|
Plagegeister aller Art und deren Bekämpfung: Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-(Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
27.02.2014, 14:45 | #1 |
| Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Hallo Ihr Lieben! Nach meiner letzten Aktion hier habe ich alles so gemacht, wie man es mir gesagt hat. Aber scheinbar reicht der Schutz nicht aus, denn ich habe schon wieder Malware auf meinem PC. Leider legt Malware (ADW-Cleaner) meinen Rechner lahm, so dass ich dieses Programm nicht nutzen kann. Was kann ich tun um 1.) den neuen Befall wieder zu entfernen und 2.) zu verhindern, dass das immer wieder passiert? Vielen Dank für euer Feedback und liebe Grüße Claudia P.S.: hier schon mal die aktuellsten FRST-Files: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-02-2014 01 Ran by VM (administrator) on CK-PC on 26-02-2014 22:55:36 Running from C:\Users\VM\Downloads Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Agere Systems) C:\Windows\system32\agrsmsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (Acer Incorporated) C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe () C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe (CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe () C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe (Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe (Acer Inc.) C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (sonix) C:\Windows\PLFSetL.exe (Teruten) C:\Windows\system32\FsUsbExService.Exe () C:\Windows\PLFSetI.exe () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe () C:\Program Files\Lexmark Pro700 Series\ezprint.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe () C:\Program Files\Lexmark Pro700 Series\lxeemon.exe ( ) C:\Windows\system32\lxeecoms.exe () C:\Acer\Mobility Center\MobilityService.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Prolific Technology Inc.) C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\Cyberlink\Shared files\RichVideo.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe (Uniblue) C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Conduit) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Conduit) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe (Conduit) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe () C:\Program Files\DivX\DivX Update\DivXUpdate.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Samsung) C:\Program Files\Samsung\Kies\Kies.exe (Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe () C:\Program Files\PdaNet for Android\PdaNetPC.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Realtek Semiconductor Corp.) C:\Users\VM\AppData\Local\Temp\RtkBtMnt.exe (Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE () C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2012-10-12] (Synaptics Incorporated) HKLM\...\Run: [eAudio] - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-05-30] (Acer Incorporated) HKLM\...\Run: [ArcadeDeluxeAgent] - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-07-24] (CyberLink Corp.) HKLM\...\Run: [] - [X] HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468296 2009-06-01] (Microsoft Corporation) HKLM\...\Run: [Lexmark Pro700 Series Fax Server] - C:\Program Files\Lexmark Pro700 Series\fm3032.exe [316072 2011-01-23] () HKLM\...\Run: [eDataSecurity Loader] - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-07-29] (Egis Incorporated) HKLM\...\Run: [ePower_DMC] - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [405504 2008-08-01] (Acer Inc.) HKLM\...\Run: [PLFSetL] - C:\Windows\PLFSetL.exe [94208 2011-01-22] (sonix) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-06-30] () HKLM\...\Run: [EzPrint] - C:\Program Files\Lexmark Pro700 Series\ezprint.exe [139944 2010-01-18] () HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation) HKLM\...\Run: [CLMLServer] - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [167936 2008-07-24] (CyberLink) HKLM\...\Run: [lxeemon.exe] - C:\Program Files\Lexmark Pro700 Series\lxeemon.exe [770728 2011-01-23] () HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [1115728 2009-12-15] (Dritek System Inc.) HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC) HKLM\...\Run: [LexwareInfoService] - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-11] (AVAST Software) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2011-11-04] (Realtek Semiconductor) HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] () HKLM\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\a1a8ec55-0e6b-4016-9ca9-50541e955cd6.exe /check [181136 2014-02-25] (AVAST Software) Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\MountPoints2: {b2eaf739-9ee3-11df-9989-001e331dd3dc} - E:\autorun.exe AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1047328 2014-02-06] (Conduit) Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter Startup: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) Startup: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files\PdaNet for Android\PdaNetPC.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&ts=1393446616&type=default&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&ts=1393446616&type=default&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&q={searchTerms} URLSearchHook: HKLM - DivX Browser Bar DE Toolbar - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - C:\Program Files\DivX_Browser_Bar_DE\prxtbDivX.dll (Conduit Ltd.) URLSearchHook: HKCU - DivX Browser Bar DE Toolbar - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - C:\Program Files\DivX_Browser_Bar_DE\prxtbDivX.dll (Conduit Ltd.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&q={searchTerms} SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&q={searchTerms} SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&ts=1393446616&type=default&q={searchTerms} SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN74997711731598104&UM=2&UP=SP8D9D1A74-C8E2-4EB2-AE1B-DBDB5ECA66BD&SSPV= SearchScopes: HKCU - {044E407F-3E01-4F96-9C08-D0B560E704B9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN74997711731598104&UM=2 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&ts=1393446616&type=default&q={searchTerms} SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () BHO: MediaPlayerEnhance - {11111111-1111-1111-1111-110411411150} - C:\Program Files\MediaPlayerEnhance\MediaPlayerEnhance-bho.dll (Feven) BHO: Feven Pro 1.2 - {11111111-1111-1111-1111-110511161182} - C:\Program Files\Feven Pro 1.2\Feven Pro 1.2-bho.dll (Feven) BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited) BHO: DivX Browser Bar DE Toolbar - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - C:\Program Files\DivX_Browser_Bar_DE\prxtbDivX.dll (Conduit Ltd.) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKLM - DivX Browser Bar DE Toolbar - {6dad39c6-f4ac-4984-8e9b-f666269b9eb1} - C:\Program Files\DivX_Browser_Bar_DE\prxtbDivX.dll (Conduit Ltd.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File Toolbar: HKCU - DivX Browser Bar DE Toolbar - {6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} - C:\Program Files\DivX_Browser_Bar_DE\prxtbDivX.dll (Conduit Ltd.) DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: haufereader - No CLSID Value - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 217.0.43.49 217.0.43.33 192.168.1.1 Chrome: ======= CHR HomePage: https://www.google.de/webhp?sourceid=chrome-instant&espv=210&ie=UTF-8 CHR Extension: (Feven Pro 1.2) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [2014-02-26] CHR Extension: (avast! Online Security) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-25] CHR Extension: (Lightning Newtab) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-02-26] CHR Extension: (Freemake Video Converter) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-06-08] CHR Extension: (Google Wallet) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31] CHR Extension: (Extended Protection) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26] CHR Extension: (Quick Start) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-02-26] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-25] CHR HKLM\...\Chrome\Extension: [hkoahcaobjbihehldfimhblmhgalcipm] - C:\Users\VM\AppData\Local\CRE\hkoahcaobjbihehldfimhblmhgalcipm.crx [2014-02-06] CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-08] CHR HKLM\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-26] CHR HKCU\...\Chrome\Extension: [hkoahcaobjbihehldfimhblmhgalcipm] - C:\Users\VM\AppData\Local\CRE\hkoahcaobjbihehldfimhblmhgalcipm.crx [2014-02-06] CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&ts=1393446616 ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-11] (AVAST Software) R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2360608 2014-02-06] (Conduit) R2 DeviceManager; C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe [40960 2009-05-25] () S3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [406016 2009-08-24] (mst software GmbH, Germany) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-06-02] () R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-02-20] (Cherished Technololgy LIMITED) R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3520512 2009-06-14] () S2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe [193192 2010-04-14] (Lexmark International, Inc.) R2 lxee_device; C:\Windows\system32\lxeecoms.exe [598696 2010-04-14] ( ) R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG) R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) R2 NewPlayerUpdaterService; C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-02-25] () R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () R2 PLFlash DeviceIoControl Service; C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-08-29] (Prolific Technology Inc.) R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] () R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-07-19] (Acer Incorporated) R2 Uniblue DiskRescue; C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe [229648 2008-09-10] (Uniblue) R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.) R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED) ==================== Drivers (Whitelisted) ==================== R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2009-06-14] (Alfa Corporation) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-02-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-02-11] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-02-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-02-11] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-02-11] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-10] () R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [28048 2010-02-05] (CSR, plc) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2010-01-01] (Elaborate Bytes AG) R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-10-30] () R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [62496 2011-11-04] (ITE Tech. Inc. ) R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [54824 2012-10-12] (Atheros Communications, Inc.) R3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [7346176 2012-10-12] (Intel Corporation) S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation) R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [15248 2012-10-12] (PenMount) S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [103552 2009-05-25] (TCT International Mobile Ltd) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [23608 2012-10-12] (Synaptics Incorporated) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1759744 2011-01-22] () R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-10-16] (Avira GmbH) R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2009-09-01] () R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-07-18] (Cyberlink Corp.) S2 Aspi32; No ImagePath S1 DritekPortIO; No ImagePath S3 esgiguard; No ImagePath S3 IpInIp; No ImagePath S3 NwlnkFlt; No ImagePath S3 NwlnkFwd; No ImagePath S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 S6U12Scanner; system32\drivers\usbscan.sys [X] S3 usbscan; system32\DRIVERS\usbscan.sys [X] U5 usbser; C:\Windows\System32\Drivers\usbser.sys [27648 2009-04-11] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-26 22:52 - 2014-02-26 22:54 - 00064870 _____ () C:\Users\VM\Downloads\Addition.txt 2014-02-26 22:50 - 2014-02-26 22:55 - 00028677 _____ () C:\Users\VM\Downloads\FRST.txt 2014-02-26 22:49 - 2014-02-26 22:55 - 00000000 ____D () C:\FRST 2014-02-26 22:49 - 2014-02-26 22:49 - 01143808 _____ (Farbar) C:\Users\VM\Downloads\FRST.exe 2014-02-26 21:31 - 2014-02-26 21:31 - 00000000 ____D () C:\Users\VM\AppData\Roaming\WinZipper 2014-02-26 21:31 - 2014-02-26 21:31 - 00000000 ____D () C:\Program Files\WinZipper 2014-02-26 21:29 - 2014-02-26 21:29 - 00000000 ____D () C:\Users\VM\AppData\Local\Tuguu_SL 2014-02-26 21:28 - 2014-02-26 21:30 - 00000000 ____D () C:\ProgramData\WPM 2014-02-26 21:28 - 2014-02-26 21:28 - 00002386 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00002262 _____ () C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001598 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001554 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001502 _____ () C:\Windows\Tasks\Feven Pro 1.2-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001458 _____ () C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001452 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001356 _____ () C:\Windows\Tasks\Feven Pro 1.2-enabler.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\Users\VM\AppData\Roaming\SupTab 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\Users\VM\AppData\Roaming\awesomehp 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\Users\VM\AppData\Local\newplayer 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\ProgramData\IePluginService 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\Program Files\SupTab 2014-02-26 21:27 - 2014-02-26 21:28 - 00000000 ____D () C:\Program Files\NewPlayer 2014-02-26 21:27 - 2014-02-26 21:28 - 00000000 ____D () C:\Program Files\MediaPlayerEnhance 2014-02-26 21:27 - 2014-02-26 21:28 - 00000000 ____D () C:\Program Files\Feven Pro 1.2 2014-02-26 21:27 - 2014-02-26 21:27 - 00003102 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003082 _____ () C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job 2014-02-26 13:49 - 2014-02-26 13:49 - 00318168 _____ () C:\Users\VM\Downloads\Setup.exe 2014-02-23 21:36 - 2014-02-23 21:39 - 77293203 _____ () C:\Users\VM\Downloads\kapitel-10-bis-13_schlankr-das-hoerbuch.zip 2014-02-23 15:39 - 2014-02-23 15:39 - 00000535 _____ () C:\Users\VM\Desktop\Eigene Bilder.lnk 2014-02-19 12:42 - 2014-02-19 12:44 - 56142402 _____ () C:\Users\VM\Downloads\kapitel-1-bis-3_schlankr-das-hoerbuch.zip 2014-02-17 12:55 - 2014-02-17 12:55 - 00000000 ____D () C:\Program Files\Lame For Audacity 2014-02-17 12:54 - 2014-02-17 12:54 - 00527423 _____ ( ) C:\Users\VM\Downloads\Lame_v3.99.3_for_Windows.exe 2014-02-17 09:53 - 2014-02-26 15:57 - 00000000 ____D () C:\Users\VM\AppData\Roaming\Audacity 2014-02-17 09:53 - 2014-02-17 09:53 - 00000768 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-02-17 09:53 - 2014-02-17 09:53 - 00000000 ____D () C:\Program Files\Audacity 2014-02-17 09:48 - 2014-02-17 09:49 - 22180353 _____ (Audacity Team ) C:\Users\VM\Downloads\audacity-win-2.0.5.exe 2014-02-16 21:14 - 2014-02-16 21:16 - 09185340 _____ () C:\Users\VM\Downloads\anna_coogan-_'streamers'_--_official_music_video_480x270.mp4 2014-02-16 10:28 - 2014-02-16 10:28 - 01883792 _____ (Irfan Skiljan) C:\Users\VM\Downloads\iview437_setup.exe 2014-02-16 10:12 - 2014-02-16 10:12 - 00000000 ____D () C:\Windows\system32\SearchProtect 2014-02-15 22:42 - 2014-02-16 10:14 - 00000000 ____D () C:\Users\VM\AppData\Local\SearchProtect 2014-02-15 22:42 - 2014-02-15 22:42 - 00000000 ____D () C:\Program Files\DivX_Browser_Bar_DE 2014-02-15 22:42 - 2014-02-15 22:42 - 00000000 ____D () C:\Program Files\Conduit 2014-02-15 22:40 - 2014-02-16 10:14 - 00000000 ____D () C:\Program Files\SearchProtect 2014-02-15 22:40 - 2014-02-15 22:42 - 00000000 ____D () C:\Users\VM\AppData\Local\Conduit 2014-02-15 22:40 - 2014-02-15 22:40 - 00000000 ____D () C:\Users\VM\AppData\Local\NativeMessaging 2014-02-15 22:40 - 2014-02-15 22:40 - 00000000 ____D () C:\Users\VM\AppData\Local\CRE 2014-02-15 22:39 - 2014-02-15 22:42 - 00000000 ____D () C:\ProgramData\Conduit 2014-02-14 10:12 - 2014-02-14 10:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2964e3a8dcf8.job 2014-02-13 10:01 