| |
| |||||||
Log-Analyse und Auswertung: Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dllWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.02.2014, 14:16
| #1 |
 |  Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Hallo ich habe 3 Meldungen bei und nach dem Hochfahren auf meinem PC. Hier noch kurz etwas zur Vorgeschichte. Die Meldung "Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll" hatte ich schonmal mit ihrer Hilfe behoben, hatte aber trotzdem noch die Meldung "Der Papierkorb auf C:\ ist beschädigt. Möchten Sie den Papierkorb für dieses Laufwerk leeren?" Habe dann irgendwo gelesen, dass man mit der Systemwiederherstellung das beheben kann. Das habe ich leider Erfolglos versucht und jetzt auch wieder "Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll". Ich hatte seither avira-free-antivirus als Virenscanner. Da funktioniert aber das updaten nicht mehr. Habe avira deinstalliert und wieder installiert. Trotzdem kommt kein update möglich. Beim Versuch avira wieder zu deinstallieren kommt jetzt "Setup konnte das Feature Control File nicht finden oder nicht auslesen [Errorcode 7]." Inzwischen erscheint nach dem Hochfahren dann die Meldung "Avira's CCPLG.XML file is missing. Please wait for the automatic Avira update." Hoffentlich können Sie mir helfen. Hier noch die ersten scans: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 01
Ran by Admin (administrator) on ADMIN-PC on 13-02-2014 13:48:29
Running from C:\Users\Admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11369576 2010-08-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2586504 2010-08-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\Run: [Adobe Reader Synchronizer] - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [698760 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: E - E:\FSetup.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: F - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {07f834b9-1f13-11e1-83a1-002454de19a2} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {07f834c6-1f13-11e1-83a1-002454de19a2} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f40c1-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f4107-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f4130-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {1620fda4-2988-11e2-83cf-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {1620fe48-2988-11e2-83cf-001e101f7f74} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {244b3c55-2178-11e1-8370-4cedde226fcd} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {25a37d7e-6187-11e1-b279-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e14d-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e15f-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e190-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e19b-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e1ab-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a0f77-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a0ff5-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a1018-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a1027-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {5497a038-44cc-11e2-b233-001e101fe70e} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {5497a04f-44cc-11e2-b233-001e101fe70e} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {9fc37f9d-eb8f-11e2-b1d3-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {aa50d1b7-6f0f-11e2-a9cf-806e6f6e6963} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {ad5d6f15-4b3c-11e1-82ef-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {ad5d6f9d-4b3c-11e1-82ef-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {b3055611-66b6-11e2-9930-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {cb651a38-f569-11e2-b17d-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {f58342a0-9aa9-11e1-88d7-002454de19a2} - D:\.\Setup.exe AUTORUN=1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
SearchScopes: HKCU - DefaultScope {C5DEEA89-9BC1-4B78-8FA0-396C4C484222} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {C5DEEA89-9BC1-4B78-8FA0-396C4C484222} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {CA715ED4-91FF-4F5E-A053-EA79F72CDBD0} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
BHO: Plus-HD-2.6 - {11111111-1111-1111-1111-110311341140} - C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\Admin\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO-x32: W2PBrowser Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR Extension: (Der Schnäppchenfuchs Gutscheinfinder) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\camijhkahcckljhgpgfgglbegedoepda [2014-01-13]
CHR HKLM\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKCU\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Admin\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]
==================== Services (Whitelisted) =================
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-08-16] ()
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
S4 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd)
S4 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [570368 2011-10-27] (Hauppauge Computer Works)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2014-01-02] (iolo technologies, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 WOTUpdater; C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-05-07] (EldoS Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2012-01-19] (Huawei Technologies Co., Ltd.)
S3 ewusbnet; C:\Windows\SysWOW64\DRIVERS\ewusbnet.sys [138752 2013-05-18] (Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2013-05-18] (Huawei Technologies Co., Ltd.)
S3 hcw10bda; C:\Windows\System32\drivers\hcw10bda.sys [641920 2010-12-09] (Hauppauge Computer Works, Inc.)
S2 hcw10cir; C:\Windows\System32\drivers\hcw10cir.sys [46080 2010-05-10] (Hauppauge Computer Works, Inc.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2013-05-18] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-16] (Windows (R) 2003 DDK 3790 provider)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
U3 aglorpod; \??\C:\Users\Admin\AppData\Local\Temp\aglorpod.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-13 13:42 - 2014-02-13 13:42 - 00002467 ____C () C:\Users\Admin\Desktop\Gmer.log
2014-02-13 13:00 - 2014-02-13 13:00 - 00380416 ____C () C:\Users\Admin\Desktop\Gmer-19357.exe
2014-02-13 12:54 - 2014-02-13 13:48 - 00017261 ____C () C:\Users\Admin\Desktop\FRST.txt
2014-02-13 12:53 - 2014-02-13 12:53 - 00000000 ___DC () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-02-13 12:52 - 2014-02-13 12:52 - 00000472 ____C () C:\Users\Admin\Desktop\defogger_disable.log
2014-02-13 12:52 - 2014-02-13 12:52 - 00000000 ____C () C:\Users\Admin\defogger_reenable
2014-02-13 12:51 - 2014-02-13 12:51 - 00050477 ____C () C:\Users\Admin\Desktop\Defogger.exe
