corporation)
Dream Day First Home (x32 Version: - Oberon Media)
eBay Worldwide (x32 Version: 2.1.0901 - OEM)
EmoDio (x32 Version: 1.0 - SAMSUNG)
EmoDio (x32 Version: 1.0 - SAMSUNG) Hidden
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (x32 Version: - Oberon Media)
First Class Flurry (x32 Version: - Oberon Media)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Granny In Paradise (x32 Version: - Oberon Media)
Heroes of Hellas (x32 Version: - Oberon Media)
Identity Card (x32 Version: 1.00.3002 - Acer Incorporated)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0 - Microsoft Corporation)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Launch Manager (x32 Version: 3.0.05 - Acer Inc.)
LSI HDA Modem (Version: 2.1.94 - LSI Corporation)
maxdome Download Manager 4.1.300.78 (x32 Version: 4.1.30078 - Prosieben)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Merriam Websters Spell Jam (x32 Version: - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyAshampoo Toolbar (x32 Version: 6.2.7.3 - MyAshampoo)
MyWinLocker (x32 Version: 3.1.76.0 - Egis Technology Inc.)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero MediaHome 4 (x32 Version: 4.5.9.2 - Nero AG) Hidden
Nero MediaHome 4 Essentials (x32 Version: - Nero AG)
Nero MediaHome 4 Help (x32 Version: 4.5.5.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
NTI Backup Now 5 (x32 Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA Grafiktreiber 296.17 (Version: 296.17 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0203 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0203 (Version: 9.12.0203 - NVIDIA Corporation)
NVIDIA Systemsteuerung 296.17 (Version: 296.17 - NVIDIA Corporation) Hidden
OpenOffice.org 3.2 (x32 Version: 3.2.9483 - OpenOffice.org)
Paint.NET v3.5.10 (Version: 3.60.0 - dotPDN LLC)
PIXELA AAC LC CODEC (x32 Version: 1.1.0.1 - Canon Inc.)
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Samsung Mobile phone USB driver Drive Software (Version: - )
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SmartPCFixer 4.2 (Version: 4.2 - LionSea Software) <==== ATTENTION
Sony Mobile Update Engine (x32 Version: 2.13.14.201311281309 - Sony Mobile Communications AB)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
Sony Picture Utility (x32 Version: 4.2.00.15030 - Sony Corporation)
Steuer-Spar-Erklärung 2013 (x32 Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Synaptics Pointing Device Driver (Version: 14.0.6.0 - Synaptics Incorporated)
T-Online 6.0 (x32 Version: - )
Uninstall 1.0.0.1 (x32 Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (x32 Version: - VTech)
Welcome Center (x32 Version: 1.00.3008 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
==================== Restore Points =========================
20-12-2013 09:04:23 Windows Update
21-12-2013 09:12:05 Windows Update
22-12-2013 02:00:21 Windows Update
22-12-2013 02:30:34 Windows Update
23-12-2013 14:24:20 Windows Update
24-12-2013 02:10:21 Windows Update
25-12-2013 09:38:21 Windows Update
26-12-2013 06:19:55 Windows Update
28-12-2013 09:13:23 Windows Update
28-12-2013 23:52:39 Windows Update
29-12-2013 06:58:11 Windows Update
30-12-2013 08:37:20 Windows Update
31-12-2013 08:19:13 Windows Update
01-01-2014 17:51:11 Windows Update
02-01-2014 04:30:33 Windows Update
03-01-2014 02:00:51 Windows Update
03-01-2014 07:25:50 Windows Update
05-01-2014 13:06:53 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0709BDC6-0B81-4AE1-82D4-58C1166F5A97} - System32\Tasks\{EE59B01C-67D9-4AD7-8877-C56C4DFF2F28} => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {280C14FC-9B26-435B-BA36-8DA60ACCC61B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {28EE9630-9013-4AD6-8FF6-1DB8706C0EFA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {331D470B-FC5B-4ED4-A705-CB6600EE9A2B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {4813AA35-E11E-45E5-A912-E3235D79C651} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files (x86)\Advanced Driver Updater\adu.exe [2012-07-23] (Systweak Inc)
Task: {72EDD5AF-D1F9-4920-A7E1-83612D489AE9} - System32\Tasks\{0100F523-01AA-4A2D-B83F-A6D31D46D889} => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {744CE7C6-C406-4AB4-A0A7-C5E86F97B484} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: {8638B5EA-A071-4A1F-9234-7F1A20B2F009} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {90F034A2-DA41-4665-830E-5AC0D64DC9A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27] (Google Inc.)
Task: {ACD177C4-6390-44DC-BCE7-9AE48ABFA780} - System32\Tasks\{E9AC9F95-2A40-40C0-8FDD-43E82D153F3D} => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
Task: {DCC526BA-0581-4A3D-AFAA-D95A45C90846} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-27] (Google Inc.)