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-13 10:01 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-13 10:01 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-13 10:01 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-13 10:01 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-13 10:01 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-13 10:01 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-13 10:01 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-13 10:01 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-13 10:01 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-13 10:01 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-02-13 10:01 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-13 09:59 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-13 09:55 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-02-13 09:54 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-02-13 09:54 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-02-13 09:54 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-02-13 09:53 - 2014-02-13 09:54 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-02-13 08:34 - 2014-02-13 08:35 - 00001053 _____ () C:\DelFix.txt 2014-02-12 15:21 - 2014-02-12 15:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-02-11 22:32 - 2014-02-11 22:32 - 00002111 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-02-11 22:32 - 2014-02-11 22:32 - 00001008 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2014-02-11 22:28 - 2014-02-11 22:28 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\VM\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe 2014-02-11 18:33 - 2014-02-11 18:33 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-02-11 18:32 - 2014-02-11 18:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95.exe 2014-02-07 18:28 - 2014-02-07 19:22 - 00000000 ____D () C:\Users\VM\Desktop\Spanisch 2014-02-05 23:05 - 2014-02-26 21:25 - 00000000 _____ () C:\END 2014-01-29 09:26 - 2014-01-29 09:26 - 00140304 _____ () C:\Windows\Minidump\Mini012914-01.dmp 2014-01-28 09:44 - 2014-01-28 09:44 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CK-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-bit).dat 2014-01-28 09:43 - 2014-01-28 09:43 - 00000000 ____D () C:\RegBackup 2014-01-28 08:25 - 2014-01-28 08:26 - 02903255 _____ () C:\Users\VM\Downloads\tweaking.com_windows_repair_aio (2).zip 2014-01-28 08:25 - 2014-01-28 08:25 - 02903255 _____ () C:\Users\VM\Downloads\tweaking.com_windows_repair_aio (1).zip 2014-01-28 08:02 - 2014-01-28 08:02 - 02903255 _____ () C:\Users\VM\Downloads\tweaking.com_windows_repair_aio.zip 2014-01-27 10:33 - 2014-01-27 10:33 - 00140112 _____ () C:\Windows\Minidump\Mini012714-01.dmp ==================== One Month Modified Files and Folders ======= 2014-02-26 22:55 - 2014-02-26 22:50 - 00028677 _____ () C:\Users\VM\Downloads\FRST.txt 2014-02-26 22:55 - 2014-02-26 22:49 - 00000000 ____D () C:\FRST 2014-02-26 22:54 - 2014-02-26 22:52 - 00064870 _____ () C:\Users\VM\Downloads\Addition.txt 2014-02-26 22:49 - 2014-02-26 22:49 - 01143808 _____ (Farbar) C:\Users\VM\Downloads\FRST.exe 2014-02-26 22:49 - 2009-06-14 07:52 - 01205705 _____ () C:\Windows\WindowsUpdate.log 2014-02-26 21:31 - 2014-02-26 21:31 - 00000000 ____D () C:\Users\VM\AppData\Roaming\WinZipper 2014-02-26 21:31 - 2014-02-26 21:31 - 00000000 ____D () C:\Program Files\WinZipper 2014-02-26 21:30 - 2014-02-26 21:28 - 00000000 ____D () C:\ProgramData\WPM 2014-02-26 21:29 - 2014-02-26 21:29 - 00000000 ____D () C:\Users\VM\AppData\Local\Tuguu_SL 2014-02-26 21:28 - 2014-02-26 21:28 - 00002386 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00002262 _____ () C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001598 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001554 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001502 _____ () C:\Windows\Tasks\Feven Pro 1.2-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001458 _____ () C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001452 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001356 _____ () C:\Windows\Tasks\Feven Pro 1.2-enabler.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\Users\VM\AppData\Roaming\SupTab 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\Users\VM\AppData\Roaming\awesomehp 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\Users\VM\AppData\Local\newplayer 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\ProgramData\IePluginService 2014-02-26 21:28 - 2014-02-26 21:28 - 00000000 ____D () C:\Program Files\SupTab 2014-02-26 21:28 - 2014-02-26 21:27 - 00000000 ____D () C:\Program Files\NewPlayer 2014-02-26 21:28 - 2014-02-26 21:27 - 00000000 ____D () C:\Program Files\MediaPlayerEnhance 2014-02-26 21:28 - 2014-02-26 21:27 - 00000000 ____D () C:\Program Files\Feven Pro 1.2 2014-02-26 21:28 - 2009-06-28 17:19 - 00001169 _____ () C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-26 21:27 - 2014-02-26 21:27 - 00003102 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003082 _____ () C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job 2014-02-26 21:25 - 2014-02-05 23:05 - 00000000 _____ () C:\END 2014-02-26 21:00 - 2006-11-02 13:47 - 00003344 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-26 21:00 - 2006-11-02 13:47 - 00003344 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-26 15:57 - 2014-02-17 09:53 - 00000000 ____D () C:\Users\VM\AppData\Roaming\Audacity 2014-02-26 15:57 - 2009-06-28 17:16 - 00000000 ____D () C:\Users\VM 2014-02-26 15:32 - 2010-03-07 20:31 - 00000000 ____D () C:\ProgramData\Lx_cats 2014-02-26 13:49 - 2014-02-26 13:49 - 00318168 _____ () C:\Users\VM\Downloads\Setup.exe 2014-02-26 03:13 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-02-26 03:03 - 2008-01-21 08:16 - 01549904 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-25 12:37 - 2010-03-07 20:25 - 00228179 _____ () C:\ProgramData\lxeescan.log 2014-02-25 12:36 - 2009-02-02 13:15 - 00000147 _____ () C:\Windows\system32\agent.log 2014-02-25 12:35 - 2013-12-21 21:48 - 01931100 _____ () C:\Windows\PFRO.log 2014-02-24 00:50 - 2014-01-17 23:16 - 00000000 ____D () C:\Users\VM\Desktop\Mallorca 2014-02-23 21:39 - 2014-02-23 21:36 - 77293203 _____ () C:\Users\VM\Downloads\kapitel-10-bis-13_schlankr-das-hoerbuch.zip 2014-02-23 19:49 - 2014-01-05 22:37 - 00000000 ____D () C:\Users\VM\Desktop\Handybilder 2014-02-23 15:39 - 2014-02-23 15:39 - 00000535 _____ () C:\Users\VM\Desktop\Eigene Bilder.lnk 2014-02-23 06:24 - 2009-07-02 00:19 - 00010652 _____ () C:\Windows\bthservsdp.dat 2014-02-19 12:44 - 2014-02-19 12:42 - 56142402 _____ () C:\Users\VM\Downloads\kapitel-1-bis-3_schlankr-das-hoerbuch.zip 2014-02-18 22:21 - 2010-03-07 21:06 - 00409444 _____ () C:\ProgramData\lxeeJSW.log 2014-02-17 12:55 - 2014-02-17 12:55 - 00000000 ____D () C:\Program Files\Lame For Audacity 2014-02-17 12:54 - 2014-02-17 12:54 - 00527423 _____ ( ) C:\Users\VM\Downloads\Lame_v3.99.3_for_Windows.exe 2014-02-17 09:53 - 2014-02-17 09:53 - 00000768 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-02-17 09:53 - 2014-02-17 09:53 - 00000000 ____D () C:\Program Files\Audacity 2014-02-17 09:49 - 2014-02-17 09:48 - 22180353 _____ (Audacity Team ) C:\Users\VM\Downloads\audacity-win-2.0.5.exe 2014-02-16 21:16 - 2014-02-16 21:14 - 09185340 _____ () C:\Users\VM\Downloads\anna_coogan-_'streamers'_--_official_music_video_480x270.mp4 2014-02-16 18:29 - 2009-06-28 22:44 - 00000000 ____D () C:\Users\VM\AppData\Local\Adobe 2014-02-16 10:28 - 2014-02-16 10:28 - 01883792 _____ (Irfan Skiljan) C:\Users\VM\Downloads\iview437_setup.exe 2014-02-16 10:14 - 2014-02-15 22:42 - 00000000 ____D () C:\Users\VM\AppData\Local\SearchProtect 2014-02-16 10:14 - 2014-02-15 22:40 - 00000000 ____D () C:\Program Files\SearchProtect 2014-02-16 10:12 - 2014-02-16 10:12 - 00000000 ____D () C:\Windows\system32\SearchProtect 2014-02-15 22:45 - 2013-07-22 20:54 - 00000000 ____D () C:\Program Files\DivX 2014-02-15 22:45 - 2013-07-22 20:53 - 00000000 ____D () C:\ProgramData\DivX 2014-02-15 22:42 - 2014-02-15 22:42 - 00000000 ____D () C:\Program Files\DivX_Browser_Bar_DE 2014-02-15 22:42 - 2014-02-15 22:42 - 00000000 ____D () C:\Program Files\Conduit 2014-02-15 22:42 - 2014-02-15 22:40 - 00000000 ____D () C:\Users\VM\AppData\Local\Conduit 2014-02-15 22:42 - 2014-02-15 22:39 - 00000000 ____D () C:\ProgramData\Conduit 2014-02-15 22:41 - 2013-07-22 21:03 - 00000000 ____D () C:\Users\VM\AppData\Roaming\DivX 2014-02-15 22:40 - 2014-02-15 22:40 - 00000000 ____D () C:\Users\VM\AppData\Local\NativeMessaging 2014-02-15 22:40 - 2014-02-15 22:40 - 00000000 ____D () C:\Users\VM\AppData\Local\CRE 2014-02-14 10:12 - 2014-02-14 10:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2964e3a8dcf8.job 2014-02-13 10:48 - 2009-02-02 12:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-13 10:26 - 2013-07-22 23:17 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-13 10:18 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-02-13 10:03 - 2006-11-02 11:23 - 00000301 _____ () C:\Windows\win.ini 2014-02-13 09:56 - 2013-11-08 21:03 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-13 09:54 - 2014-02-13 09:53 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-02-13 09:54 - 2009-07-01 20:12 - 00000000 ____D () C:\Program Files\Java 2014-02-13 08:35 - 2014-02-13 08:34 - 00001053 _____ () C:\DelFix.txt 2014-02-13 08:34 - 2013-07-23 22:55 - 00000000 ____D () C:\Windows\ERUNT 2014-02-13 08:31 - 2009-06-28 21:34 - 00000000 ____D () C:\Program Files\eBay 2014-02-13 08:31 - 2009-02-02 12:17 - 00000000 ____D () C:\Program Files\InstallShield Installation Information 2014-02-12 15:21 - 2014-02-12 15:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-02-12 15:21 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-02-11 22:33 - 2011-05-29 22:14 - 00000000 ____D () C:\Program Files\DVDVideoSoft 2014-02-11 22:32 - 2014-02-11 22:32 - 00002111 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-02-11 22:32 - 2014-02-11 22:32 - 00001008 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2014-02-11 22:32 - 2011-08-26 14:10 - 00000000 ____D () C:\Users\VM\AppData\Roaming\DVDVideoSoft 2014-02-11 22:32 - 2011-05-29 22:14 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2014-02-11 22:28 - 2014-02-11 22:28 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\VM\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe 2014-02-11 20:39 - 2010-01-20 22:45 - 00000000 ____D () C:\Users\Public\TVgenial 2014-02-11 18:33 - 2014-02-11 18:33 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-02-11 18:32 - 2014-02-11 18:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95.exe 2014-02-11 12:32 - 2013-12-25 14:49 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job 2014-02-11 12:31 - 2013-12-25 14:43 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-11 12:31 - 2013-12-25 14:43 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys 2014-02-11 12:31 - 2013-12-25 14:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-09 03:00 - 2011-02-07 20:19 - 00008592 _____ () C:\Users\VM\AppData\Local\d3d9caps.dat 2014-02-07 19:22 - 2014-02-07 18:28 - 00000000 ____D () C:\Users\VM\Desktop\Spanisch 2014-02-07 18:27 - 2013-01-02 23:03 - 00000000 ____D () C:\Users\VM\AppData\Local\Nero 2014-02-05 23:00 - 2009-06-14 08:05 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml 2014-02-05 22:58 - 2006-11-02 13:47 - 00492008 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-02-05 09:58 - 2014-02-13 10:01 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-05 09:56 - 2014-02-13 10:01 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-05 09:53 - 2014-02-13 10:01 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-05 09:51 - 2014-02-13 10:01 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-05 09:50 - 2014-02-13 10:01 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-05 09:49 - 2014-02-13 10:01 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-05 09:49 - 2014-02-13 10:01 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-05 09:48 - 2014-02-13 10:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-05 09:47 - 2014-02-13 10:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-05 09:47 - 2014-02-13 10:01 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-05 09:47 - 2014-02-13 10:01 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-02-05 09:46 - 2014-02-13 10:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-01-30 16:11 - 2013-12-24 00:33 - 00000000 ____D () C:\Users\VM\My Digital Editions 2014-01-29 20:48 - 2009-06-28 23:58 - 00139936 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT 2014-01-29 20:18 - 2006-11-02 13:37 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-01-29 09:26 - 2014-01-29 09:26 - 00140304 _____ () C:\Windows\Minidump\Mini012914-01.dmp 2014-01-29 09:26 - 2013-12-25 17:05 - 325170187 _____ () C:\Windows\MEMORY.DMP 2014-01-29 09:26 - 2010-01-11 00:25 - 00000000 ____D () C:\Windows\Minidump 2014-01-28 12:52 - 2006-11-02 11:23 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_702 2014-01-28 09:44 - 2014-01-28 09:44 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CK-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-bit).dat 2014-01-28 09:43 - 2014-01-28 09:43 - 00000000 ____D () C:\RegBackup 2014-01-28 08:26 - 2014-01-28 08:25 - 02903255 _____ () C:\Users\VM\Downloads\tweaking.com_windows_repair_aio (2).zip 2014-01-28 08:25 - 2014-01-28 08:25 - 02903255 _____ () C:\Users\VM\Downloads\tweaking.com_windows_repair_aio (1).zip 2014-01-28 08:02 - 2014-01-28 08:02 - 02903255 _____ () C:\Users\VM\Downloads\tweaking.com_windows_repair_aio.zip 2014-01-27 10:33 - 2014-01-27 10:33 - 00140112 _____ () C:\Windows\Minidump\Mini012714-01.dmp Files to move or delete: ==================== C:\Users\VM\AppData\Roaming\desktop.ini Some content of TEMP: ==================== C:\Users\VM\AppData\Local\Temp\DivXSetup.exe C:\Users\VM\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\VM\AppData\Local\Temp\nsg571F.exe C:\Users\VM\AppData\Local\Temp\nslA551.exe C:\Users\VM\AppData\Local\Temp\nslD2C4.exe C:\Users\VM\AppData\Local\Temp\nsr8E39.exe C:\Users\VM\AppData\Local\Temp\RtkBtMnt.exe C:\Users\VM\AppData\Local\Temp\SPStub.exe C:\Users\VM\AppData\Local\Temp\_isC6DF.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-25 12:49 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-02-2014 01 Ran by VM at 2014-02-26 22:56:44 Running from C:\Users\VM\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== AAV 6.0.00.15 (HKLM\...\Acer Acer Bio Protection 6.0.00.15) (Version: - ) ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House) Acer Arcade Deluxe (HKLM\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.1.5529 - CyberLink Corp.) Acer Arcade Deluxe (Version: 2.1.5529 - CyberLink Corp.) Hidden Acer Bio Protection Acer Crystal Eye Webcam 3.0.6.3 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 3.0.6.3 - SuYin) Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 3.0.3008 - CyberLink Corp.) Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3065 - Egis Inc.) Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3009 - Acer Incorporated) Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 3.0.3014 - Acer Incorporated) Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3011 - Acer Incorporated) Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - ) Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.) Acer Product Registration (HKLM\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.0.0.10 - Acer Incorporated) Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.13.1301 - Acer Inc.) Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 3.2.3002 - Acer Incorporated) Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.0.0 - Adobe Systems) Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.0.0 - Adobe Systems) Hidden Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Reader for Pocket PC 2.0 (HKLM\...\InstallShield_{291A772C-FFB9-4681-B720-AB2A0A620896}) (Version: 2.0 - Adobe Systems) Adobe Reader for Pocket PC 2.0 (Version: 2.0 - Adobe Systems) Hidden Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.) Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems) Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC) Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo WinOptimizer 6.60 (HKLM\...\Ashampoo WinOptimizer 6_is1) (Version: 6.6.0 - Ashampoo GmbH & Co. KG) Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.30 - Atheros Communications Inc.) Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software) awesomehp uninstaller (HKLM\...