2014-02-13 12:11 - 2014-02-13 12:11 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 12:10 - 2014-02-13 12:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 12:10 - 2014-02-13 12:11 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 12:10 - 2014-02-13 12:11 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 12:10 - 2014-02-13 12:11 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 13:11 - 2014-02-13 12:16 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 13:11 - 2014-02-13 12:16 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 13:11 - 2014-02-13 12:15 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 13:10 - 2014-02-13 12:14 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-12 13:10 - 2014-02-13 12:14 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-10 21:19 - 2014-02-13 12:53 - 02152448 ____C (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-02-10 18:05 - 2014-02-10 18:05 - 00000335 ____C () C:\Users\Admin\Fixlist.txt
2014-02-10 17:33 - 2014-02-10 17:34 - 01037530 ____C (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-02-10 17:22 - 2014-02-10 17:22 - 01166132 ____C () C:\Users\Admin\Desktop\adwcleaner.exe
2014-02-10 17:05 - 2014-02-10 17:05 - 00001105 ____C () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-10 17:05 - 2014-02-10 17:05 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-10 17:05 - 2013-04-04 14:50 - 00025928 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-10 17:03 - 2014-02-10 17:03 - 10285040 ____C (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-08 22:58 - 2014-02-08 22:58 - 00001912 ____C () C:\Windows\epplauncher.mif
2014-02-08 22:58 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Security Client
2014-02-07 22:45 - 2014-02-07 22:49 - 130658432 ____C () C:\Users\Admin\Desktop\avira_free_antivirus_de.exe
2014-02-07 13:02 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files\Microsoft Security Client
2014-02-05 22:31 - 2014-02-05 22:31 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Macromedia
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Mozilla
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-02-04 21:14 - 2014-02-04 21:14 - 00000000 ___DC () C:\Windows\ERUNT
2014-02-04 20:56 - 2014-02-10 17:25 - 00000000 ___DC () C:\AdwCleaner
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-02-04 18:04 - 2014-02-13 13:48 - 00000000 ___DC () C:\FRST
2014-02-01 18:24 - 2014-02-01 18:24 - 00090112 ____C () C:\Users\Admin\Desktop\D- Mädchen- Spielplan.xls
2014-01-16 22:05 - 2014-01-16 22:05 - 00003118 ____C () C:\Windows\System32\Tasks\iolo Process Governor
2014-01-16 22:05 - 2014-01-16 22:05 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\ioloGovernor
2014-01-16 22:05 - 2014-01-16 22:05 - 00000000 ___DC () C:\ProgramData\ioloGovernor
2014-01-16 15:29 - 2014-02-07 22:12 - 00000000 ___DC () C:\Program Files (x86)\Avira
2014-01-16 15:29 - 2013-12-18 09:32 - 00131576 ____C (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-16 15:29 - 2013-12-18 09:32 - 00108440 ____C (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-16 15:29 - 2013-12-18 09:32 - 00028600 ____C (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-15 13:56 - 2014-01-15 15:16 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 13:56 - 2014-01-15 15:16 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00343040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00325120 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00099840 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00030720 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00025600 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00007808 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 13:06 - 2014-01-14 13:06 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Check Point Software Technologies LTD
2014-01-14 13:04 - 2014-01-14 13:04 - 00002972 ____C () C:\Windows\System32\Tasks\{4452FA3D-120C-422A-A66D-7682A63E81E3}
2014-01-14 13:01 - 2014-01-14 13:01 - 00943872 ____C () C:\Users\Admin\Downloads\Adobe-Flash-Player-Setup.exe
2014-01-14 11:07 - 2014-01-14 11:07 - 00000000 ___DC () C:\Program Files (x86)\Google
==================== One Month Modified Files and Folders =======
2014-02-13 13:48 - 2014-02-13 12:54 - 00017261 ____C () C:\Users\Admin\Desktop\FRST.txt
2014-02-13 13:48 - 2014-02-04 18:04 - 00000000 ___DC () C:\FRST
2014-02-13 13:48 - 2010-09-01 00:01 - 01268197 ____C () C:\Windows\WindowsUpdate.log
2014-02-13 13:42 - 2014-02-13 13:42 - 00002467 ____C () C:\Users\Admin\Desktop\Gmer.log
2014-02-13 13:00 - 2014-02-13 13:00 - 00380416 ____C () C:\Users\Admin\Desktop\Gmer-19357.exe
2014-02-13 12:53 - 2014-02-13 12:53 - 00000000 ___DC () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-02-13 12:53 - 2014-02-10 21:19 - 02152448 ____C (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-02-13 12:52 - 2014-02-13 12:52 - 00000472 ____C () C:\Users\Admin\Desktop\defogger_disable.log
2014-02-13 12:52 - 2014-02-13 12:52 - 00000000 ____C () C:\Users\Admin\defogger_reenable
2014-02-13 12:52 - 2010-10-28 15:35 - 00000000 ___DC () C:\Users\Admin
2014-02-13 12:51 - 2014-02-13 12:51 - 00050477 ____C () C:\Users\Admin\Desktop\Defogger.exe
2014-02-13 12:30 - 2009-07-14 05:45 - 00013936 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-13 12:30 - 2009-07-14 05:45 - 00013936 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-13 12:26 - 2012-01-16 13:43 - 00000000 ___DC () C:\Users\Admin\Desktop\Kurzfristige Datei
2014-02-13 12:25 - 2013-02-14 16:25 - 00000284 ____C () C:\Windows\Tasks\PC Performer_UPDATES.job
2014-02-13 12:25 - 2012-10-04 10:25 - 00039460 ____C () C:\Windows\setupact.log
2014-02-13 12:25 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-02-13 12:24 - 2012-10-10 20:16 - 00320262 ____C () C:\Windows\PFRO.log
2014-02-13 12:17 - 2011-08-19 14:49 - 00000000 ___DC () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-13 12:17 - 2011-08-19 14:49 - 00000000 ___DC () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-13 12:16 - 2014-02-12 13:11 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 12:16 - 2014-02-12 13:11 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 12:15 - 2014-02-12 13:11 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 12:14 - 2014-02-12 13:10 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-13 12:14 - 2014-02-12 13:10 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 12:12 - 2009-07-14 03:34 - 00000478 ____C () C:\Windows\win.ini
2014-02-13 12:11 - 2014-02-13 12:11 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 12:11 - 2014-02-13 12:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 12:11 - 2014-02-13 12:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 12:11 - 2014-02-13 12:10 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 12:11 - 2014-02-13 12:10 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 15:39 - 2013-02-14 16:25 - 00000276 ____C () C:\Windows\Tasks\PC Performer_DEFAULT.job