Task: {FF103E8A-E8E9-4A5F-8609-1075D0712064} - System32\Tasks\{4592761F-B110-492C-BED2-F492E5850E3F} => C:\Program Files (x86)\Canon\MyCamera\MyCamera.exe [2011-03-29] (CANON INC.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-20 16:50 - 2012-12-20 16:40 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 01057512 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoFoundation.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00627944 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoNet.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00514352 _____ () C:\Program Files (x86)\maxdome\DCBin\sqlite3.dll
2009-05-01 17:58 - 2009-05-01 17:58 - 00517352 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoXML.dll
2013-12-09 23:31 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2013-12-09 23:31 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2013-12-09 23:31 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2013-12-09 23:31 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2013-10-18 15:04 - 2013-10-18 15:04 - 00645632 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2012-08-30 13:39 - 2013-10-03 10:42 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2009-10-20 20:02 - 2010-06-01 22:10 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-06-24 09:54 - 2010-06-24 02:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2013-06-24 09:54 - 2010-07-13 14:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2013-06-24 09:54 - 2010-06-02 03:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2013-06-24 09:54 - 2010-06-02 03:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2013-06-24 09:54 - 2012-08-06 10:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2013-06-24 09:54 - 2010-06-02 03:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2013-06-24 09:54 - 2010-06-02 03:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-06-24 09:54 - 2010-07-05 10:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-06-24 09:54 - 2010-11-11 10:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00025600 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-06-24 09:54 - 2010-06-02 06:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2013-12-20 01:43 - 2013-12-20 01:43 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:E8BE05FA
AlternateDataStreams: C:\Users\Melanie\Documents\Bilder Maximilian&Mette.eml:OECustomProperty
AlternateDataStreams: C:\Users\Melanie\Documents\Hotelreservierung Reservierungs-Code „Study Nurse Ausbildung“.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/05/2014 09:26:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CNSEUPDT.EXE, Version: 1.3.5.0, Zeitstempel: 0x4e3a32f0
Name des fehlerhaften Moduls: CNMDWLD.DLL, Version: 1.0.0.0, Zeitstempel: 0x4cad61a4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000024c0
ID des fehlerhaften Prozesses: 0x14d0
Startzeit der fehlerhaften Anwendung: 0xCNSEUPDT.EXE0
Pfad der fehlerhaften Anwendung: CNSEUPDT.EXE1
Pfad des fehlerhaften Moduls: CNSEUPDT.EXE2
Berichtskennung: CNSEUPDT.EXE3
Error: (01/05/2014 08:25:07 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (01/05/2014 08:15:32 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (01/04/2014 01:37:47 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (12/31/2013 01:22:15 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a7c
Startzeit: 01cf062281b9868d
Endzeit: 452
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 24ebed75-7216-11e3-83ad-00262d9bc414
Error: (12/29/2013 07:35:09 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (12/22/2013 07:00:18 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (12/22/2013 01:46:50 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c34
Startzeit: 01cefefc94537615
Endzeit: 590
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 0c1dd5bc-6b07-11e3-9c8b-00262d9bc414
Error: (12/21/2013 00:03:08 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 25.0.1.5064, Zeitstempel: 0x5282f204
Name des fehlerhaften Moduls: xul.dll, Version: 25.0.1.5064, Zeitstempel: 0x5282f10e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00118f87
ID des fehlerhaften Prozesses: 0xf58
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (12/15/2013 07:00:04 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
System errors:
=============
Error: (01/05/2014 09:58:54 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 08:15:05 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 06:33:51 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.23
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/05/2014 06:33:36 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 06:31:24 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 06:31:23 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
Error: (01/05/2014 06:22:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/05/2014 06:19:41 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/05/2014 06:16:51 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (01/05/2014 06:16:44 PM) (Source: ipnathlp) (User: )
Description: 0
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-02-23 21:54:07.842
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 4090.93 MB
Available physical RAM: 2781.39 MB
Total Pagefile: 8180.03 MB