\awesomehp uninstaller) (Version: - awesomehp) <==== ATTENTION BPM-Studio 4 Profi (HKLM\...\BPM-Studio 4 Profi) (Version: - ) C:\Program Files\Acer GameZone\GameConsole (HKLM\...\{71C2828F-2678-4675-BDEC-895424861262}_is1) (Version: 2.0.1.4 - Oberon Media, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform) Classic PhoneTools (HKLM\...\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}) (Version: 9.00 - Avanquest software) Classic PhoneTools (Version: 9.00 - BVRP Software) Hidden CorelDRAW Graphics Suite X3 (HKLM\...\{63218538-4A69-497F-8455-904261B0E9E4}) (Version: 13.0 - Corel Corporation) CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.3023d - CyberLink Corp.) CyberLink PowerDirector (Version: 6.5.3023d - CyberLink Corp.) Hidden DATA BECKER - Die große CD-Druckerei (HKLM\...\DATA BECKER - Die große CD-Druckerei) (Version: - ) DE (Version: 13.0 - Corel Corporation) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft) DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) DivX Browser Bar DE Toolbar for IE (HKLM\...\IECT3297265) (Version: 6.17.2.8 - DivX Browser Bar DE) <==== ATTENTION DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC) DMUninstaller (HKLM\...\DMUninstaller) (Version: - ) <==== ATTENTION eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000223 - esobi Inc.) eSobi v2 (Version: 2.0.3.000223 - esobi Inc.) Hidden Feedback Tool (HKLM\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation) Feven Pro 1.2 (HKLM\...\Feven Pro 1.2) (Version: 1.34.2.13 - Feven) <==== ATTENTION FontNav (Version: 5.0 - Corel Corporation) Hidden Free Studio version 2013 (HKLM\...\Free Studio_is1) (Version: 6.1.7.717 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.) Freemake Video Converter Version 4.0.1 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation) Galapago (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media) GameXN GO (HKCU\...\Game Organizer) (Version: - GameXN AS) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Go-Go Gourmet (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}) (Version: - Oberon Media) Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden Haufe iDesk-Service (HKLM\...\{1D081AB0-B1CC-11E0-80C0-005056B12123}) (Version: 11.07.19.8023 - Haufe) Heroes of Hellas (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) HSPA USB MODEM (HKLM\...\HSPA USB MODEM ALCATEL_is1) (Version: - Alcatel) IePluginService12.27.0.3326 (HKLM\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION Image Editor Packages (HKCU\...\Image Editor Packages) (Version: - ) <==== ATTENTION ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden Intel PROSet Wireless (Version: - ) Hidden Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) IrfanView (remove only) (HKLM\...\IrfanView) (Version: - ) ITECIR (HKLM\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.6 - ITE) Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java(TM) 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.) Java(TM) 6 Update 35 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.350 - Oracle) JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.12.07 - JMicron Technology Corp.) Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) Launch Manager (HKLM\...\LManager) (Version: 3.0.02 - Acer Inc.) Lexmark (HKLM\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - ) Lexmark Pro700 Series (HKLM\...\Lexmark Pro700 Series) (Version: - Lexmark International, Inc.) Lexmark Symbolleiste (HKLM\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.63.37.0 - ) Lexmark Tools for Office (HKLM\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.29.0.0 - ) Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG) LightScribe 1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden Macromedia FreeHand 9 (HKLM\...\Macromedia FreeHand 9) (Version: 9 - Macromedia) MediaPlayerEnhance (HKLM\...\MediaPlayerEnhance) (Version: 1.34.2.13 - Feven) MEDION GoPal Assistant (HKLM\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden Microsoft IntelliPoint 7.0 (HKLM\...\{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}) (Version: 7.0.260.0 - Microsoft) Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com) MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Mythic Mahjong (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113919217}) (Version: - Oberon Media) Nero 12 (HKLM\...\{95E152CF-0EB5-4BFA-B6EE-8FC7F9601BA5}) (Version: 12.0.02900 - Nero AG) Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden Nero BackItUp (Version: 12.0.6002 - Nero AG) Hidden Nero BackItUp (Version: 4.0.0.0 - Nero AG) Hidden Nero BackItUp 4 (HKLM\...\{df978451-372c-4bfe-aa0e-501273c8c1f8}) (Version: - Nero AG) Nero BackItUp Help (CHM) (Version: 12.0.8000 - Nero AG) Hidden Nero Blu-ray Player (Version: 12.0.17700 - Nero AG) Hidden Nero Blu-ray Player Help (CHM) (Version: 12.0.9000 - Nero AG) Hidden Nero Burning ROM (Version: 12.0.28001 - Nero AG) Hidden Nero Burning ROM Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden Nero ControlCenter (Version: 11.0.15500 - Nero AG) Hidden Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden Nero ControlCenter Help (CHM) (Version: 12.0.7000 - Nero AG) Hidden Nero Core Components (Version: 11.0.18900 - Nero AG) Hidden Nero Disc Menus Basic (Version: 12.0.11500 - Nero AG) Hidden Nero Effects Basic (Version: 12.0.11500 - Nero AG) Hidden Nero Express (Version: 12.0.28001 - Nero AG) Hidden Nero Express Help (CHM) (Version: 12.0.5000 - Nero AG) Hidden Nero Installer (Version: 2.0.0.1 - Nero AG) Hidden Nero Kwik Media (Version: 1.18.19600 - Nero AG) Hidden Nero Kwik Media Help (CHM) (Version: 12.0.7000 - Nero AG) Hidden Nero Kwik Themes Basic (Version: 12.0.11500 - Nero AG) Hidden Nero PiP Effects Basic (Version: 12.0.11500 - Nero AG) Hidden Nero Recode (Version: 12.0.31001 - Nero AG) Hidden Nero Recode Help (CHM) (Version: 12.0.7000 - Nero AG) Hidden Nero RescueAgent (Version: 12.0.10002 - Nero AG) Hidden Nero RescueAgent Help (CHM) (Version: 12.0.7000 - Nero AG) Hidden Nero SharedVideoCodecs (Version: 1.0.12100.2.0 - Nero AG) Hidden Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden Nero Video (Version: 12.0.8000 - Nero AG) Hidden Nero Video Help (CHM) (Version: 12.0.7000 - Nero AG) Hidden neroxml (Version: 1.0.0 - Nero AG) Hidden Netzmanager (HKLM\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG) Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden NewPlayer (HKLM\...\NewPlayer) (Version: v2.1.1.1 - TUGUU SL) <==== ATTENTION NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.606 - NewTech Infosystems) NTI Backup Now Standard (Version: 5.1.2.606 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6329 - NewTech Infosystems) NTI Media Maker 8 (Version: 8.0.2.6329 - NewTech Infosystems) Hidden NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation) NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden Office-Bibliothek (HKLM\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.00.4 - Bibliographisches Institut & F.A. Brockhaus AG) Orion (HKLM\...\{5B63A470-9334-44D1-AF61-6CE2DB565AE9}) (Version: 2.0.1 - Convesoft) PdaNet for Android 3.50 (HKLM\...\PdaNet_is1) (Version: - June Fabrics Technology Inc) PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.) PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None) Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden Putt Mania (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112028410}) (Version: - Oberon Media) QuickSteuer 2011 (HKLM\...\{E3CDAAD3-F806-4F2A-BACF-487AD2E5B3EB}) (Version: 17.05.00.0003 - Haufe-Lexware GmbH & Co.KG) QuickSteuer 2012 COMPUTERBILD Edition (HKLM\...\{122879BD-2614-4AAB-9988-13C0719843D4}) (Version: 18.07.00.0008 - Haufe-Lexware GmbH & Co.KG) QuickSteuer 2013 (HKLM\...\{500342C9-CCD5-4335-89AE-C8A65C0A153B}) (Version: 19.06.00.0003 - Haufe-Lexware GmbH & Co.KG) QuickSteuer Wissens-Center 2011 (HKLM\...\{939FF87B-4ADE-4CB3-A363-153984CD4A49}) (Version: 17.10.0.0 - Haufe-Lexware GmbH & Co. KG) QuickSteuer Wissens-Center 2012 (HKLM\...\{C61B2B59-75D2-4203-B589-E0102C3A6F32}) (Version: 18.1.0.0 - Haufe-Lexware GmbH & Co. KG) QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Radiotracker (HKLM\...\{A8BB05BC-2C4A-4178-A819-64B8F5392960}) (Version: 6.2.13700.0 - RapidSolution Software AG) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.) Hidden Samsung PC Studio 3 (Version: 3.0.0.80502 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2410.0 - SAMSUNG Electronics Co., Ltd.) Search Protect (HKLM\...\SearchProtect) (Version: 2.10.20.64 - Conduit) <==== ATTENTION Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden Servicepack Datumsaktualisierung (Version: 1.00.00.0005 - Haufe-Lexware) Hidden Skype™ 6.0 (HKLM\...\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}) (Version: 6.0.126 - Skype Technologies S.A.) StarMoney (Version: 1.0 - StarFinanz) Hidden StarMoney (Version: 2.0 - StarFinanz) Hidden StarMoney (Version: 3.0.0.124 - StarFinanz) Hidden SupTab (HKLM\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.12.0 - Synaptics Incorporated) TuneUp Utilities Language Pack (de-DE) (Version: 9.0.6030.1 - TuneUp Software) Hidden Uniblue DiskRescue 2009 (Version: 1.0.0 - Uniblue Systems) Hidden Uniblue DriverScanner 2009 (Version: 2.0.0.1 - Uniblue Systems Ltd.) Hidden Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - ) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{4B93560B-F33D-4A67-A224-F5E1C329BD22}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft) Update Manager (Version: 4.60 - Corel Corporation) Hidden Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.44 - Validity Sensors, Inc.) VBA (Version: 6.2 - Corel Corporation) Hidden VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden Virtual DJ - Atomix Productions (HKLM\...\Virtual DJ - Atomix Productions) (Version: - ) VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes) VirtualDJ PRO Full (HKLM\...\{82BEEB3F-D0BF-42EE-8739-F4827C4805B7}) (Version: 7.0.4 - Atomix Productions) Welcome App (Start-up experience) (Version: 12.0.15000 - Nero AG) Hidden Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation) Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation) WinRAR (HKLM\...\WinRAR archiver) (Version: - ) WinZipper (HKLM\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION Xara Photo & Graphic Designer 6 (HKLM\...\MAGIX_{0471F07E-5933-4927-BC83-28E33A802CDF}) (Version: 6.1.3.25152 - Xara Group Ltd) Xara Photo & Graphic Designer 6 (Version: 6.1.3.25152 - Xara Group Ltd) Hidden ==================== Restore Points ========================= ==================== Hosts content: ========================== 2006-11-02 11:23 - 2014-01-28 21:33 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {27EC1DEA-57EC-423F-AA44-2D88E86D382D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd) Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {5A7F5460-B140-4D8D-B9EB-39C5E1DF451E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {634EEDCC-710F-464A-A305-32334C8EE65A} - System32\Tasks\Uniblue DiskRescue 2009 => C:\Program Files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10] (Uniblue) Task: {69623E90-07BC-4041-A70B-3E1A7D6BE87B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-06-01] (Microsoft Corporation) Task: {69682880-4C7B-4ADD-812B-0A11C2C1103B} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {73CF916C-8B98-4169-A0A9-2974C54CCBE3} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {75D79F72-E960-4A77-92D7-8F1A2A8EBD2C} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11] (Macrovision Corporation) Task: {8B1C49D2-71EA-4E0F-A58D-6E463B027166} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30] (Google Inc.) Task: {A43163DD-771C-4F90-A1C5-827EF9792C8B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {B19AD1E9-68EC-4259-8132-F36461A0F0E0} - System32\Tasks\{F62FF463-32EE-4AB5-91B3-768D3C5905BB} => C:\Program Files\Skype\Phone\Skype.exe [2012-11-09] (Skype Technologies S.A.) Task: {C0276B33-DD07-41FB-B1CC-1F7B41746315} - System32\Tasks\{B54E3089-7E05-4657-8ADF-FD6ACB82CC21} => C:\Program Files\Skype\\Phone\Skype.exe [2012-11-09] (Skype Technologies S.A.) Task: {CD85FE0E-256B-4185-968B-B2E859598A46} - System32\Tasks\{6D53D572-09B3-432B-8B05-6B0C41F87FAC} => C:\Program Files\Skype\Phone\Skype.exe [2012-11-09] (Skype Technologies S.A.) Task: {E1FD0C7C-6741-43CA-952C-72310DE39797} - System32\Tasks\{57C162A0-E3B0-4C81-81C7-3B784833FC42} => C:\Program Files\Skype\Phone\Skype.exe [2012-11-09] (Skype Technologies S.A.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: {E765ADB2-FECE-4ECB-9724-E5AF8F8EFB3F} - System32\Tasks\{EDAB9B0E-ACA4-4294-AA65-0A1FE2741AEF} => Iexplore.exe hxxp://ui.skype.com/ui/0/4.1.0.179/de/abandoninstall?page=tsChrome&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-notinstalled Task: {E7D075D2-BF1B-45AC-BFE2-F0B692466C48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30] (Google Inc.) Task: {E97F56B4-78D5-4E60-AE6B-C367FFE5A3D3} - System32\Tasks\Update Manager => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2011-07-31] (Haufe-Lexware GmbH & Co. KG) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job => C:\Program Files\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job => C:\Program Files\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-enabler.job => C:\Program Files\Feven Pro 1.2\Feven Pro 1.2-enabler.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job => C:\Program Files\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-updater.job => C:\Program Files\Feven Pro 1.2\Feven Pro 1.2-updater.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2964e3a8dcf8.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job => C:\Program Files\MediaPlayerEnhance\MediaPlayerEnhance-chromeinstaller.exe Task: C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job => C:\Program Files\MediaPlayerEnhance\MediaPlayerEnhance-codedownloader.exe Task: C:\Windows\Tasks\MediaPlayerEnhance-enabler.job => C:\Program Files\MediaPlayerEnhance\MediaPlayerEnhance-enabler.exe <==== ATTENTION Task: C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job => C:\Program Files\MediaPlayerEnhance\MediaPlayerEnhance-firefoxinstaller.exe Task: C:\Windows\Tasks\MediaPlayerEnhance-updater.job => C:\Program Files\MediaPlayerEnhance\MediaPlayerEnhance-updater.exe Task: C:\Windows\Tasks\Uniblue DiskRescue 2009.job => C:\Program Files\Uniblue\DiskRescue\UBDiskRescue.exe ==================== Loaded Modules (whitelisted) ============= 2009-06-14 08:02 - 2009-06-14 08:02 - 00080896 _____ () C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll 2014-02-26 15:01 - 2014-02-26 11:39 - 02185216 _____ () C:\Program Files\AVAST Software\Avast\defs\14022600\algo.dll 2008-04-30 19:13 - 2008-04-30 19:13 - 00200704 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL 2010-03-07 20:23 - 2009-11-26 01:08 - 00049152 _____ () C:\Windows\System32\LXEEPMON.DLL 2010-03-07 20:23 - 2009-01-13 08:15 - 04485120 _____ () C:\Windows\System32\LXEEOEM.DLL 2010-03-07 20:23 - 2009-11-26 01:07 - 00032768 _____ () C:\Program Files\Lexmark Pro700 Series\ipcmt.dll 2010-03-07 20:29 - 2009-11-04 07:14 - 00157696 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\lxeedrpp.dll 2010-03-07 20:25 - 2009-05-18 08:29 - 00819200 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeeptpc.dll 2010-03-07 20:25 - 2009-11-04 08:14 - 00165376 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeedrui.dll 2010-03-07 20:25 - 2009-06-07 19:40 - 00167936 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeePRPR.DLL 2010-03-07 20:25 - 2009-11-04 08:14 - 00236032 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeedr.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2008-05-22 03:27 - 2011-08-19 02:09 - 00528384 _____ () C:\Program Files\Lexmark Toolbar\toolband.dll 2008-05-22 03:28 - 2011-08-19 02:25 - 00471040 _____ () C:\Program Files\Lexmark Toolbar\resource.dll 2007-06-24 19:09 - 2007-06-24 19:09 - 01024000 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll 2007-06-24 19:09 - 2007-06-24 19:09 - 00098304 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll 2007-06-24 19:09 - 2007-06-24 19:09 - 00061440 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll 2009-06-14 08:12 - 2008-01-16 17:35 - 00081504 _____ () C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe 2010-08-03 10:55 - 2009-05-25 10:18 - 00040960 _____ () C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe 2008-07-29 17:52 - 2008-07-29 17:52 - 00227888 _____ () C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll 2009-02-02 12:43 - 2008-06-02 09:25 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe 2009-02-02 12:43 - 2009-02-02 12:43 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll 2009-02-02 12:43 - 2009-02-02 12:43 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll 2009-02-02 12:43 - 2009-02-02 12:43 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll 2009-02-02 12:43 - 2009-02-02 12:43 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll 2009-02-02 12:43 - 2009-02-02 12:43 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll 2009-02-02 12:51 - 2008-05-30 12:22 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll 2009-02-02 12:50 - 2008-10-27 14:01 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll 2009-02-02 12:50 - 2008-10-27 14:00 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll 2009-02-02 12:50 - 2008-10-27 14:01 - 00143360 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll 2009-02-02 12:50 - 2008-10-27 14:00 - 00036864 _____ () C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll 2009-02-02 12:43 - 2009-02-02 12:43 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll 2009-06-14 08:03 - 2008-06-30 16:56 - 00200704 _____ () C:\Windows\PLFSetI.exe 2009-06-14 08:01 - 2009-06-14 08:02 - 03520512 _____ () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe 2010-03-07 20:22 - 2010-01-18 10:51 - 00139944 _____ () C:\Program Files\Lexmark Pro700 Series\ezprint.exe 2010-03-07 20:22 - 2009-03-30 07:37 - 00708608 _____ () C:\Program Files\Lexmark Pro700 Series\Epwizard.DLL 2010-03-07 20:22 - 2009-03-30 07:35 - 00159744 _____ () C:\Program Files\Lexmark Pro700 Series\customui.dll 2010-03-07 20:22 - 2009-03-30 07:35 - 00118784 _____ () C:\Program Files\Lexmark Pro700 Series\Eputil.DLL 2010-03-07 20:22 - 2009-03-30 07:35 - 00139264 _____ () C:\Program Files\Lexmark Pro700 Series\Imagutil.DLL 2010-03-07 20:22 - 2009-03-30 07:35 - 00061440 _____ () C:\Program Files\Lexmark Pro700 Series\Epfunct.DLL 2010-03-07 20:22 - 2009-06-23 06:09 - 02203648 _____ () C:\Program Files\Lexmark Pro700 Series\EPWizRes.dll 2010-03-07 20:22 - 2009-06-23 06:10 - 00045056 _____ () C:\Program Files\Lexmark Pro700 Series\epstring.dll 2010-03-07 20:22 - 2009-06-23 06:11 - 00102400 _____ () C:\Program Files\Lexmark Pro700 Series\EPOEMDll.dll 2010-03-07 20:22 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files\Lexmark Pro700 Series\iptk.dll 2010-03-07 20:22 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files\Lexmark Pro700 Series\lxeeptp.dll 2008-07-24 14:54 - 2008-07-24 14:54 - 00757760 _____ () C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll 2008-07-24 14:54 - 2008-07-24 14:54 - 00007680 _____ () C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll 2010-03-07 20:22 - 2011-01-23 18:37 - 00770728 _____ () C:\Program Files\Lexmark Pro700 Series\lxeemon.exe 2010-03-07 20:22 - 2010-04-01 11:23 - 00389120 _____ () C:\Program Files\Lexmark Pro700 Series\lxeescw.dll 2010-03-07 20:25 - 2009-05-27 07:16 - 00192512 _____ () C:\Windows\system32\spool\drivers\w32x86\3\lxeedatr.dll 2010-03-07 20:22 - 2010-04-01 11:24 - 01159168 _____ () C:\Program Files\Lexmark Pro700 Series\lxeeDRS.dll 2010-03-07 20:22 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files\Lexmark Pro700 Series\lxeecaps.dll 2010-03-07 20:10 - 2009-02-20 09:48 - 00299008 _____ () C:\Windows\system32\lxeesm.dll 2010-03-07 20:10 - 2009-04-28 08:56 - 00024064 _____ () C:\Windows\system32\lxeesmr.dll 2009-02-02 13:20 - 2007-12-06 16:15 - 00110592 _____ () C:\Acer\Mobility Center\MobilityService.exe 2009-02-02 13:20 - 2007-11-27 15:08 - 00032768 _____ () C:\Acer\Mobility Center\MobilityInterface.dll 2010-10-19 08:31 - 2010-10-19 08:31 - 00159744 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver\SoftplugLib.dll 2008-04-25 21:36 - 2008-04-25 21:36 - 00131072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe 2009-02-02 13:19 - 2007-01-09 18:25 - 00272024 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo.exe 2013-12-25 14:42 - 2013-12-25 14:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-11-15 01:48 - 2013-11-15 01:48 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe 2013-11-15 01:49 - 2013-11-15 01:49 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll 2014-02-13 10:53 - 2014-02-13 10:53 - 01952256 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\20f765310056b5791cc831866489f9d4\Kies.UI.ni.dll 2014-02-13 10:53 - 2014-02-13 10:53 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\068a8a30ae4dc072dc039d515893f7ec\Kies.MVVM.ni.dll 2014-02-13 10:54 - 2014-02-13 10:54 - 00189952 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\b32019341f62a3cab9e1c14a9c880ad8\Kies.Common.DeviceServiceLib.Interface.ni.dll 2014-02-13 10:58 - 2014-02-13 10:58 - 00367104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\907a31bcd257b51d430beb55efe083cb\DevicePhoto.ni.dll 2014-02-13 10:58 - 2014-02-13 10:58 - 00301568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\8532259a46cedc38d514026314d011cd\DeviceVideo.ni.dll 2014-02-13 10:58 - 2014-02-13 10:58 - 00616448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\7e32cca0d7b6b1138d1cfbf181bd2c6e\DevicePodcast.ni.dll 2014-02-13 10:58 - 2014-02-13 10:58 - 00307200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\64e4588e7e5b0fed092f978ca2ebad09\DummyStorePlugin.ni.dll 2014-02-13 10:58 - 2014-02-13 10:58 - 14972928 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\dd32f6be1ff32171e2ac31c1ae4d6b32\Kies.Theme.ni.dll 2014-02-13 10:56 - 2014-02-13 10:56 - 00581632 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\14883ffad20837929dc729b4caeedf92\Kies.Common.DeviceServiceLib.FileService.ni.dll 2014-02-13 10:55 - 2014-02-13 10:55 - 00046592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3183da5abb5bc10e45fdc6de5b0d13a7\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll 2014-02-13 10:56 - 2014-02-13 10:56 - 01002496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\35d2579f3ea31d0ce0bbb5fae827d9db\DeviceCommonLib.ni.dll 2014-02-13 10:57 - 2014-02-13 10:57 - 00232960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\27af83e8dc27ee77fd22031801f3c5f1\ASF_cSharpAPI.ni.dll 2009-06-14 08:13 - 2007-09-11 10:12 - 00475136 _____ () C:\Program Files\Acer\Acer VCM\AcerControl.dll 2013-03-15 22:50 - 2012-03-09 14:30 - 00484976 _____ () C:\Program Files\PdaNet for Android\PdaNetPC.exe 2014-02-25 16:00 - 2014-02-25 16:00 - 00011776 _____ () C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe 2014-02-26 21:31 - 2014-02-26 21:31 - 00612496 _____ () C:\Program Files\WinZipper\sqlite3.dll 2014-02-21 20:28 - 2014-02-20 02:02 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll 2014-02-21 20:28 - 2014-02-20 02:03 - 04060488 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll 2014-02-21 20:28 - 2014-02-20 02:03 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll 2014-02-21 20:28 - 2014-02-20 02:02 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll 2014-02-21 20:28 - 2014-02-20 02:03 - 13632840 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll 2014-01-16 21:19 - 2014-01-16 21:19 - 04591616 _____ () C:\Users\VM\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll 2014-01-16 21:19 - 2014-01-16 21:19 - 00112128 _____ () C:\Users\VM\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:05113FB9 AlternateDataStreams: C:\ProgramData\Temp:430C6D84 AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F AlternateDataStreams: C:\ProgramData\Temp:C99F6ECA AlternateDataStreams: C:\ProgramData\Temp:DAFD38AE AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2 AlternateDataStreams: C:\ProgramData\Temp:EEFF768F ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Photo Express Calendar Checker SE.lnk => C:\Windows\pss\Photo Express Calendar Checker SE.lnk.CommonStartup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: AnyDVD => C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe MSCONFIG\startupreg: BkupTray => "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" MSCONFIG\startupreg: DriverScanner => "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 MSCONFIG\startupreg: EADM => "C:\Program Files\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: GameXN GO => "C:\ProgramData\GameXN\GameXNGO.exe" /startup MSCONFIG\startupreg: ISTray => "C:\Program Files\PC Tools Security\pctsGui.exe" /hideGUI MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup MSCONFIG\startupreg: KiesHelper => C:\Program Files\Samsung\Kies\KiesHelper.exe /s MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero BackItUp 4\NBKeyScan.exe" MSCONFIG\startupreg: NokiaMServer => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray MSCONFIG\startupreg: OODITRAY.EXE => C:\Program Files\OO Software\DiskImage\OODITRAY.EXE MSCONFIG\startupreg: PCTools FGuard => C:\Program Files\PC Tools Security\BDT\FGuard.exe MSCONFIG\startupreg: PE2CKFNT SE => C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe MSCONFIG\startupreg: RegistryBooster => "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 MSCONFIG\startupreg: SpeedUpMyPC => "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" -d 20000 --minimized MSCONFIG\startupreg: VD6TK7MFWR => C:\Windows\Mquzia.exe MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s ==================== Faulty Device Manager Devices ============= Name: isatap.{E8D12279-C9FE-4919-B3C2-94C4123E65E8} Description: Microsoft-ISATAP-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: isatap.{E8D12279-C9FE-4919-B3C2-94C4123E65E8} Description: Microsoft-ISATAP-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: isatap.home Description: Microsoft-ISATAP-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft-ISATAP-Adapter #4 Description: Microsoft-ISATAP-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (02/26/2014 03:01:17 AM) (Source: System Restore) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Hr = 0x8000ffff). Error: (02/26/2014 03:01:17 AM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154. Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/26/2014 03:01:17 AM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienst-Fehler: Die VSS-Ereignisklasse ist nicht registriert. Dadurch wird verhindert, dass VSS-Generatoren Ereignisse empfangen. Dies kann auf einen Setupfehler oder das Installationsprogramm bzw. Deinstallationsprogramm einer Anwendung zurückzuführen sein. Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/25/2014 00:46:47 PM) (Source: System Restore) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Hr = 0x8000ffff). Error: (02/25/2014 00:46:47 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154. Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/25/2014 00:46:47 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienst-Fehler: Die VSS-Ereignisklasse ist nicht registriert. Dadurch wird verhindert, dass VSS-Generatoren Ereignisse empfangen. Dies kann auf einen Setupfehler oder das Installationsprogramm bzw. Deinstallationsprogramm einer Anwendung zurückzuführen sein. Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/25/2014 00:41:33 PM) (Source: System Restore) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Hr = 0x8000ffff). Error: (02/25/2014 00:41:33 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040154. Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/25/2014 00:41:33 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienst-Fehler: Die VSS-Ereignisklasse ist nicht registriert. Dadurch wird verhindert, dass VSS-Generatoren Ereignisse empfangen. Dies kann auf einen Setupfehler oder das Installationsprogramm bzw. Deinstallationsprogramm einer Anwendung zurückzuführen sein. Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/24/2014 03:01:37 AM) (Source: System Restore) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Hr = 0x8000ffff). System errors: ============= Error: (02/26/2014 03:32:15 PM) (Source: Print) (User: CK-PC) Description: Das Dokument schlankr im Besitz von VM konnte nicht auf dem Drucker Lexmark Pro700 Series (Netzwerk) gedruckt werden. Versuchen Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: LEMF. Größe der Spooldatei in Bytes: 742503. Anzahl der gedruckten Bytes: 742503. Gesamtanzahl der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\CK-PC. Vom Druckprozessor zurückgegebener Win32-Fehlercode: schlankr0. schlankr1 Error: (02/25/2014 00:37:57 PM) (Source: Service Control Manager) (User: ) Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058 Error: (02/25/2014 00:37:57 PM) (Source: Service Control Manager) (User: ) Description: lxeeCATSCustConnectService%%1053 Error: (02/25/2014 00:37:57 PM) (Source: Service Control Manager) (User: ) Description: 30000lxeeCATSCustConnectService Error: (02/25/2014 00:37:57 PM) (Source: Service Control Manager) (User: ) Description: Aspi32%%2 Error: (02/25/2014 00:37:45 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (02/25/2014 00:37:35 PM) (Source: Dhcp) (User: ) Description: Die IP-Adresslease 192.168.1.124 für die Netzwerkkarte mit der Netzwerkadresse 0022FA1A0F3E wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error: (02/25/2014 00:35:58 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 24.02.2014 um 23:05:00 unerwartet heruntergefahren. Error: (02/24/2014 01:29:15 PM) (Source: Print) (User: CK-PC) Description: Das Dokument schlankr im Besitz von VM konnte nicht auf dem Drucker Lexmark Pro700 Series (Netzwerk) gedruckt werden. Versuchen Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler erneut. Datentyp: LEMF. Größe der Spooldatei in Bytes: 1051104. Anzahl der gedruckten Bytes: 1051104. Gesamtanzahl der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\CK-PC. Vom Druckprozessor zurückgegebener Win32-Fehlercode: schlankr0. schlankr1 Error: (02/23/2014 03:38:49 PM) (Source: Service Control Manager) (User: ) Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058 Microsoft Office Sessions: ========================= Error: (02/26/2014 03:01:17 AM) (Source: System Restore)(User: ) Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x8000ffff Error: (02/26/2014 03:01:17 AM) (Source: VSS)(User: ) Description: CoCreateInstance0x80040154 Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/26/2014 03:01:17 AM) (Source: VSS)(User: ) Description: Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/25/2014 00:46:47 PM) (Source: System Restore)(User: ) Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x8000ffff Error: (02/25/2014 00:46:47 PM) (Source: VSS)(User: ) Description: CoCreateInstance0x80040154 Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/25/2014 00:46:47 PM) (Source: VSS)(User: ) Description: Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/25/2014 00:41:33 PM) (Source: System Restore)(User: ) Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x8000ffff Error: (02/25/2014 00:41:33 PM) (Source: VSS)(User: ) Description: CoCreateInstance0x80040154 Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/25/2014 00:41:33 PM) (Source: VSS)(User: ) Description: Vorgang: Generatordaten werden gesammelt Asynchroner Vorgang wird ausgeführt Kontext: Ausführungskontext: Requestor Aktueller Status: GatherWriterMetadata Error: (02/24/2014 03:01:37 AM) (Source: System Restore)(User: ) Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x8000ffff CodeIntegrity Errors: =================================== Date: 2013-07-22 21:35:04.411 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-22 21:35:03.879 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-22 21:28:34.355 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-07-22 21:28:33.853 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-01-03 23:08:50.063 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-01-03 23:08:49.499 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-01-03 23:05:35.967 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-01-03 23:05:35.492 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\SysHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. |
27.02.2014, 15:16 | #2 | |
/// the machine /// TB-Ausbilder | Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Hi,
__________________was haste denn als letztes installiert? Revo Uninstaller - Download - Filepony damit bitte folgendes deinstallieren, Reste entfernen lassen. Zitat:
__________________ |
28.02.2014, 00:23 | #3 |
| Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Ich bin ein dummes Mädchen, ich weiß! :-(