2014-02-12 15:29 - 2010-10-28 15:37 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Adobe
2014-02-12 13:01 - 2012-01-02 15:34 - 00003930 ____C () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EA6C763E-97F2-4220-93F2-531FCE4ABB8C}
2014-02-10 18:05 - 2014-02-10 18:05 - 00000335 ____C () C:\Users\Admin\Fixlist.txt
2014-02-10 17:34 - 2014-02-10 17:33 - 01037530 ____C (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-02-10 17:25 - 2014-02-04 20:56 - 00000000 ___DC () C:\AdwCleaner
2014-02-10 17:25 - 2012-07-04 21:38 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-02-10 17:22 - 2014-02-10 17:22 - 01166132 ____C () C:\Users\Admin\Desktop\adwcleaner.exe
2014-02-10 17:05 - 2014-02-10 17:05 - 00001105 ____C () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-10 17:05 - 2014-02-10 17:05 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-10 17:03 - 2014-02-10 17:03 - 10285040 ____C (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-10 13:13 - 2010-09-01 05:23 - 00700134 ____C () C:\Windows\system32\perfh007.dat
2014-02-10 13:13 - 2010-09-01 05:23 - 00149984 ____C () C:\Windows\system32\perfc007.dat
2014-02-10 13:13 - 2009-07-14 06:13 - 01622236 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-02-10 12:45 - 2010-10-28 15:35 - 00000000 _SHDC () C:\Recovery
2014-02-08 22:58 - 2014-02-08 22:58 - 00001912 ____C () C:\Windows\epplauncher.mif
2014-02-08 22:58 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Security Client
2014-02-08 22:58 - 2014-02-07 13:02 - 00000000 ___DC () C:\Program Files\Microsoft Security Client
2014-02-07 22:49 - 2014-02-07 22:45 - 130658432 ____C () C:\Users\Admin\Desktop\avira_free_antivirus_de.exe
2014-02-07 22:20 - 2010-12-08 17:12 - 00000000 ___DC () C:\Users\Admin\AppData\Local\CrashDumps
2014-02-07 22:13 - 2011-11-12 11:13 - 00000000 ___DC () C:\Windows\system32\Macromed
2014-02-07 22:13 - 2010-11-06 18:36 - 00000000 ___DC () C:\Users\Gast
2014-02-07 22:13 - 2010-11-06 18:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\AppCompat
2014-02-07 22:12 - 2014-01-16 15:29 - 00000000 ___DC () C:\Program Files (x86)\Avira
2014-02-07 22:12 - 2014-01-09 16:59 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\iolo
2014-02-07 22:12 - 2012-10-19 19:14 - 00000000 ___DC () C:\ProgramData\Avira
2014-02-07 22:12 - 2012-09-07 21:18 - 00000000 __HDC () C:\ProgramData\CanonIJEGV
2014-02-07 22:12 - 2010-09-01 00:09 - 00000000 ___DC () C:\ProgramData\WinClon
2014-02-07 22:11 - 2010-12-12 17:02 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Skype
2014-02-07 22:11 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\registration
2014-02-07 22:08 - 2010-12-06 21:40 - 00000000 _RHDC () C:\MSOCache
2014-02-05 22:31 - 2014-02-05 22:31 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Macromedia
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Mozilla
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-02-04 21:14 - 2014-02-04 21:14 - 00000000 ___DC () C:\Windows\ERUNT
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-02-01 18:24 - 2014-02-01 18:24 - 00090112 ____C () C:\Users\Admin\Desktop\D- Mädchen- Spielplan.xls
2014-01-19 08:33 - 2010-12-07 19:41 - 00270496 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-16 22:06 - 2014-01-09 16:59 - 00000000 ___DC () C:\ProgramData\iolo
2014-01-16 22:05 - 2014-01-16 22:05 - 00003118 ____C () C:\Windows\System32\Tasks\iolo Process Governor
2014-01-16 22:05 - 2014-01-16 22:05 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\ioloGovernor
2014-01-16 22:05 - 2014-01-16 22:05 - 00000000 ___DC () C:\ProgramData\ioloGovernor
2014-01-16 22:05 - 2014-01-09 17:03 - 00001421 ____C () C:\Users\Admin\Desktop\System Mechanic.lnk
2014-01-15 20:02 - 2009-07-14 05:45 - 00438904 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 15:16 - 2014-01-15 13:56 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 15:16 - 2014-01-15 13:56 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 15:16 - 2013-08-14 22:01 - 00000000 ___DC () C:\Windows\system32\MRT
2014-01-15 15:14 - 2010-12-07 17:34 - 86054176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 13:06 - 2014-01-14 13:06 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Check Point Software Technologies LTD
2014-01-14 13:04 - 2014-01-14 13:04 - 00002972 ____C () C:\Windows\System32\Tasks\{4452FA3D-120C-422A-A66D-7682A63E81E3}
2014-01-14 13:01 - 2014-01-14 13:01 - 00943872 ____C () C:\Users\Admin\Downloads\Adobe-Flash-Player-Setup.exe
2014-01-14 11:07 - 2014-01-14 11:07 - 00000000 ___DC () C:\Program Files (x86)\Google
2014-01-14 11:07 - 2014-01-13 11:53 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Google
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-08 14:57
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2014 01
Ran by Admin at 2014-02-13 13:48:58
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
ALDI TALK Verbindungsassistent (x32 Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Amazon Kindle (HKCU Version: - Amazon)
Amazon MP3-Downloader 1.0.9 (x32 Version: - )
Atheros Client Installation Program (x32 Version: 1.0.5.0621 - Atheros)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
Auerswald COMset 2.7.2 (x32 Version: 2.7.2 - Auerswald GmbH & Co.KG)
Avira Free Antivirus (x32 Version: 14.0.2.344 - Avira)
AVM FRITZ!Box Dokumentation (x32 Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (x32 Version: - AVM Berlin)
BatteryLifeExtender (x32 Version: 1.0.5 - Samsung)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Network Adapter (Version: 5.60.48.44 - Broadcom Corporation)
Brother HL-3040CN (x32 Version: 1.00 - Brother)
Brother MFL-Pro Suite MFC-425CN (x32 Version: 1.0.1.0 - Brother Industries, Ltd.)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
Canon Easy-PhotoPrint EX (x32 Version: - )
Canon Easy-WebPrint EX (x32 Version: - )
Canon IJ Network Scan Utility (x32 Version: - )
Canon IJ Network Tool (x32 Version: - )
Canon MG5200 series Benutzerregistrierung (x32 Version: - )
Canon MG5200 series MP Drivers (Version: - )
Canon MP Navigator EX 4.0 (x32 Version: - )
Canon My Printer (x32 Version: - )
Canon Solution Menu EX (x32 Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0329.836.13543 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0329.836.13543 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help English (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help French (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help German (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0329.836.13543 - ATI) Hidden
ccc-utility64 (Version: 2010.0329.836.13543 - ATI) Hidden
CCleaner (Version: 3.23 - Piriform)
CD-LabelPrint (x32 Version: - )
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CVE-2013-3893 (Version: - )
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DivX Codec (x32 Version: 5.1.1 - DivXNetworks, Inc.)