Available Pagefile: 6282.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:175.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 4E694E69)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2014-01-05 22:56:18
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Melanie\AppData\Local\Temp\ugtdqpow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800033ab000 64 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff800033ab042 5 bytes [00, 00, E0, 00, 40]
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [980:1772] 000007fef1e36b8c
Thread C:\Windows\System32\svchost.exe [980:992] 000007fef1e31d88
Thread C:\Windows\System32\svchost.exe [980:3836] 000007fefd8020b0
Thread C:\Windows\System32\svchost.exe [1012:1280] 000007fefafe59a0
Thread C:\Windows\System32\svchost.exe [1012:1344] 000007fefd051a70
Thread C:\Windows\System32\svchost.exe [1012:2804] 000007fef55d88f8
Thread C:\Windows\System32\svchost.exe [1012:2472] 000007fef1e83efc
Thread C:\Windows\System32\svchost.exe [1012:1336] 000007fef1ec8a4c
Thread C:\Windows\system32\svchost.exe [364:1296] 000007fefa6b1e00
Thread C:\Windows\system32\svchost.exe [364:1380] 000007fefa471a50
Thread C:\Windows\system32\svchost.exe [364:1532] 000007fefd051a70
Thread C:\Windows\system32\svchost.exe [364:3084] 000007fefd051a70
Thread C:\Windows\system32\svchost.exe [364:3284] 000007fef43b84d8
Thread C:\Windows\system32\svchost.exe [364:3372] 000007fef43723a8
Thread C:\Windows\system32\svchost.exe [364:3408] 000007fef43f0d00
Thread C:\Windows\system32\svchost.exe [364:3412] 000007fef3e59498
Thread C:\Windows\system32\svchost.exe [364:3724] 000007fef374506c
Thread C:\Windows\system32\svchost.exe [364:3736] 000007fef3e81c20
Thread C:\Windows\system32\svchost.exe [364:3740] 000007fef3e81c20
Thread C:\Windows\system32\svchost.exe [364:2512] 000007fef8b85124
Thread C:\Windows\system32\svchost.exe [364:4704] 000007fef2a74164
Thread C:\Windows\system32\svchost.exe [364:3892] 000007fef3981ab0
Thread C:\Windows\system32\svchost.exe [364:3148] 000007feeff0cb70
Thread C:\Windows\system32\svchost.exe [1036:1376] 000007fefbb18274
Thread C:\Windows\system32\svchost.exe [1036:1716] 000007fefbb18274
Thread C:\Windows\system32\svchost.exe [1128:540] 000007fef8cdbd88
Thread C:\Windows\system32\svchost.exe [1128:2956] 000007fef4ac83d8
Thread C:\Windows\system32\svchost.exe [1128:2724] 000007fef4ac83d8
Thread C:\Windows\system32\svchost.exe [1128:3336] 000007fef4223f1c
Thread C:\Windows\system32\svchost.exe [1128:3340] 000007fef41f22b8
Thread C:\Windows\system32\svchost.exe [1128:3344] 000007fef41f1a38
Thread C:\Windows\system32\svchost.exe [1128:3348] 000007fef3ed5388
Thread C:\Windows\system32\svchost.exe [1128:3352] 000007fef3eb7738
Thread C:\Windows\system32\svchost.exe [1128:3356] 000007fef3ea1f90
Thread C:\Windows\system32\svchost.exe [1128:3860] 000007fef85a5170
Thread C:\Windows\system32\svchost.exe [1128:4724] 000007fef8b85124
Thread C:\Windows\System32\spoolsv.exe [1404:2120] 000007fef84f10c8
Thread C:\Windows\System32\spoolsv.exe [1404:2140] 000007fef84b6144
Thread C:\Windows\System32\spoolsv.exe [1404:2144] 000007fef80d5fd0
Thread C:\Windows\System32\spoolsv.exe [1404:2148] 000007fef80c3438
Thread C:\Windows\System32\spoolsv.exe [1404:2152] 000007fef80d63ec
Thread C:\Windows\System32\spoolsv.exe [1404:2176] 000007fef8985e5c
Thread C:\Windows\System32\spoolsv.exe [1404:2220] 000007fef8a35074
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:4188] 000007fefb3d2a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:3580] 000007fef0944830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:240] 000007fef8b85124
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:3792] 000007fef08c9d90
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [4764:2404] 000007fef0944830
---- EOF - GMER 2.1 ----
Code:
ATTFilter Exportierte Ereignisse:
06.01.2014 08:43 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Melanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\13f8d54d-116
6fb52'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2013-2423.F.Gen'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '17228b18.qua'
verschoben!
06.01.2014 08:43 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Melanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\59db9587-54fe
6fb3'
enthielt einen Virus oder unerwünschtes Programm 'EXP/Java.HLP.NZ' [exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5df4fe52.qua'
verschoben!
06.01.2014 08:43 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\Melanie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\15c9b722-2ea
13d2c'
enthielt einen Virus oder unerwünschtes Programm 'TR/Ransom.Foreign.evtn'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4560d1f1.qua'
verschoben!
|
| Themen zu Windows 7 meldet nach dem hochfahren "******App/Data/Local/Temp/b34btbztdb0vavaw.exe Das angegebene Modul wurde nicht gefunden. |
| antivirus, canon, defender, device driver, entfernen, exp/cve-2013-2423.f.gen, exp/java.hlp.nz, flash player, icreinstall, installation, launch, malware.trace.e, minidump, mozilla, plug-in, pup.optional.babylon.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.iminent.a, pup.optional.installcore, pup.optional.mixidjtoolbar.a, pup.smspay.pns, realtek, security, services.exe, software, svchost.exe, tr/ransom.foreign.evtn, trojan.agent.tpl, win32/adware.yontoo.b, windows |
Baum-Darstellung