__________________Ich wurde aufgefordert für meinen veralteten Videoplayer ein Update zu machen und ich dumme Nuss hab das auch prompt gemacht... Okay, ich habe soweit alles deinstalliert, außer das hier: Code:
ATTFilter NewPlayer (HKLM\...\NewPlayer) (Version: v2.1.1.1 - TUGUU SL) <==== ATTENTION Und was soll ich als nächstes machen? LG Claudia Wenn ich jetzt meinen Browser öffne, erscheint immer diese Seite hier: Code:
ATTFilter hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX Okay, gegen die Werbung hab ich mir jetzt Adblock runtergeladen. Aber irgendwie funktioniert Adblock nicht 100%ig. :-( Und immer wenn ich einen neuen Tab öffne, erscheint das hier: Code:
ATTFilter Lightning Newtab |
28.02.2014, 20:32 | #4 |
/// the machine /// TB-Ausbilder | Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
28.02.2014, 22:32 | #5 |
| Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Du hast geschrieben: Code:
ATTFilter Downloade Dir bitte Malwarebytes Anti-Malware Installiere das Programm in den vorgegebenen Pfad. Windows Vista und höher: mit Rechtsklick "als Administrator starten" Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung Wenn das Update beendet wurde, aktiviere -Scan durchführen gemäß Anleitung zu Malwareybytes Anti-Malware drücke auf Scannen. Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen. Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl. Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread. Nachträglich kannst du den Bericht unter "Log Dateien" finden. Den Rest mach ich dann jetzt mal... Gut, hier also schon mal das Logfile vom ADW-Cleaner: Code:
ATTFilter # AdwCleaner v3.020 - Bericht erstellt am 28/02/2014 um 21:52:33 # Aktualisiert 27/02/2014 von Xplode # Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) # Benutzername : VM - CK-PC # Gestartet von : C:\Users\VM\Desktop\adwcleaner.exe # Option : Suchen ***** [ Dienste ] ***** Dienst Gefunden : Wpm ***** [ Dateien / Ordner ] ***** Datei Gefunden : C:\END Datei Gefunden : C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx Datei Gefunden : C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage Datei Gefunden : C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage Datei Gefunden : C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal Ordner Gefunden : C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Ordner Gefunden C:\Program Files\Conduit Ordner Gefunden C:\Program Files\Convesoft Ordner Gefunden C:\Program Files\DivX_Browser_Bar_DE Ordner Gefunden C:\Program Files\uniblue Ordner Gefunden C:\ProgramData\Conduit Ordner Gefunden C:\ProgramData\WPM Ordner Gefunden C:\Users\VM\AppData\Local\Conduit Ordner Gefunden C:\Users\VM\AppData\Local\NativeMessaging Ordner Gefunden C:\Users\VM\AppData\Local\Temp\Conduit Ordner Gefunden C:\Users\VM\AppData\Local\Temp\NativeMessaging Ordner Gefunden C:\Users\VM\AppData\LocalLow\Conduit Ordner Gefunden C:\Users\VM\AppData\LocalLow\DivX_Browser_Bar_DE Ordner Gefunden C:\Users\VM\AppData\Roaming\SupTab Ordner Gefunden C:\Users\VM\AppData\Roaming\uniblue Ordner Gefunden C:\Users\VM\AppData\Roaming\WinZipper Ordner Gefunden C:\Windows\system32\SearchProtect ***** [ Verknüpfungen ] ***** Verknüpfung Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX ) Verknüpfung Gefunden : C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX ) Verknüpfung Gefunden : C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX ) Verknüpfung Gefunden : C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX ) Verknüpfung Gefunden : C:\Users\VM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chrome App Launcher.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX ) Verknüpfung Gefunden : C:\Users\VM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX ) ***** [ Registrierungsdatenbank ] ***** Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&ts=1393446616 Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar_DE Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar Schlüssel Gefunden : HKCU\Software\Conduit Schlüssel Gefunden : HKCU\Software\Convesoft Schlüssel Gefunden : HKCU\Software\installedbrowserextensions Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IePlugins Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\supTab Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\winzipper Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F663448B-1B58-43EA-8EF6-A410B6E82DEA} Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\074A36B543391D44FA16C62EBD65A59E Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\074A36B543391D44FA16C62EBD65A59E Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3297265 Schlüssel Gefunden : HKLM\Software\Conduit Schlüssel Gefunden : HKLM\Software\delta-homesSoftware Schlüssel Gefunden : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar Schlüssel Gefunden : HKLM\Software\DivX_Browser_Bar_DE Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Schlüssel Gefunden : HKLM\Software\hdcode Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3E3977F-718B-4C6D-BF41-BA84146039C0} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE70C9FB-B123-4D3F-A13B-9ABF53A182D8} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F663448B-1B58-43EA-8EF6-A410B6E82DEA} Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\074A36B543391D44FA16C62EBD65A59E Schlüssel Gefunden : HKLM\Software\supWPM Schlüssel Gefunden : HKLM\Software\V9 Schlüssel Gefunden : HKLM\Software\winzipersvc Schlüssel Gefunden : HKLM\Software\Wpm Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}] Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}] ***** [ Browser ] ***** -\\ Internet Explorer v9.0.8112.16533 Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3297265&octid=CT3297265&SearchSource=61&CUI=UN74997711731598104&UM=2&UP=SP8D9D1A74-C8E2-4EB2-AE1B-DBDB5ECA66BD&SSPV= Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.awesomehp.com/?type=hp&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&ts=1393446616&type=default&q={searchTerms} Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&ts=1393446616&type=default&q={searchTerms} Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.awesomehp.com/?type=hp&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.awesomehp.com/?type=hp&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.awesomehp.com/web/?type=ds&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&q={searchTerms} Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.awesomehp.com/web/?type=ds&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX&q={searchTerms} -\\ Google Chrome v33.0.1750.117 [ Datei : C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [10395 octets] - [28/02/2014 21:48:03] AdwCleaner[R1].txt - [10312 octets] - [28/02/2014 21:52:33] AdwCleaner[S0].txt - [315 octets] - [28/02/2014 21:50:18] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [10432 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.2 (02.20.2014:1) OS: Windows Vista (TM) Home Premium x86 Ran by VM on 28.02.2014 at 22:21:41,65 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2667981686-1106648099-187186479-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3297265 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{044E407F-3E01-4F96-9C08-D0B560E704B9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6dad39c6-f4ac-4984-8e9b-f666269b9eb1} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6dad39c6-f4ac-4984-8e9b-f666269b9eb1} ~~~ Files Successfully deleted: [File] "C:\Users\VM\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage" Successfully deleted: [File] "C:\Users\VM\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage-journal" Successfully deleted: [File] "C:\end" ~~~ Folders Successfully deleted: [Folder] "C:\Users\VM\appdata\local\cre" ~~~ Chrome Successfully deleted: [Folder] C:\Users\VM\appdata\local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 28.02.2014 at 22:29:42,85 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Shortcut Cleaner 1.2.9 by Lawrence Abrams (Grinler) hxxp://www.bleepingcomputer.com/ Copyright 2008-2014 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/ Windows Version: Windows Vista (TM) Home Premium Service Pack 2 Program started at: 02/28/2014 10:31:13 PM. Scanning for registry hijacks: * No issues found in the Registry. Searching for Hijacked Shortcuts: Searching C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\ * Shortcut Cleaned: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX * Shortcut Cleaned: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX * Shortcut Cleaned: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX Searching C:\ProgramData\Microsoft\Windows\Start Menu\ * Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX Searching C:\Users\VM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ * Shortcut Cleaned: C:\Users\VM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chrome App Launcher.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX * Shortcut Cleaned: C:\Users\VM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.awesomehp.com/?type=sc&ts=1393446426&from=tugs&uid=HitachiXHTS543232L9A300_090329FB2406LEKT8BPCX Searching C:\Users\Public\Desktop\ Searching C:\Users\VM\Desktop 6 bad shortcuts found. Program finished at: 02/28/2014 10:31:21 PM Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s) Claudia |
01.03.2014, 14:47 | #6 |
/// the machine /// TB-Ausbilder | Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Stimmt, da war was AdwCleaner musst du auch löschen lassen. Bitte nachholen. Frisches FRST log bitte. Noch Probleme?
__________________ --> Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( |
01.03.2014, 21:43 | #7 |
| Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Oh, ja das mit ADW ist irgendwie schief gelaufen, sorry. Ich hatte mich auch schon gewundert, dass ich doch keinen Neustart machen musste. Jetzt lief es aber wie du es gesagt hast und hier ist Logfile: Code:
ATTFilter # AdwCleaner v3.020 - Bericht erstellt am 01/03/2014 um 21:24:53 # Aktualisiert 27/02/2014 von Xplode # Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) # Benutzername : VM - CK-PC # Gestartet von : C:\Users\VM\Desktop\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\VM\AppData\Roaming\uniblue Ordner Gelöscht : C:\Users\VM\AppData\Roaming\WinZipper Datei Gelöscht : C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F663448B-1B58-43EA-8EF6-A410B6E82DEA} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F663448B-1B58-43EA-8EF6-A410B6E82DEA} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3E3977F-718B-4C6D-BF41-BA84146039C0} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE70C9FB-B123-4D3F-A13B-9ABF53A182D8} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}] Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command Schlüssel Gelöscht : HKCU\Software\Convesoft Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar_DE Schlüssel Gelöscht : HKLM\Software\delta-homesSoftware Schlüssel Gelöscht : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar Schlüssel Gelöscht : HKLM\Software\hdcode Schlüssel Gelöscht : HKLM\Software\supWPM Schlüssel Gelöscht : HKLM\Software\V9 Schlüssel Gelöscht : HKLM\Software\winzipersvc Schlüssel Gelöscht : HKLM\Software\Wpm Schlüssel Gelöscht : HKLM\Software\DivX_Browser_Bar_DE Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IePlugins Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\supTab Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\winzipper Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\074A36B543391D44FA16C62EBD65A59E Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\074A36B543391D44FA16C62EBD65A59E Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\074A36B543391D44FA16C62EBD65A59E ***** [ Browser ] ***** -\\ Internet Explorer v9.0.8112.16533 Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Google Chrome v33.0.1750.117 [ Datei : C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [10395 octets] - [28/02/2014 21:48:03] AdwCleaner[R1].txt - [10513 octets] - [28/02/2014 21:52:33] AdwCleaner[R2].txt - [6118 octets] - [01/03/2014 21:23:18] AdwCleaner[S0].txt - [315 octets] - [28/02/2014 21:50:18] AdwCleaner[S1].txt - [1117 octets] - [28/02/2014 21:53:46] AdwCleaner[S2].txt - [4897 octets] - [01/03/2014 21:24:53] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4957 octets] ########## FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-03-2014 Ran by VM (administrator) on CK-PC on 01-03-2014 21:33:48 Running from C:\Users\VM\Desktop Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Agere Systems) C:\Windows\system32\agrsmsvc.exe (NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe () C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe (Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Acer Inc.) C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (sonix) C:\Windows\PLFSetL.exe () C:\Windows\PLFSetI.exe () C:\Program Files\Lexmark Pro700 Series\ezprint.exe (Teruten) C:\Windows\system32\FsUsbExService.Exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe () C:\Program Files\Lexmark Pro700 Series\lxeemon.exe () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe ( ) C:\Windows\system32\lxeecoms.exe () C:\Acer\Mobility Center\MobilityService.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Prolific Technology Inc.) C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\Cyberlink\Shared files\RichVideo.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe (Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe () C:\Program Files\DivX\DivX Update\DivXUpdate.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Samsung) C:\Program Files\Samsung\Kies\Kies.exe (Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe () C:\Program Files\PdaNet for Android\PdaNetPC.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Realtek Semiconductor Corp.) C:\Users\VM\AppData\Local\Temp\RtkBtMnt.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2012-10-12] (Synaptics Incorporated) HKLM\...\Run: [eAudio] - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-05-30] (Acer Incorporated) HKLM\...\Run: [ArcadeDeluxeAgent] - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-07-24] (CyberLink Corp.) HKLM\...\Run: [] - [X] HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468296 2009-06-01] (Microsoft Corporation) HKLM\...\Run: [Lexmark Pro700 Series Fax Server] - C:\Program Files\Lexmark Pro700 Series\fm3032.exe [316072 2011-01-23] () HKLM\...\Run: [eDataSecurity Loader] - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-07-29] (Egis Incorporated) HKLM\...\Run: [ePower_DMC] - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [405504 2008-08-01] (Acer Inc.) HKLM\...\Run: [PLFSetL] - C:\Windows\PLFSetL.exe [94208 2011-01-22] (sonix) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-06-30] () HKLM\...\Run: [EzPrint] - C:\Program Files\Lexmark Pro700 Series\ezprint.exe [139944 2010-01-18] () HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation) HKLM\...\Run: [CLMLServer] - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [167936 2008-07-24] (CyberLink) HKLM\...\Run: [lxeemon.exe] - C:\Program Files\Lexmark Pro700 Series\lxeemon.exe [770728 2011-01-23] () HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [1115728 2009-12-15] (Dritek System Inc.) HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC) HKLM\...\Run: [LexwareInfoService] - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-11] (AVAST Software) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2011-11-04] (Realtek Semiconductor) HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] () Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\MountPoints2: {b2eaf739-9ee3-11df-9989-001e331dd3dc} - E:\autorun.exe Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter Startup: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) Startup: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files\PdaNet for Android\PdaNetPC.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: haufereader - No CLSID Value - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 217.0.43.49 217.0.43.33 192.168.1.1 Chrome: ======= CHR HomePage: https://www.google.de/webhp?sourceid=chrome-instant&espv=210&ie=UTF-8 CHR Extension: (Adblock Plus) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-28] CHR Extension: (Feven Pro 1.2) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [2014-02-26] CHR Extension: (AdBlock) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-27] CHR Extension: (avast! Online Security) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-25] CHR Extension: (Freemake Video Converter) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-06-08] CHR Extension: (Google Wallet) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31] CHR Extension: (Extended Protection) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26] CHR Extension: (Quick Start) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-02-26] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-25] CHR HKLM\...