DivX Player (x32 Version: 2.5.3 - DivXNetworks, Inc.)
Easy Display Manager (x32 Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Network Manager (x32 Version: 4.4.1 - Samsung)
Easy SpeedUp Manager (x32 Version: 2.1.0.15 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (x32 Version: 4.0.0.4 - Samsung)
ETDWare PS/2-X64 8.0.7.0_WHQL (Version: 8.0.7.0 - ELAN Microelectronic Corp.)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Free MP3 Cutter and Editor 2.6 (x32 Version: - musetips.com)
FreePDF (Remove only) (x32 Version: - )
GPL Ghostscript (x32 Version: 9.07 - Artifex Software Inc.)
Hauppauge WinTV 7 (x32 Version: v7.0.29302 (CD 2.4d) - Hauppauge Computer Works)
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel® Matrix Storage Manager (Version: - Intel Corporation)
iolo technologies' System Mechanic (x32 Version: 12.5.0 - iolo technologies, LLC)
iSchach Client (x32 Version: - )
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
JRE 1.6.1 (x32 Version: 1.6.1 - Auerswald GmbH & Co.KG)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (x32 Version: 11.24.27.3 - Marvell)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (x32 Version: 3.3.0.1342 - TomTom)
OpenOffice.org 3.4 (x32 Version: 3.4.9590 - OpenOffice.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
QuickTime (x32 Version: - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6176 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (Version: - )
Samsung AnyWeb Print (x32 Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (x32 Version: 1.1.19.0 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (x32 Version: 5.0.0.6 - Samsung)
Samsung Support Center 1.0 (x32 Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (x32 Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (x32 Version: 3.0.1.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype Click to Call (x32 Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SweetIM for Messenger 3.6 (x32 Version: 3.6.0003 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetIM Toolbar for Internet Explorer 4.3 (x32 Version: 4.3.0001 - SweetIM Technologies Ltd.) <==== ATTENTION
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
User Guide (x32 Version: 1.0 - )
Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.8 (x32 Version: 2.0.8 - VideoLAN)
WildTangent Games (x32 Version: 1.0.1.5 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ZoneAlarm Security Toolbar on IE and Chrome (x32 Version: 1.8.11.11 - Check Point Software Technologies LTD)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Restore Points =========================
10-02-2014 10:15:02 Windows-Sicherung
12-02-2014 12:10:25 Windows Update
13-02-2014 11:08:49 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ___AC C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00BEB64F-E24F-473C-9365-EC1A6FC6E26A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {320C56DF-84E9-48F7-8A4E-2C88DDE462B6} - System32\Tasks\{33682CEF-5B67-4FCC-9369-150761E7F3B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1618
Task: {4575AA02-124C-4CBD-AC86-355C01D02EF9} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {59CB789D-CF6B-42B1-B46E-F97BC154750E} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
Task: {6314B01E-A90D-4A61-AB27-C938E744D1A4} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-08-09] (Samsung Electronics Co., Ltd.)
Task: {6B5A75D0-D66E-43EF-8C27-4B06EDE690FB} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {6D42FE76-FE67-448E-BF42-2AABFD17503F} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2014-01-02] (iolo technologies, LLC)
Task: {81E8427D-ADEC-457D-8980-A3B6241B5FB5} - \PC Performer_DEFAULT No Task File
Task: {8F5D96D0-7119-42F6-8A71-8A0806AC49A7} - \PC Performer_UPDATES No Task File
Task: {9CA92E41-C014-418E-A675-506C5522CBF4} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-07-27] (SEC)
Task: {9EC85110-821E-4634-8345-111FD0BA6EB8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {ADB17B23-E301-4D04-8499-EEC695D4E114} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-08-05] (Samsung Electronics)
Task: {D418A444-5912-4689-964C-5FAEB1D83588} - System32\Tasks\{4452FA3D-120C-422A-A66D-7682A63E81E3} => C:\Users\Admin\Downloads\Adobe-Flash-Player-Setup.exe [2014-01-14] ()
Task: {DCE395CF-4395-49B2-BC76-3CCDD1DBF626} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: {DED44D84-DDC2-4B4D-B9D5-BCC933250AD8} - System32\Tasks\{42CE070D-EAD3-428A-B7E7-EDD2C008F8BD} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1618
Task: {F382143A-D4EC-45CC-8F36-AD528839516E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: C:\Windows\Tasks\PC Performer_DEFAULT.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Performer_UPDATES.job => C:\Program Files (x86)\PC Performer\PCPerformer.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-05-18 19:50 - 2013-05-18 19:57 - 00510520 ____C () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
2009-02-12 06:32 - 2009-02-12 06:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-31 23:59 - 2010-08-31 23:59 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-05-18 19:50 - 2013-08-16 13:45 - 00358968 ____C () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2012-01-12 11:23 - 2012-01-12 11:23 - 00018432 ____C () C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2010-09-01 00:07 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2013-11-29 10:29 - 2013-11-29 10:29 - 00026520 ____C () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00082840 ____C () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00344984 ____C () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2010-09-01 00:10 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (02/13/2014 01:37:52 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.165.3912.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.4.0304.00
Quellpfad: 4.4.0304.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (02/13/2014 00:25:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Hauppauge CIR Receiver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error: (02/13/2014 00:25:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/13/2014 00:25:15 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.
Error: (02/13/2014 00:25:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/13/2014 00:25:11 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.
Error: (02/13/2014 00:15:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5.1 unter Windows 7, Vista, Server 2008 und Server 2008 R2 für x64-basierte Systeme (KB2898869)
Error: (02/13/2014 00:14:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5.1 unter Windows 7, Vista, Server 2008 und Server 2008 R2 für x64-basierte Systeme (KB2901126)
Error: (02/12/2014 07:25:19 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/12/2014 07:25:19 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 4060.61 MB
Available physical RAM: 2399.13 MB
Total Pagefile: 10148.79 MB
Available Pagefile: 8338.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:280.1 GB) (Free:161.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 8074A547)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=27)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-02-13 13:42:50
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GJ00 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\aglorpod.sys
---- Threads - GMER 2.1 ----
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2948:2964] 0000000075c97587
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2948:2976] 0000000073997712
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2948:3000] 0000000077772e65
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2948:4680] 0000000077773e85
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2948:1104] 0000000077773e85
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2948:668] 0000000077773e85
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3488:2568] 000007fefb8d2a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3488:3352] 000007feedcf4830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3488:4396] 000007fef92a5124
---- Processes - GMER 2.1 ----
Process C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe (*** suspicious ***) @ C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe [1744](2012-01-12 10:23:20) 0000000001130000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
defogger_disable by jpshortstuff (23.02.10.1) Log created at 12:52 on 13/02/2014 (Admin) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- |
|
13.02.2014, 16:26
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Hi,
__________________ Lesestoff:Warum wir Avira nicht mehr empfehlen Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird diese Toolbar von uns als "schädlich" eingestuft. Mehr Informationen. Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen. Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen. Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
13.02.2014, 17:46
| #3 |
| | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Malwarebytes Anti-Rootkit BETA 1.07.0.1009
__________________www.malwarebytes.org Database version: v2014.02.13.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Admin :: ADMIN-PC [administrator] 13.02.2014 17:00:22 mbar-log-2014-02-13 (17-00-22).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 276759 Time elapsed: 41 minute(s), 17 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
|
13.02.2014, 19:31
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Logs sind in CODE-Tags zu posten Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.02.2014, 22:09
| #5 |
| | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 07/02/2014 um 11:21:50
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Ciuvo
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v27.0 (de)
[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vy0ud23x.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [31678 octets] - [04/02/2014 20:57:10]
AdwCleaner[R1].txt - [1124 octets] - [07/02/2014 11:20:17]
AdwCleaner[S0].txt - [29110 octets] - [04/02/2014 21:00:45]
AdwCleaner[S1].txt - [998 octets] - [07/02/2014 11:21:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1057 octets] ##########
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 13/02/2014 um 19:51:18
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Windows\Tasks\PC Performer_DEFAULT.job
Datei Gelöscht : C:\Windows\Tasks\PC Performer_UPDATES.job
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v
-\\ Google Chrome v
[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [57627 octets] - [04/02/2014 20:57:10]
AdwCleaner[R1].txt - [2231 octets] - [07/02/2014 11:20:17]
AdwCleaner[S0].txt - [52466 octets] - [04/02/2014 21:00:45]
AdwCleaner[S1].txt - [2105 octets] - [07/02/2014 11:21:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2165 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.1 (02.04.2014:1) OS: Windows 7 Home Premium x64 Ran by Admin on 13.02.2014 at 20:04:23,07 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 13.02.2014 at 20:11:33,58 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Admin (administrator) on ADMIN-PC on 13-02-2014 22:07:41
Running from C:\Users\Admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11369576 2010-08-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2586504 2010-08-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\Run: [Adobe Reader Synchronizer] - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [698760 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: E - E:\FSetup.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: F - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {07f834b9-1f13-11e1-83a1-002454de19a2} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {07f834c6-1f13-11e1-83a1-002454de19a2} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f40c1-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f4107-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f4130-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {1620fda4-2988-11e2-83cf-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {1620fe48-2988-11e2-83cf-001e101f7f74} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {244b3c55-2178-11e1-8370-4cedde226fcd} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {25a37d7e-6187-11e1-b279-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e14d-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e15f-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e190-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e19b-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e1ab-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a0f77-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a0ff5-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a1018-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a1027-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {5497a038-44cc-11e2-b233-001e101fe70e} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {5497a04f-44cc-11e2-b233-001e101fe70e} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {9fc37f9d-eb8f-11e2-b1d3-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {aa50d1b7-6f0f-11e2-a9cf-806e6f6e6963} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {ad5d6f15-4b3c-11e1-82ef-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {ad5d6f9d-4b3c-11e1-82ef-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {b3055611-66b6-11e2-9930-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {cb651a38-f569-11e2-b17d-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {f58342a0-9aa9-11e1-88d7-002454de19a2} - D:\.\Setup.exe AUTORUN=1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
SearchScopes: HKCU - DefaultScope {C5DEEA89-9BC1-4B78-8FA0-396C4C484222} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {C5DEEA89-9BC1-4B78-8FA0-396C4C484222} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {CA715ED4-91FF-4F5E-A053-EA79F72CDBD0} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
BHO: Plus-HD-2.6 - {11111111-1111-1111-1111-110311341140} - C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\Admin\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO-x32: W2PBrowser Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR Extension: (Der Schnäppchenfuchs Gutscheinfinder) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\camijhkahcckljhgpgfgglbegedoepda [2014-01-13]
CHR HKLM\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKCU\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Admin\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]
==================== Services (Whitelisted) =================
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-08-16] ()
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
S4 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd)
S4 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [570368 2011-10-27] (Hauppauge Computer Works)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2014-01-02] (iolo technologies, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 WOTUpdater; C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-05-07] (EldoS Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2012-01-19] (Huawei Technologies Co., Ltd.)