\Chrome\Extension: [hkoahcaobjbihehldfimhblmhgalcipm] - C:\Users\VM\AppData\Local\CRE\hkoahcaobjbihehldfimhblmhgalcipm.crx [2013-12-25] CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-08] CHR HKLM\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-26] CHR HKCU\...\Chrome\Extension: [hkoahcaobjbihehldfimhblmhgalcipm] - C:\Users\VM\AppData\Local\CRE\hkoahcaobjbihehldfimhblmhgalcipm.crx [2014-02-26] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-11] (AVAST Software) R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () R2 DeviceManager; C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe [40960 2009-05-25] () S3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [406016 2009-08-24] (mst software GmbH, Germany) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-06-02] () R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3520512 2009-06-14] () S2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe [193192 2010-04-14] (Lexmark International, Inc.) R2 lxee_device; C:\Windows\system32\lxeecoms.exe [598696 2010-04-14] ( ) R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG) R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () R2 PLFlash DeviceIoControl Service; C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-08-29] (Prolific Technology Inc.) R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] () R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-07-19] (Acer Incorporated) S2 Uniblue DiskRescue; "C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe" [X] ==================== Drivers (Whitelisted) ==================== R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2009-06-14] (Alfa Corporation) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-02-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-02-11] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-02-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-02-11] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-02-11] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-10] () R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [28048 2010-02-05] (CSR, plc) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2010-01-01] (Elaborate Bytes AG) R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-10-30] () R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [62496 2011-11-04] (ITE Tech. Inc. ) R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [54824 2012-10-12] (Atheros Communications, Inc.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-02-27] (Malwarebytes Corporation) R3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [7346176 2012-10-12] (Intel Corporation) S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation) R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [15248 2012-10-12] (PenMount) S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [103552 2009-05-25] (TCT International Mobile Ltd) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [23608 2012-10-12] (Synaptics Incorporated) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1759744 2011-01-22] () R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-10-16] (Avira GmbH) R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2009-09-01] () R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-07-18] (Cyberlink Corp.) S2 Aspi32; No ImagePath S1 DritekPortIO; No ImagePath S3 esgiguard; No ImagePath S3 IpInIp; No ImagePath S3 NwlnkFlt; No ImagePath S3 NwlnkFwd; No ImagePath S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 S6U12Scanner; system32\drivers\usbscan.sys [X] S3 usbscan; system32\DRIVERS\usbscan.sys [X] U5 usbser; C:\Windows\System32\Drivers\usbser.sys [27648 2009-04-11] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-01 21:33 - 2014-03-01 21:33 - 00022416 _____ () C:\Users\VM\Desktop\FRST.txt 2014-03-01 21:33 - 2014-03-01 21:33 - 00000000 ____D () C:\Users\VM\Desktop\FRST-OlderVersion 2014-02-28 22:31 - 2014-02-28 22:31 - 00005218 _____ () C:\sc-cleaner.txt 2014-02-28 21:52 - 2014-02-28 21:52 - 01244192 _____ () C:\Users\VM\Downloads\adwcleaner (1).exe 2014-02-28 21:52 - 2014-02-28 21:52 - 01244192 _____ () C:\Users\VM\Desktop\adwcleaner.exe 2014-02-28 21:47 - 2014-02-28 21:47 - 01244192 _____ () C:\Users\VM\Downloads\adwcleaner.exe 2014-02-28 21:45 - 2014-02-28 21:44 - 01037734 _____ (Thisisu) C:\Users\VM\Desktop\JRT.exe 2014-02-28 21:45 - 2014-02-28 21:44 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\VM\Desktop\sc-cleaner.exe 2014-02-28 21:44 - 2014-02-28 21:44 - 01037734 _____ (Thisisu) C:\Users\VM\Downloads\JRT.exe 2014-02-28 21:44 - 2014-02-28 21:44 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\VM\Downloads\sc-cleaner.exe 2014-02-28 21:13 - 2014-02-28 21:13 - 00012763 _____ () C:\Users\VM\Desktop\Stundenblatt02-14-Claudia Klein.xlsx 2014-02-28 13:49 - 2014-02-28 13:49 - 00015872 _____ () C:\Users\VM\Downloads\Ergebnislisten Obedience-Turniere.xls 2014-02-27 16:27 - 2014-02-27 16:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95 (1).exe 2014-02-27 16:27 - 2014-02-27 16:27 - 00001039 _____ () C:\Users\VM\Desktop\Revo Uninstaller.lnk 2014-02-27 00:18 - 2014-02-27 00:18 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys 2014-02-26 23:00 - 2014-03-01 21:25 - 00000000 ____D () C:\AdwCleaner 2014-02-26 22:58 - 2014-02-26 22:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\VM\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-26 22:52 - 2014-02-26 22:58 - 00064611 _____ () C:\Users\VM\Downloads\Addition.txt 2014-02-26 22:50 - 2014-02-26 22:58 - 00051628 _____ () C:\Users\VM\Downloads\FRST.txt 2014-02-26 22:49 - 2014-03-01 21:33 - 01144320 _____ (Farbar) C:\Users\VM\Desktop\FRST.exe 2014-02-26 22:49 - 2014-03-01 21:33 - 00000000 ____D () C:\FRST 2014-02-26 21:29 - 2014-02-26 21:29 - 00000000 ____D () C:\Users\VM\AppData\Local\Tuguu_SL 2014-02-26 21:28 - 2014-02-26 21:28 - 00002386 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00002262 _____ () C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001598 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001554 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001502 _____ () C:\Windows\Tasks\Feven Pro 1.2-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001458 _____ () C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001452 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001356 _____ () C:\Windows\Tasks\Feven Pro 1.2-enabler.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003102 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003082 _____ () C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job 2014-02-26 13:49 - 2014-02-26 13:49 - 00318168 _____ () C:\Users\VM\Downloads\Setup.exe 2014-02-23 21:36 - 2014-02-23 21:39 - 77293203 _____ () C:\Users\VM\Downloads\kapitel-10-bis-13_schlankr-das-hoerbuch.zip 2014-02-23 15:39 - 2014-02-23 15:39 - 00000535 _____ () C:\Users\VM\Desktop\Eigene Bilder.lnk 2014-02-19 12:42 - 2014-02-19 12:44 - 56142402 _____ () C:\Users\VM\Downloads\kapitel-1-bis-3_schlankr-das-hoerbuch.zip 2014-02-17 12:55 - 2014-02-17 12:55 - 00000000 ____D () C:\Program Files\Lame For Audacity 2014-02-17 12:54 - 2014-02-17 12:54 - 00527423 _____ ( ) C:\Users\VM\Downloads\Lame_v3.99.3_for_Windows.exe 2014-02-17 09:53 - 2014-02-26 15:57 - 00000000 ____D () C:\Users\VM\AppData\Roaming\Audacity 2014-02-17 09:53 - 2014-02-17 09:53 - 00000768 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-02-17 09:53 - 2014-02-17 09:53 - 00000000 ____D () C:\Program Files\Audacity 2014-02-17 09:48 - 2014-02-17 09:49 - 22180353 _____ (Audacity Team ) C:\Users\VM\Downloads\audacity-win-2.0.5.exe 2014-02-16 21:14 - 2014-02-16 21:16 - 09185340 _____ () C:\Users\VM\Downloads\anna_coogan-_'streamers'_--_official_music_video_480x270.mp4 2014-02-16 10:28 - 2014-02-16 10:28 - 01883792 _____ (Irfan Skiljan) C:\Users\VM\Downloads\iview437_setup.exe 2014-02-14 10:12 - 2014-02-14 10:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2964e3a8dcf8.job 2014-02-13 10:01 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-13 10:01 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-13 10:01 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-13 10:01 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-13 10:01 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-13 10:01 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-13 10:01 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-13 10:01 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-13 10:01 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-13 10:01 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-13 10:01 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-02-13 10:01 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-13 09:59 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-13 09:55 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-02-13 09:54 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-02-13 09:54 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-02-13 09:54 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-02-13 09:53 - 2014-02-13 09:54 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-02-13 08:34 - 2014-02-13 08:35 - 00001053 _____ () C:\DelFix.txt 2014-02-12 15:21 - 2014-02-12 15:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-02-11 22:32 - 2014-02-11 22:32 - 00002111 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-02-11 22:32 - 2014-02-11 22:32 - 00001008 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2014-02-11 22:28 - 2014-02-11 22:28 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\VM\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe 2014-02-11 18:33 - 2014-02-27 16:27 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-02-11 18:32 - 2014-02-11 18:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95.exe 2014-02-07 18:28 - 2014-02-07 19:22 - 00000000 ____D () C:\Users\VM\Desktop\Spanisch ==================== One Month Modified Files and Folders ======= 2014-03-01 21:36 - 2014-03-01 21:33 - 00022416 _____ () C:\Users\VM\Desktop\FRST.txt 2014-03-01 21:33 - 2014-03-01 21:33 - 00000000 ____D () C:\Users\VM\Desktop\FRST-OlderVersion 2014-03-01 21:33 - 2014-02-26 22:49 - 01144320 _____ (Farbar) C:\Users\VM\Desktop\FRST.exe 2014-03-01 21:33 - 2014-02-26 22:49 - 00000000 ____D () C:\FRST 2014-03-01 21:28 - 2010-03-07 20:25 - 00229077 _____ () C:\ProgramData\lxeescan.log 2014-03-01 21:27 - 2013-12-21 21:48 - 02083696 _____ () C:\Windows\PFRO.log 2014-03-01 21:27 - 2009-02-02 13:15 - 00000147 _____ () C:\Windows\system32\agent.log 2014-03-01 21:27 - 2006-11-02 13:47 - 00003344 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-01 21:27 - 2006-11-02 13:47 - 00003344 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-01 21:26 - 2009-07-02 00:19 - 00010652 _____ () C:\Windows\bthservsdp.dat 2014-03-01 21:26 - 2009-06-14 07:52 - 01394136 _____ () C:\Windows\WindowsUpdate.log 2014-03-01 21:25 - 2014-02-26 23:00 - 00000000 ____D () C:\AdwCleaner 2014-03-01 00:29 - 2008-01-21 08:16 - 01554942 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-01 00:29 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-02-28 22:31 - 2014-02-28 22:31 - 00005218 _____ () C:\sc-cleaner.txt 2014-02-28 22:31 - 2009-06-28 17:19 - 00000953 _____ () C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-28 21:52 - 2014-02-28 21:52 - 01244192 _____ () C:\Users\VM\Downloads\adwcleaner (1).exe 2014-02-28 21:52 - 2014-02-28 21:52 - 01244192 _____ () C:\Users\VM\Desktop\adwcleaner.exe 2014-02-28 21:47 - 2014-02-28 21:47 - 01244192 _____ () C:\Users\VM\Downloads\adwcleaner.exe 2014-02-28 21:44 - 2014-02-28 21:45 - 01037734 _____ (Thisisu) C:\Users\VM\Desktop\JRT.exe 2014-02-28 21:44 - 2014-02-28 21:45 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\VM\Desktop\sc-cleaner.exe 2014-02-28 21:44 - 2014-02-28 21:44 - 01037734 _____ (Thisisu) C:\Users\VM\Downloads\JRT.exe 2014-02-28 21:44 - 2014-02-28 21:44 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\VM\Downloads\sc-cleaner.exe 2014-02-28 21:13 - 2014-02-28 21:13 - 00012763 _____ () C:\Users\VM\Desktop\Stundenblatt02-14-Claudia Klein.xlsx 2014-02-28 13:49 - 2014-02-28 13:49 - 00015872 _____ () C:\Users\VM\Downloads\Ergebnislisten Obedience-Turniere.xls 2014-02-27 16:27 - 2014-02-27 16:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95 (1).exe 2014-02-27 16:27 - 2014-02-27 16:27 - 00001039 _____ () C:\Users\VM\Desktop\Revo Uninstaller.lnk 2014-02-27 16:27 - 2014-02-11 18:33 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-02-27 14:32 - 2006-11-02 13:47 - 00492008 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-02-27 00:18 - 2014-02-27 00:18 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys 2014-02-26 22:58 - 2014-02-26 22:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\VM\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-26 22:58 - 2014-02-26 22:52 - 00064611 _____ () C:\Users\VM\Downloads\Addition.txt 2014-02-26 22:58 - 2014-02-26 22:50 - 00051628 _____ () C:\Users\VM\Downloads\FRST.txt 2014-02-26 21:29 - 2014-02-26 21:29 - 00000000 ____D () C:\Users\VM\AppData\Local\Tuguu_SL 2014-02-26 21:28 - 2014-02-26 21:28 - 00002386 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00002262 _____ () C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001598 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001554 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001502 _____ () C:\Windows\Tasks\Feven Pro 1.2-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001458 _____ () C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001452 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001356 _____ () C:\Windows\Tasks\Feven Pro 1.2-enabler.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003102 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003082 _____ () C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job 2014-02-26 15:57 - 2014-02-17 09:53 - 00000000 ____D () C:\Users\VM\AppData\Roaming\Audacity 2014-02-26 15:57 - 2009-06-28 17:16 - 00000000 ____D () C:\Users\VM 2014-02-26 15:32 - 2010-03-07 20:31 - 00000000 ____D () C:\ProgramData\Lx_cats 2014-02-26 13:49 - 2014-02-26 13:49 - 00318168 _____ () C:\Users\VM\Downloads\Setup.exe 2014-02-24 00:50 - 2014-01-17 23:16 - 00000000 ____D () C:\Users\VM\Desktop\Mallorca 2014-02-23 21:39 - 2014-02-23 21:36 - 77293203 _____ () C:\Users\VM\Downloads\kapitel-10-bis-13_schlankr-das-hoerbuch.zip 2014-02-23 19:49 - 2014-01-05 22:37 - 00000000 ____D () C:\Users\VM\Desktop\Handybilder 2014-02-23 15:39 - 2014-02-23 15:39 - 00000535 _____ () C:\Users\VM\Desktop\Eigene Bilder.lnk 2014-02-19 12:44 - 2014-02-19 12:42 - 56142402 _____ () C:\Users\VM\Downloads\kapitel-1-bis-3_schlankr-das-hoerbuch.zip 2014-02-18 22:21 - 2010-03-07 21:06 - 00409444 _____ () C:\ProgramData\lxeeJSW.log 2014-02-17 12:55 - 2014-02-17 12:55 - 00000000 ____D () C:\Program Files\Lame For Audacity 2014-02-17 12:54 - 2014-02-17 12:54 - 00527423 _____ ( ) C:\Users\VM\Downloads\Lame_v3.99.3_for_Windows.exe 2014-02-17 09:53 - 2014-02-17 09:53 - 00000768 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-02-17 09:53 - 2014-02-17 09:53 - 00000000 ____D () C:\Program Files\Audacity 2014-02-17 09:49 - 2014-02-17 09:48 - 22180353 _____ (Audacity Team ) C:\Users\VM\Downloads\audacity-win-2.0.5.exe 2014-02-16 21:16 - 2014-02-16 21:14 - 09185340 _____ () C:\Users\VM\Downloads\anna_coogan-_'streamers'_--_official_music_video_480x270.mp4 2014-02-16 18:29 - 2009-06-28 22:44 - 00000000 ____D () C:\Users\VM\AppData\Local\Adobe 2014-02-16 10:28 - 2014-02-16 10:28 - 01883792 _____ (Irfan Skiljan) C:\Users\VM\Downloads\iview437_setup.exe 2014-02-15 22:45 - 2013-07-22 20:54 - 00000000 ____D () C:\Program Files\DivX 2014-02-15 22:45 - 2013-07-22 20:53 - 00000000 ____D () C:\ProgramData\DivX 2014-02-15 22:41 - 2013-07-22 21:03 - 00000000 ____D () C:\Users\VM\AppData\Roaming\DivX 2014-02-14 10:12 - 2014-02-14 10:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2964e3a8dcf8.job 2014-02-13 10:48 - 2009-02-02 12:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-13 10:26 - 2013-07-22 23:17 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-13 10:18 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-02-13 10:03 - 2006-11-02 11:23 - 00000301 _____ () C:\Windows\win.ini 2014-02-13 09:56 - 2013-11-08 21:03 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-13 09:54 - 2014-02-13 09:53 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-02-13 09:54 - 2009-07-01 20:12 - 00000000 ____D () C:\Program Files\Java 2014-02-13 08:35 - 2014-02-13 08:34 - 00001053 _____ () C:\DelFix.txt 2014-02-13 08:34 - 2013-07-23 22:55 - 00000000 ____D () C:\Windows\ERUNT 2014-02-13 08:31 - 2009-06-28 21:34 - 00000000 ____D () C:\Program Files\eBay 2014-02-13 08:31 - 2009-02-02 12:17 - 00000000 ____D () C:\Program Files\InstallShield Installation Information 2014-02-12 15:21 - 2014-02-12 15:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-02-12 15:21 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-02-11 22:33 - 2011-05-29 22:14 - 00000000 ____D () C:\Program Files\DVDVideoSoft 2014-02-11 22:32 - 2014-02-11 22:32 - 00002111 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-02-11 22:32 - 2014-02-11 22:32 - 00001008 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2014-02-11 22:32 - 2011-08-26 14:10 - 00000000 ____D () C:\Users\VM\AppData\Roaming\DVDVideoSoft 2014-02-11 22:32 - 2011-05-29 22:14 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2014-02-11 22:28 - 2014-02-11 22:28 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\VM\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe 2014-02-11 20:39 - 2010-01-20 22:45 - 00000000 ____D () C:\Users\Public\TVgenial 2014-02-11 18:32 - 2014-02-11 18:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95.exe 2014-02-11 12:32 - 2013-12-25 14:49 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job 2014-02-11 12:31 - 2013-12-25 14:43 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-11 12:31 - 2013-12-25 14:43 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys 2014-02-11 12:31 - 2013-12-25 14:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-09 03:00 - 2011-02-07 20:19 - 00008592 _____ () C:\Users\VM\AppData\Local\d3d9caps.dat 2014-02-07 19:22 - 2014-02-07 18:28 - 00000000 ____D () C:\Users\VM\Desktop\Spanisch 2014-02-07 18:27 - 2013-01-02 23:03 - 00000000 ____D () C:\Users\VM\AppData\Local\Nero 2014-02-05 23:00 - 2009-06-14 08:05 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml 2014-02-05 09:58 - 2014-02-13 10:01 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-05 09:56 - 2014-02-13 10:01 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-05 09:53 - 2014-02-13 10:01 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-05 09:51 - 2014-02-13 10:01 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-05 09:50 - 2014-02-13 10:01 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-05 09:49 - 2014-02-13 10:01 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-05 09:49 - 2014-02-13 10:01 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-05 09:48 - 2014-02-13 10:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-05 09:47 - 2014-02-13 10:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-05 09:47 - 2014-02-13 10:01 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-05 09:47 - 2014-02-13 10:01 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-02-05 09:46 - 2014-02-13 10:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-01-30 16:11 - 2013-12-24 00:33 - 00000000 ____D () C:\Users\VM\My Digital Editions Files to move or delete: ==================== C:\Users\VM\AppData\Roaming\desktop.ini Some content of TEMP: ==================== C:\Users\VM\AppData\Local\Temp\DivXSetup.exe C:\Users\VM\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\VM\AppData\Local\Temp\nsg571F.exe C:\Users\VM\AppData\Local\Temp\nslA551.exe C:\Users\VM\AppData\Local\Temp\nslD2C4.exe C:\Users\VM\AppData\Local\Temp\nsmFDF4.exe C:\Users\VM\AppData\Local\Temp\nsr8E39.exe C:\Users\VM\AppData\Local\Temp\Quarantine.exe C:\Users\VM\AppData\Local\Temp\RtkBtMnt.exe C:\Users\VM\AppData\Local\Temp\SPStub.exe C:\Users\VM\AppData\Local\Temp\_isC6DF.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-01 21:34 ==================== End Of Log ============================ --- --- --- --- --- --- Zu der Frage, ob es noch Probleme gibt, muss ich leider mit JA antworten. Zum einen hab ich immer noch nicht wieder meine Google-Seite, wenn ich eine neue Seite öffne und zum anderen erscheint jetzt zwar keine Werbung mehr, aber die Werbefelder erscheinen immer noch. Das reduziert die Ladezeiten, auch wenn diese Felder dann leer sind. LG Claudia |
02.03.2014, 18:52 | #8 |
/// the machine /// TB-Ausbilder | Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( In welchem Browser?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
02.03.2014, 21:04 | #9 |
| Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Chrome... Wuhuuuu, ich hab es selber geschafft. Da waren noch Fever und Quick Start im Browser aktiviert. Ich habe sie gelöscht und jetzt geht alles wieder wie gewohnt. :-D |
03.03.2014, 18:00 | #10 |
/// the machine /// TB-Ausbilder | Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Aloha Siehste, bringt doch was der Unterricht hier Frisches FRST bitte, dann schliessen wir das ab
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
03.03.2014, 23:18 | #11 |
| Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Okay, prima. Hier ist das gewünschte FRST-Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-03-2014 02 Ran by VM (administrator) on CK-PC on 03-03-2014 23:16:48 Running from C:\Users\VM\Desktop Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe (Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Agere Systems) C:\Windows\system32\agrsmsvc.exe (NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe () C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe (Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Teruten) C:\Windows\system32\FsUsbExService.Exe () C:\Program Files\Acer\Acer Bio Protection\BASVC.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe ( ) C:\Windows\system32\lxeecoms.exe () C:\Acer\Mobility Center\MobilityService.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Prolific Technology Inc.) C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\Cyberlink\Shared files\RichVideo.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Acer Inc.) C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (sonix) C:\Windows\PLFSetL.exe () C:\Windows\PLFSetI.exe () C:\Program Files\Lexmark Pro700 Series\ezprint.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe () C:\Program Files\Lexmark Pro700 Series\lxeemon.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe (Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe () C:\Program Files\DivX\DivX Update\DivXUpdate.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Samsung) C:\Program Files\Samsung\Kies\Kies.exe (Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe () C:\Program Files\PdaNet for Android\PdaNetPC.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Realtek Semiconductor Corp.) C:\Users\VM\AppData\Local\Temp\RtkBtMnt.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Acer Inc.) C:\Program Files\Acer\Acer VCM\acp2HID.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\system32\wuauclt.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2012-10-12] (Synaptics Incorporated) HKLM\...\Run: [eAudio] - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-05-30] (Acer Incorporated) HKLM\...\Run: [ArcadeDeluxeAgent] - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-07-24] (CyberLink Corp.) HKLM\...\Run: [] - [X] HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468296 2009-06-01] (Microsoft Corporation) HKLM\...\Run: [Lexmark Pro700 Series Fax Server] - C:\Program Files\Lexmark Pro700 Series\fm3032.exe [316072 2011-01-23] () HKLM\...\Run: [eDataSecurity Loader] - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-07-29] (Egis Incorporated) HKLM\...\Run: [ePower_DMC] - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [405504 2008-08-01] (Acer Inc.) HKLM\...\Run: [PLFSetL] - C:\Windows\PLFSetL.exe [94208 2011-01-22] (sonix) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-06-30] () HKLM\...\Run: [EzPrint] - C:\Program Files\Lexmark Pro700 Series\ezprint.exe [139944 2010-01-18] () HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation) HKLM\...\Run: [CLMLServer] - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [167936 2008-07-24] (CyberLink) HKLM\...\Run: [lxeemon.exe] - C:\Program Files\Lexmark Pro700 Series\lxeemon.exe [770728 2011-01-23] () HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [1115728 2009-12-15] (Dritek System Inc.) HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC) HKLM\...\Run: [LexwareInfoService] - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-11] (AVAST Software) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2011-11-04] (Realtek Semiconductor) HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] () Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2667981686-1106648099-187186479-1000\...\MountPoints2: {b2eaf739-9ee3-11df-9989-001e331dd3dc} - E:\autorun.exe Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter Startup: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) Startup: C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files\PdaNet for Android\PdaNetPC.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll () BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: haufereader - No CLSID Value - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 217.0.43.49 217.0.43.33 192.168.1.1 Chrome: ======= CHR HomePage: https://www.google.de/webhp?sourceid=chrome-instant&espv=210&ie=UTF-8 CHR Extension: (Adblock Plus) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-28] CHR Extension: (AdBlock) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-27] CHR Extension: (avast! Online Security) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-25] CHR Extension: (Google Wallet) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31] CHR Extension: (Extended Protection) - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-25] CHR HKLM\...\Chrome\Extension: [hkoahcaobjbihehldfimhblmhgalcipm] - C:\Users\VM\AppData\Local\CRE\hkoahcaobjbihehldfimhblmhgalcipm.crx [2013-12-25] CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-08] CHR HKLM\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26] CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\VM\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-02-26] CHR HKCU\...\Chrome\Extension: [hkoahcaobjbihehldfimhblmhgalcipm] - C:\Users\VM\AppData\Local\CRE\hkoahcaobjbihehldfimhblmhgalcipm.crx [2014-02-26] ========================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-11] (AVAST Software) R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] () R2 DeviceManager; C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe [40960 2009-05-25] () S3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [406016 2009-08-24] (mst software GmbH, Germany) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-06-02] () R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3520512 2009-06-14] () S2 lxeeCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxeeserv.exe [193192 2010-04-14] (Lexmark International, Inc.) R2 lxee_device; C:\Windows\system32\lxeecoms.exe [598696 2010-04-14] ( ) R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG) R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () R2 PLFlash DeviceIoControl Service; C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-08-29] (Prolific Technology Inc.) R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] () R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2008-07-19] (Acer Incorporated) S2 Uniblue DiskRescue; "C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe" [X] ==================== Drivers (Whitelisted) ==================== R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2009-06-14] (Alfa Corporation) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-02-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-02-11] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-25] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-02-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-02-11] (AVAST Software) R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-02-11] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-10] () R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [28048 2010-02-05] (CSR, plc) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [26024 2010-01-01] (Elaborate Bytes AG) R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-10-30] () R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [62496 2011-11-04] (ITE Tech. Inc. ) R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [54824 2012-10-12] (Atheros Communications, Inc.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-02-27] (Malwarebytes Corporation) R3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [7346176 2012-10-12] (Intel Corporation) S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation) R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [15248 2012-10-12] (PenMount) S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [103552 2009-05-25] (TCT International Mobile Ltd) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [23608 2012-10-12] (Synaptics Incorporated) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1759744 2011-01-22] () R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-10-16] (Avira GmbH) R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2009-09-01] () R3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-07-18] (Cyberlink Corp.) S2 Aspi32; No ImagePath S1 DritekPortIO; No ImagePath S3 esgiguard; No ImagePath S3 IpInIp; No ImagePath S3 NwlnkFlt; No ImagePath S3 NwlnkFwd; No ImagePath S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 S6U12Scanner; system32\drivers\usbscan.sys [X] S3 usbscan; system32\DRIVERS\usbscan.sys [X] U5 usbser; C:\Windows\System32\Drivers\usbser.sys [27648 2009-04-11] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-03 23:16 - 2014-03-03 23:17 - 00022424 _____ () C:\Users\VM\Desktop\FRST.txt 2014-03-03 23:06 - 2014-03-03 23:06 - 00000000 ____D () C:\Users\VM\Desktop\FRST-OlderVersion 2014-03-02 21:32 - 2014-03-02 21:40 - 77293203 _____ () C:\Users\VM\Downloads\kapitel-10-bis-13_schlankr-das-hoerbuch (1).zip 2014-03-02 21:32 - 2014-03-02 21:34 - 70996613 _____ () C:\Users\VM\Downloads\kapitel-7-bis-9_schlankr-das-hoerbuch.zip 2014-03-02 21:30 - 2014-03-02 21:32 - 74991539 _____ () C:\Users\VM\Downloads\kapitel-4-bis-6_schlankr-das-hoerbuch.zip 2014-03-02 21:26 - 2014-03-02 21:44 - 00000000 ____D () C:\Users\VM\Desktop\schlankr-eBook 2014-03-02 21:26 - 2014-03-02 21:28 - 56142402 _____ () C:\Users\VM\Downloads\kapitel-1-bis-3_schlankr-das-hoerbuch (1).zip 2014-03-02 21:07 - 2014-03-02 21:07 - 00032256 _____ () C:\Users\VM\Desktop\Stundenblatt02-14-Claudia Klein.xls 2014-02-28 22:31 - 2014-02-28 22:31 - 00005218 _____ () C:\sc-cleaner.txt 2014-02-28 21:52 - 2014-02-28 21:52 - 01244192 _____ () C:\Users\VM\Downloads\adwcleaner (1).exe 2014-02-28 21:52 - 2014-02-28 21:52 - 01244192 _____ () C:\Users\VM\Desktop\adwcleaner.exe 2014-02-28 21:47 - 2014-02-28 21:47 - 01244192 _____ () C:\Users\VM\Downloads\adwcleaner.exe 2014-02-28 21:45 - 2014-02-28 21:44 - 01037734 _____ (Thisisu) C:\Users\VM\Desktop\JRT.exe 2014-02-28 21:45 - 2014-02-28 21:44 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\VM\Desktop\sc-cleaner.exe 2014-02-28 21:44 - 2014-02-28 21:44 - 01037734 _____ (Thisisu) C:\Users\VM\Downloads\JRT.exe 2014-02-28 21:44 - 2014-02-28 21:44 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\VM\Downloads\sc-cleaner.exe 2014-02-28 13:49 - 2014-02-28 13:49 - 00015872 _____ () C:\Users\VM\Downloads\Ergebnislisten Obedience-Turniere.xls 2014-02-27 16:27 - 2014-02-27 16:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95 (1).exe 2014-02-27 16:27 - 2014-02-27 16:27 - 00001039 _____ () C:\Users\VM\Desktop\Revo Uninstaller.lnk 2014-02-27 00:18 - 2014-02-27 00:18 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys 2014-02-26 23:00 - 2014-03-01 21:25 - 00000000 ____D () C:\AdwCleaner 2014-02-26 22:58 - 2014-02-26 22:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\VM\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-26 22:52 - 2014-02-26 22:58 - 00064611 _____ () C:\Users\VM\Downloads\Addition.txt 2014-02-26 22:50 - 2014-02-26 22:58 - 00051628 _____ () C:\Users\VM\Downloads\FRST.txt 2014-02-26 22:49 - 2014-03-03 23:16 - 00000000 ____D () C:\FRST 2014-02-26 22:49 - 2014-03-03 23:06 - 01145344 _____ (Farbar) C:\Users\VM\Desktop\FRST.exe 2014-02-26 21:29 - 2014-02-26 21:29 - 00000000 ____D () C:\Users\VM\AppData\Local\Tuguu_SL 2014-02-26 21:28 - 2014-02-26 21:28 - 00002386 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00002262 _____ () C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001598 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001554 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001502 _____ () C:\Windows\Tasks\Feven Pro 1.2-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001458 _____ () C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001452 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001356 _____ () C:\Windows\Tasks\Feven Pro 1.2-enabler.