S3 ewusbnet; C:\Windows\SysWOW64\DRIVERS\ewusbnet.sys [138752 2013-05-18] (Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2013-05-18] (Huawei Technologies Co., Ltd.)
S3 hcw10bda; C:\Windows\System32\drivers\hcw10bda.sys [641920 2010-12-09] (Hauppauge Computer Works, Inc.)
S2 hcw10cir; C:\Windows\System32\drivers\hcw10cir.sys [46080 2010-05-10] (Hauppauge Computer Works, Inc.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2013-05-18] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-16] (Windows (R) 2003 DDK 3790 provider)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-13 20:11 - 2014-02-13 20:11 - 00000625 ____C () C:\Users\Admin\Desktop\JRT.txt
2014-02-13 17:00 - 2014-02-13 17:44 - 00000000 ___DC () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-13 17:00 - 2014-02-13 17:00 - 00119000 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-13 16:56 - 2014-02-13 17:44 - 00000000 ___DC () C:\Users\Admin\Desktop\mbar
2014-02-13 16:56 - 2014-02-13 16:56 - 00091352 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-13 16:51 - 2014-02-13 16:51 - 12589848 ____C (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.07.0.1009.exe
2014-02-13 13:48 - 2014-02-13 13:49 - 00026671 ____C () C:\Users\Admin\Desktop\Addition.txt
2014-02-13 13:42 - 2014-02-13 13:42 - 00002467 ____C () C:\Users\Admin\Desktop\Gmer.log
2014-02-13 13:00 - 2014-02-13 13:00 - 00380416 ____C () C:\Users\Admin\Desktop\Gmer-19357.exe
2014-02-13 12:54 - 2014-02-13 22:07 - 00016847 ____C () C:\Users\Admin\Desktop\FRST.txt
2014-02-13 12:53 - 2014-02-13 22:07 - 00000000 ___DC () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-02-13 12:52 - 2014-02-13 12:52 - 00000472 ____C () C:\Users\Admin\Desktop\defogger_disable.log
2014-02-13 12:52 - 2014-02-13 12:52 - 00000000 ____C () C:\Users\Admin\defogger_reenable
2014-02-13 12:51 - 2014-02-13 12:51 - 00050477 ____C () C:\Users\Admin\Desktop\Defogger.exe
2014-02-13 12:11 - 2014-02-13 12:11 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 12:10 - 2014-02-13 12:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 12:10 - 2014-02-13 12:11 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 12:10 - 2014-02-13 12:11 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 12:10 - 2014-02-13 12:11 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 13:11 - 2014-02-13 12:16 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 13:11 - 2014-02-13 12:16 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 13:11 - 2014-02-13 12:15 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 13:10 - 2014-02-13 12:14 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-12 13:10 - 2014-02-13 12:14 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-10 21:19 - 2014-02-13 22:07 - 02152960 ____C (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-02-10 18:05 - 2014-02-10 18:05 - 00000335 ____C () C:\Users\Admin\Fixlist.txt
2014-02-10 17:33 - 2014-02-10 17:34 - 01037530 ____C (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-02-10 17:22 - 2014-02-10 17:22 - 01166132 ____C () C:\Users\Admin\Desktop\adwcleaner.exe
2014-02-10 17:05 - 2014-02-10 17:05 - 00001105 ____C () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-10 17:05 - 2014-02-10 17:05 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-10 17:05 - 2013-04-04 14:50 - 00025928 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-10 17:03 - 2014-02-10 17:03 - 10285040 ____C (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-08 22:58 - 2014-02-08 22:58 - 00001912 ____C () C:\Windows\epplauncher.mif
2014-02-08 22:58 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Security Client
2014-02-07 13:02 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files\Microsoft Security Client
2014-02-05 22:31 - 2014-02-05 22:31 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Macromedia
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Mozilla
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-02-04 21:14 - 2014-02-04 21:14 - 00000000 ___DC () C:\Windows\ERUNT
2014-02-04 20:56 - 2014-02-13 19:59 - 00000000 ___DC () C:\AdwCleaner
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-02-04 18:04 - 2014-02-13 22:07 - 00000000 ___DC () C:\FRST
2014-02-01 18:24 - 2014-02-01 18:24 - 00090112 ____C () C:\Users\Admin\Desktop\D- Mädchen- Spielplan.xls
2014-01-16 22:05 - 2014-01-16 22:05 - 00003118 ____C () C:\Windows\System32\Tasks\iolo Process Governor
2014-01-16 22:05 - 2014-01-16 22:05 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\ioloGovernor
2014-01-16 22:05 - 2014-01-16 22:05 - 00000000 ___DC () C:\ProgramData\ioloGovernor
2014-01-16 15:29 - 2014-02-07 22:12 - 00000000 ___DC () C:\Program Files (x86)\Avira
2014-01-16 15:29 - 2013-12-18 09:32 - 00131576 ____C (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-01-16 15:29 - 2013-12-18 09:32 - 00108440 ____C (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-01-16 15:29 - 2013-12-18 09:32 - 00028600 ____C (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-01-15 13:56 - 2014-01-15 15:16 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 13:56 - 2014-01-15 15:16 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00343040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00325120 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00099840 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00030720 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00025600 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 13:56 - 2013-11-27 02:41 - 00007808 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 13:06 - 2014-01-14 13:06 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Check Point Software Technologies LTD
2014-01-14 13:04 - 2014-01-14 13:04 - 00002972 ____C () C:\Windows\System32\Tasks\{4452FA3D-120C-422A-A66D-7682A63E81E3}
2014-01-14 13:01 - 2014-01-14 13:01 - 00943872 ____C () C:\Users\Admin\Downloads\Adobe-Flash-Player-Setup.exe
2014-01-14 11:07 - 2014-01-14 11:07 - 00000000 ___DC () C:\Program Files (x86)\Google
==================== One Month Modified Files and Folders =======
2014-02-13 22:07 - 2014-02-13 12:54 - 00016847 ____C () C:\Users\Admin\Desktop\FRST.txt
2014-02-13 22:07 - 2014-02-13 12:53 - 00000000 ___DC () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-02-13 22:07 - 2014-02-10 21:19 - 02152960 ____C (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-02-13 22:07 - 2014-02-04 18:04 - 00000000 ___DC () C:\FRST
2014-02-13 20:11 - 2014-02-13 20:11 - 00000625 ____C () C:\Users\Admin\Desktop\JRT.txt
2014-02-13 19:59 - 2014-02-04 20:56 - 00000000 ___DC () C:\AdwCleaner
2014-02-13 19:59 - 2009-07-14 05:45 - 00013936 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-13 19:59 - 2009-07-14 05:45 - 00013936 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-13 19:53 - 2012-01-16 13:43 - 00000000 ___DC () C:\Users\Admin\Desktop\Kurzfristige Datei
2014-02-13 19:52 - 2012-10-04 10:25 - 00039572 ____C () C:\Windows\setupact.log
2014-02-13 19:52 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-02-13 19:51 - 2010-09-01 00:01 - 01321064 ____C () C:\Windows\WindowsUpdate.log
2014-02-13 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 18:06 - 2012-01-02 15:34 - 00003930 ____C () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EA6C763E-97F2-4220-93F2-531FCE4ABB8C}
2014-02-13 17:44 - 2014-02-13 17:00 - 00000000 ___DC () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-13 17:44 - 2014-02-13 16:56 - 00000000 ___DC () C:\Users\Admin\Desktop\mbar
2014-02-13 17:00 - 2014-02-13 17:00 - 00119000 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-13 16:56 - 2014-02-13 16:56 - 00091352 ____C (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-13 16:51 - 2014-02-13 16:51 - 12589848 ____C (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.07.0.1009.exe
2014-02-13 13:49 - 2014-02-13 13:48 - 00026671 ____C () C:\Users\Admin\Desktop\Addition.txt
2014-02-13 13:42 - 2014-02-13 13:42 - 00002467 ____C () C:\Users\Admin\Desktop\Gmer.log
2014-02-13 13:00 - 2014-02-13 13:00 - 00380416 ____C () C:\Users\Admin\Desktop\Gmer-19357.exe
2014-02-13 12:52 - 2014-02-13 12:52 - 00000472 ____C () C:\Users\Admin\Desktop\defogger_disable.log
2014-02-13 12:52 - 2014-02-13 12:52 - 00000000 ____C () C:\Users\Admin\defogger_reenable
2014-02-13 12:52 - 2010-10-28 15:35 - 00000000 ___DC () C:\Users\Admin
2014-02-13 12:51 - 2014-02-13 12:51 - 00050477 ____C () C:\Users\Admin\Desktop\Defogger.exe
2014-02-13 12:24 - 2012-10-10 20:16 - 00320262 ____C () C:\Windows\PFRO.log
2014-02-13 12:17 - 2011-08-19 14:49 - 00000000 ___DC () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-13 12:17 - 2011-08-19 14:49 - 00000000 ___DC () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-13 12:16 - 2014-02-12 13:11 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 12:16 - 2014-02-12 13:11 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 12:15 - 2014-02-12 13:11 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 12:14 - 2014-02-12 13:10 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-13 12:14 - 2014-02-12 13:10 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 12:12 - 2009-07-14 03:34 - 00000478 ____C () C:\Windows\win.ini
2014-02-13 12:11 - 2014-02-13 12:11 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 12:11 - 2014-02-13 12:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 12:11 - 2014-02-13 12:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 12:11 - 2014-02-13 12:10 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 12:11 - 2014-02-13 12:10 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 15:31 - 2010-10-28 15:37 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Adobe
2014-02-10 18:05 - 2014-02-10 18:05 - 00000335 ____C () C:\Users\Admin\Fixlist.txt
2014-02-10 17:34 - 2014-02-10 17:33 - 01037530 ____C (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-02-10 17:25 - 2012-07-04 21:38 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-02-10 17:22 - 2014-02-10 17:22 - 01166132 ____C () C:\Users\Admin\Desktop\adwcleaner.exe
2014-02-10 17:05 - 2014-02-10 17:05 - 00001105 ____C () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-10 17:05 - 2014-02-10 17:05 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-10 17:03 - 2014-02-10 17:03 - 10285040 ____C (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-10 13:13 - 2010-09-01 05:23 - 00700134 ____C () C:\Windows\system32\perfh007.dat
2014-02-10 13:13 - 2010-09-01 05:23 - 00149984 ____C () C:\Windows\system32\perfc007.dat
2014-02-10 13:13 - 2009-07-14 06:13 - 01622236 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-02-10 12:45 - 2010-10-28 15:35 - 00000000 _SHDC () C:\Recovery
2014-02-08 22:58 - 2014-02-08 22:58 - 00001912 ____C () C:\Windows\epplauncher.mif
2014-02-08 22:58 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Security Client
2014-02-08 22:58 - 2014-02-07 13:02 - 00000000 ___DC () C:\Program Files\Microsoft Security Client
2014-02-07 22:20 - 2010-12-08 17:12 - 00000000 ___DC () C:\Users\Admin\AppData\Local\CrashDumps
2014-02-07 22:13 - 2011-11-12 11:13 - 00000000 ___DC () C:\Windows\system32\Macromed
2014-02-07 22:13 - 2010-11-06 18:36 - 00000000 ___DC () C:\Users\Gast
2014-02-07 22:13 - 2010-11-06 18:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\AppCompat
2014-02-07 22:12 - 2014-01-16 15:29 - 00000000 ___DC () C:\Program Files (x86)\Avira
2014-02-07 22:12 - 2014-01-09 16:59 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\iolo
2014-02-07 22:12 - 2012-10-19 19:14 - 00000000 ___DC () C:\ProgramData\Avira
2014-02-07 22:12 - 2012-09-07 21:18 - 00000000 __HDC () C:\ProgramData\CanonIJEGV
2014-02-07 22:12 - 2010-09-01 00:09 - 00000000 ___DC () C:\ProgramData\WinClon
2014-02-07 22:11 - 2010-12-12 17:02 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Skype
2014-02-07 22:11 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\registration
2014-02-07 22:08 - 2010-12-06 21:40 - 00000000 _RHDC () C:\MSOCache
2014-02-05 22:31 - 2014-02-05 22:31 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Macromedia
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Mozilla
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-02-04 21:14 - 2014-02-04 21:14 - 00000000 ___DC () C:\Windows\ERUNT
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-02-01 18:24 - 2014-02-01 18:24 - 00090112 ____C () C:\Users\Admin\Desktop\D- Mädchen- Spielplan.xls
2014-01-19 08:33 - 2010-12-07 19:41 - 00270496 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-16 22:06 - 2014-01-09 16:59 - 00000000 ___DC () C:\ProgramData\iolo
2014-01-16 22:05 - 2014-01-16 22:05 - 00003118 ____C () C:\Windows\System32\Tasks\iolo Process Governor
2014-01-16 22:05 - 2014-01-16 22:05 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\ioloGovernor
2014-01-16 22:05 - 2014-01-16 22:05 - 00000000 ___DC () C:\ProgramData\ioloGovernor
2014-01-16 22:05 - 2014-01-09 17:03 - 00001421 ____C () C:\Users\Admin\Desktop\System Mechanic.lnk
2014-01-15 20:02 - 2009-07-14 05:45 - 00438904 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 15:16 - 2014-01-15 13:56 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 15:16 - 2014-01-15 13:56 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 15:16 - 2013-08-14 22:01 - 00000000 ___DC () C:\Windows\system32\MRT
2014-01-15 15:14 - 2010-12-07 17:34 - 86054176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 13:06 - 2014-01-14 13:06 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Check Point Software Technologies LTD
2014-01-14 13:04 - 2014-01-14 13:04 - 00002972 ____C () C:\Windows\System32\Tasks\{4452FA3D-120C-422A-A66D-7682A63E81E3}
2014-01-14 13:01 - 2014-01-14 13:01 - 00943872 ____C () C:\Users\Admin\Downloads\Adobe-Flash-Player-Setup.exe
2014-01-14 11:07 - 2014-01-14 11:07 - 00000000 ___DC () C:\Program Files (x86)\Google
2014-01-14 11:07 - 2014-01-13 11:53 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Google
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-08 14:57
==================== End Of Log ============================
--- --- --- |
|
14.02.2014, 00:26
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ --> Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll |
|
14.02.2014, 12:49
| #7 |
| | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dllCode:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.14.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Admin :: ADMIN-PC [Administrator] Schutz: Deaktiviert 14.02.2014 12:40:54 mbam-log-2014-02-14 (12-40-54).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 253978 Laufzeit: 6 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
14.02.2014, 14:23
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Was ist mit ESET?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.02.2014, 14:28
| #9 |
| | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Habe da leider ein Problem mit. Beim Punkt Initialization kommt Fehlermeldung "Unexeptec Error 101". Windows hat auch Update für mich die bei der Installation fehlschlagen. Und die Fehlermeldung ...BackgroundContainer.dll ist auch noch da. Was mache ich nur falsch.  |
|
14.02.2014, 14:32
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll ESET runterladen, per Rechtsklick als Admin starten Erst ESET danach kümmern wir uns um den Rest und nicht alles auf einmal
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.02.2014, 14:38
| #11 |
| | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Habe ich gemacht. Trotzdem kommt diese Fehlermeldung.  |
|
14.02.2014, 14:43
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Versuch mal ESET mit einem neu anlegten Windows-Bentuzer mit Adminrechten zu starten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.02.2014, 14:55
| #13 |
| | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Leider auch ohne Erfolg. Gleiche Fehlermeldung. |
|
14.02.2014, 15:28
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll Probier mal => http://www.trojaner-board.de/126216-...tml#post946713
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.02.2014, 21:33
| #15 |
| | Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dllCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
DLL:pipe not connected. attempts=120
DLL:pipe not connected. attempts=120
ESETSmartInstaller@High as downloader log:
all ok
DLL:pipe not connected. attempts=120
DLL:pipe not connected. attempts=120
ESETSmartInstaller@High as downloader log:
all ok
DLL:pipe not connected. attempts=120
ESETSmartInstaller@High as downloader log:
all ok
DLL:pipe not connected. attempts=120
ESETSmartInstaller@High as downloader log:
all ok
DLL:pipe not connected. attempts=120
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=05e7c2aef1350f46941b3f74bcd0dd04
# engine=17078
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-14 07:30:41
# local_time=2014-02-14 08:30:41 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 513086 144036091 0 0
# scanned=299703
# found=2
# cleaned=0
# scan_time=11922
sh=6AB7FFCF3B16FF7E8A14B5E64DA541260C378270 ft=1 fh=b520ce2e828012f2 vn="a variant of Generik.LZASPBQ trojan" ac=I fn="C:\Program Files (x86)\iSchach\update.exe"
sh=D7773253DA0BBC461779141BF4C6F9398CA98268 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus" ac=I fn="C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G5XRMNZS\afterdownload[1].htm"
|
|
| Themen zu Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll |
| appdata, avira, backgroundcontainer, beim starten, branding, canon, control, feature, file, funktioniert, gen, hochfahren, kein update, laufwerk, leeren, meldungen, papierkorb, please, problem, probleme, scan, schonmal, setup, starten, systemwiederherstellung, update, updaten, virenscan, wildtangent games, win |
Linear-Darstellung