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003102 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003082 _____ () C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job 2014-02-26 13:49 - 2014-02-26 13:49 - 00318168 _____ () C:\Users\VM\Downloads\Setup.exe 2014-02-23 21:36 - 2014-02-23 21:39 - 77293203 _____ () C:\Users\VM\Downloads\kapitel-10-bis-13_schlankr-das-hoerbuch.zip 2014-02-23 15:39 - 2014-02-23 15:39 - 00000535 _____ () C:\Users\VM\Desktop\Eigene Bilder.lnk 2014-02-19 12:42 - 2014-02-19 12:44 - 56142402 _____ () C:\Users\VM\Downloads\kapitel-1-bis-3_schlankr-das-hoerbuch.zip 2014-02-17 12:55 - 2014-02-17 12:55 - 00000000 ____D () C:\Program Files\Lame For Audacity 2014-02-17 12:54 - 2014-02-17 12:54 - 00527423 _____ ( ) C:\Users\VM\Downloads\Lame_v3.99.3_for_Windows.exe 2014-02-17 09:53 - 2014-02-26 15:57 - 00000000 ____D () C:\Users\VM\AppData\Roaming\Audacity 2014-02-17 09:53 - 2014-02-17 09:53 - 00000768 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-02-17 09:53 - 2014-02-17 09:53 - 00000000 ____D () C:\Program Files\Audacity 2014-02-17 09:48 - 2014-02-17 09:49 - 22180353 _____ (Audacity Team ) C:\Users\VM\Downloads\audacity-win-2.0.5.exe 2014-02-16 21:14 - 2014-02-16 21:16 - 09185340 _____ () C:\Users\VM\Downloads\anna_coogan-_'streamers'_--_official_music_video_480x270.mp4 2014-02-16 10:28 - 2014-02-16 10:28 - 01883792 _____ (Irfan Skiljan) C:\Users\VM\Downloads\iview437_setup.exe 2014-02-14 10:12 - 2014-02-14 10:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2964e3a8dcf8.job 2014-02-13 10:01 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-13 10:01 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-13 10:01 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-13 10:01 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-13 10:01 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-13 10:01 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-13 10:01 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-13 10:01 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-13 10:01 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-13 10:01 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-13 10:01 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-13 10:01 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-02-13 10:01 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-13 09:59 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-13 09:55 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-02-13 09:54 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-02-13 09:54 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-02-13 09:54 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-02-13 09:53 - 2014-02-13 09:54 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-02-13 08:34 - 2014-02-13 08:35 - 00001053 _____ () C:\DelFix.txt 2014-02-12 15:21 - 2014-02-12 15:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-02-11 22:32 - 2014-02-11 22:32 - 00002111 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-02-11 22:32 - 2014-02-11 22:32 - 00001008 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2014-02-11 22:28 - 2014-02-11 22:28 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\VM\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe 2014-02-11 18:33 - 2014-02-27 16:27 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-02-11 18:32 - 2014-02-11 18:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95.exe 2014-02-07 18:28 - 2014-02-07 19:22 - 00000000 ____D () C:\Users\VM\Desktop\Spanisch ==================== One Month Modified Files and Folders ======= 2014-03-03 23:17 - 2014-03-03 23:16 - 00022424 _____ () C:\Users\VM\Desktop\FRST.txt 2014-03-03 23:16 - 2014-02-26 22:49 - 00000000 ____D () C:\FRST 2014-03-03 23:06 - 2014-03-03 23:06 - 00000000 ____D () C:\Users\VM\Desktop\FRST-OlderVersion 2014-03-03 23:06 - 2014-02-26 22:49 - 01145344 _____ (Farbar) C:\Users\VM\Desktop\FRST.exe 2014-03-03 21:59 - 2009-06-14 07:52 - 01435387 _____ () C:\Windows\WindowsUpdate.log 2014-03-03 21:50 - 2010-03-07 20:25 - 00229187 _____ () C:\ProgramData\lxeescan.log 2014-03-03 21:48 - 2013-12-21 21:48 - 02083968 _____ () C:\Windows\PFRO.log 2014-03-03 21:48 - 2009-02-02 13:15 - 00000147 _____ () C:\Windows\system32\agent.log 2014-03-03 21:48 - 2006-11-02 13:47 - 00003344 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-03 21:48 - 2006-11-02 13:47 - 00003344 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-02 22:51 - 2009-07-02 00:19 - 00010652 _____ () C:\Windows\bthservsdp.dat 2014-03-02 21:44 - 2014-03-02 21:26 - 00000000 ____D () C:\Users\VM\Desktop\schlankr-eBook 2014-03-02 21:40 - 2014-03-02 21:32 - 77293203 _____ () C:\Users\VM\Downloads\kapitel-10-bis-13_schlankr-das-hoerbuch (1).zip 2014-03-02 21:34 - 2014-03-02 21:32 - 70996613 _____ () C:\Users\VM\Downloads\kapitel-7-bis-9_schlankr-das-hoerbuch.zip 2014-03-02 21:32 - 2014-03-02 21:30 - 74991539 _____ () C:\Users\VM\Downloads\kapitel-4-bis-6_schlankr-das-hoerbuch.zip 2014-03-02 21:28 - 2014-03-02 21:26 - 56142402 _____ () C:\Users\VM\Downloads\kapitel-1-bis-3_schlankr-das-hoerbuch (1).zip 2014-03-02 21:28 - 2010-03-07 21:06 - 00410204 _____ () C:\ProgramData\lxeeJSW.log 2014-03-02 21:28 - 2010-03-07 20:31 - 00000000 ____D () C:\ProgramData\Lx_cats 2014-03-02 21:07 - 2014-03-02 21:07 - 00032256 _____ () C:\Users\VM\Desktop\Stundenblatt02-14-Claudia Klein.xls 2014-03-02 20:25 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-03-02 17:01 - 2011-02-07 20:19 - 00008592 _____ () C:\Users\VM\AppData\Local\d3d9caps.dat 2014-03-01 21:25 - 2014-02-26 23:00 - 00000000 ____D () C:\AdwCleaner 2014-03-01 00:29 - 2008-01-21 08:16 - 01554942 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-28 22:31 - 2014-02-28 22:31 - 00005218 _____ () C:\sc-cleaner.txt 2014-02-28 22:31 - 2009-06-28 17:19 - 00000953 _____ () C:\Users\VM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-02-28 21:52 - 2014-02-28 21:52 - 01244192 _____ () C:\Users\VM\Downloads\adwcleaner (1).exe 2014-02-28 21:52 - 2014-02-28 21:52 - 01244192 _____ () C:\Users\VM\Desktop\adwcleaner.exe 2014-02-28 21:47 - 2014-02-28 21:47 - 01244192 _____ () C:\Users\VM\Downloads\adwcleaner.exe 2014-02-28 21:44 - 2014-02-28 21:45 - 01037734 _____ (Thisisu) C:\Users\VM\Desktop\JRT.exe 2014-02-28 21:44 - 2014-02-28 21:45 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\VM\Desktop\sc-cleaner.exe 2014-02-28 21:44 - 2014-02-28 21:44 - 01037734 _____ (Thisisu) C:\Users\VM\Downloads\JRT.exe 2014-02-28 21:44 - 2014-02-28 21:44 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\VM\Downloads\sc-cleaner.exe 2014-02-28 13:49 - 2014-02-28 13:49 - 00015872 _____ () C:\Users\VM\Downloads\Ergebnislisten Obedience-Turniere.xls 2014-02-27 16:27 - 2014-02-27 16:27 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95 (1).exe 2014-02-27 16:27 - 2014-02-27 16:27 - 00001039 _____ () C:\Users\VM\Desktop\Revo Uninstaller.lnk 2014-02-27 16:27 - 2014-02-11 18:33 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-02-27 14:32 - 2006-11-02 13:47 - 00492008 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-02-27 00:18 - 2014-02-27 00:18 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys 2014-02-26 22:58 - 2014-02-26 22:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\VM\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-26 22:58 - 2014-02-26 22:52 - 00064611 _____ () C:\Users\VM\Downloads\Addition.txt 2014-02-26 22:58 - 2014-02-26 22:50 - 00051628 _____ () C:\Users\VM\Downloads\FRST.txt 2014-02-26 21:29 - 2014-02-26 21:29 - 00000000 ____D () C:\Users\VM\AppData\Local\Tuguu_SL 2014-02-26 21:28 - 2014-02-26 21:28 - 00002386 _____ () C:\Windows\Tasks\MediaPlayerEnhance-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00002262 _____ () C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001598 _____ () C:\Windows\Tasks\MediaPlayerEnhance-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001554 _____ () C:\Windows\Tasks\MediaPlayerEnhance-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001502 _____ () C:\Windows\Tasks\Feven Pro 1.2-updater.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001458 _____ () C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001452 _____ () C:\Windows\Tasks\MediaPlayerEnhance-enabler.job 2014-02-26 21:28 - 2014-02-26 21:28 - 00001356 _____ () C:\Windows\Tasks\Feven Pro 1.2-enabler.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003102 _____ () C:\Windows\Tasks\MediaPlayerEnhance-chromeinstaller.job 2014-02-26 21:27 - 2014-02-26 21:27 - 00003082 _____ () C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job 2014-02-26 15:57 - 2014-02-17 09:53 - 00000000 ____D () C:\Users\VM\AppData\Roaming\Audacity 2014-02-26 15:57 - 2009-06-28 17:16 - 00000000 ____D () C:\Users\VM 2014-02-26 13:49 - 2014-02-26 13:49 - 00318168 _____ () C:\Users\VM\Downloads\Setup.exe 2014-02-24 00:50 - 2014-01-17 23:16 - 00000000 ____D () C:\Users\VM\Desktop\Mallorca 2014-02-23 21:39 - 2014-02-23 21:36 - 77293203 _____ () C:\Users\VM\Downloads\kapitel-10-bis-13_schlankr-das-hoerbuch.zip 2014-02-23 19:49 - 2014-01-05 22:37 - 00000000 ____D () C:\Users\VM\Desktop\Handybilder 2014-02-23 15:39 - 2014-02-23 15:39 - 00000535 _____ () C:\Users\VM\Desktop\Eigene Bilder.lnk 2014-02-19 12:44 - 2014-02-19 12:42 - 56142402 _____ () C:\Users\VM\Downloads\kapitel-1-bis-3_schlankr-das-hoerbuch.zip 2014-02-17 12:55 - 2014-02-17 12:55 - 00000000 ____D () C:\Program Files\Lame For Audacity 2014-02-17 12:54 - 2014-02-17 12:54 - 00527423 _____ ( ) C:\Users\VM\Downloads\Lame_v3.99.3_for_Windows.exe 2014-02-17 09:53 - 2014-02-17 09:53 - 00000768 _____ () C:\Users\Public\Desktop\Audacity.lnk 2014-02-17 09:53 - 2014-02-17 09:53 - 00000000 ____D () C:\Program Files\Audacity 2014-02-17 09:49 - 2014-02-17 09:48 - 22180353 _____ (Audacity Team ) C:\Users\VM\Downloads\audacity-win-2.0.5.exe 2014-02-16 21:16 - 2014-02-16 21:14 - 09185340 _____ () C:\Users\VM\Downloads\anna_coogan-_'streamers'_--_official_music_video_480x270.mp4 2014-02-16 18:29 - 2009-06-28 22:44 - 00000000 ____D () C:\Users\VM\AppData\Local\Adobe 2014-02-16 10:28 - 2014-02-16 10:28 - 01883792 _____ (Irfan Skiljan) C:\Users\VM\Downloads\iview437_setup.exe 2014-02-15 22:45 - 2013-07-22 20:54 - 00000000 ____D () C:\Program Files\DivX 2014-02-15 22:45 - 2013-07-22 20:53 - 00000000 ____D () C:\ProgramData\DivX 2014-02-15 22:41 - 2013-07-22 21:03 - 00000000 ____D () C:\Users\VM\AppData\Roaming\DivX 2014-02-14 10:12 - 2014-02-14 10:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2964e3a8dcf8.job 2014-02-13 10:48 - 2009-02-02 12:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-13 10:26 - 2013-07-22 23:17 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-13 10:18 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-02-13 10:03 - 2006-11-02 11:23 - 00000301 _____ () C:\Windows\win.ini 2014-02-13 09:56 - 2013-11-08 21:03 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-13 09:54 - 2014-02-13 09:53 - 00005384 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log 2014-02-13 09:54 - 2009-07-01 20:12 - 00000000 ____D () C:\Program Files\Java 2014-02-13 08:35 - 2014-02-13 08:34 - 00001053 _____ () C:\DelFix.txt 2014-02-13 08:34 - 2013-07-23 22:55 - 00000000 ____D () C:\Windows\ERUNT 2014-02-13 08:31 - 2009-06-28 21:34 - 00000000 ____D () C:\Program Files\eBay 2014-02-13 08:31 - 2009-02-02 12:17 - 00000000 ____D () C:\Program Files\InstallShield Installation Information 2014-02-12 15:21 - 2014-02-12 15:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-02-12 15:21 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-02-11 22:33 - 2011-05-29 22:14 - 00000000 ____D () C:\Program Files\DVDVideoSoft 2014-02-11 22:32 - 2014-02-11 22:32 - 00002111 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2014-02-11 22:32 - 2014-02-11 22:32 - 00001008 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2014-02-11 22:32 - 2011-08-26 14:10 - 00000000 ____D () C:\Users\VM\AppData\Roaming\DVDVideoSoft 2014-02-11 22:32 - 2011-05-29 22:14 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft 2014-02-11 22:28 - 2014-02-11 22:28 - 34008992 _____ (DVDVideoSoft Ltd. ) C:\Users\VM\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe 2014-02-11 20:39 - 2010-01-20 22:45 - 00000000 ____D () C:\Users\Public\TVgenial 2014-02-11 18:32 - 2014-02-11 18:32 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\VM\Downloads\revosetup95.exe 2014-02-11 12:32 - 2013-12-25 14:49 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job 2014-02-11 12:31 - 2013-12-25 14:43 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-11 12:31 - 2013-12-25 14:43 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys 2014-02-11 12:31 - 2013-12-25 14:43 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys 2014-02-11 12:31 - 2013-12-25 14:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-07 19:22 - 2014-02-07 18:28 - 00000000 ____D () C:\Users\VM\Desktop\Spanisch 2014-02-07 18:27 - 2013-01-02 23:03 - 00000000 ____D () C:\Users\VM\AppData\Local\Nero 2014-02-05 23:00 - 2009-06-14 08:05 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml 2014-02-05 09:58 - 2014-02-13 10:01 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-05 09:56 - 2014-02-13 10:01 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-05 09:53 - 2014-02-13 10:01 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-05 09:51 - 2014-02-13 10:01 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-05 09:50 - 2014-02-13 10:01 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-05 09:49 - 2014-02-13 10:01 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-05 09:49 - 2014-02-13 10:01 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-05 09:48 - 2014-02-13 10:01 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-05 09:48 - 2014-02-13 10:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-05 09:47 - 2014-02-13 10:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-05 09:47 - 2014-02-13 10:01 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-05 09:47 - 2014-02-13 10:01 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-02-05 09:46 - 2014-02-13 10:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll Files to move or delete: ==================== C:\Users\VM\AppData\Roaming\desktop.ini Some content of TEMP: ==================== C:\Users\VM\AppData\Local\Temp\DivXSetup.exe C:\Users\VM\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\VM\AppData\Local\Temp\nsg571F.exe C:\Users\VM\AppData\Local\Temp\nslA551.exe C:\Users\VM\AppData\Local\Temp\nslD2C4.exe C:\Users\VM\AppData\Local\Temp\nsmFDF4.exe C:\Users\VM\AppData\Local\Temp\nsr8E39.exe C:\Users\VM\AppData\Local\Temp\Quarantine.exe C:\Users\VM\AppData\Local\Temp\RtkBtMnt.exe C:\Users\VM\AppData\Local\Temp\SPStub.exe C:\Users\VM\AppData\Local\Temp\_isC6DF.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-03 21:56 ==================== End Of Log ============================ Liebe Grüße Claudia |
04.03.2014, 18:11 | #12 |
/// the machine /// TB-Ausbilder | Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect" C:\Users\VM\AppData\Roaming\desktop.ini Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
05.03.2014, 12:47 | #13 |
| Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Okay, hier das Fixlist-Logfile: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-03-2014 02 Ran by VM at 2014-03-04 21:35:55 Run:1 Running from C:\Users\VM\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect" C:\Users\VM\AppData\Roaming\desktop.ini ***************** HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Value deleted successfully. C:\Users\VM\AppData\Roaming\desktop.ini => Moved successfully. ==== End of Fixlog ==== Code:
ATTFilter # DelFix v10.6 - Datei am 04/03/2014 um 21:38:46 erstellt # Aktualisiert am 11/11/2013 von Xplode # Benutzer : VM - CK-PC # Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) ~ Aktiviere die Benutzerkontensteuerung ... OK ~ Entferne die Bereinigungsprogramme ... Gelöscht : C:\FRST Gelöscht : C:\AdwCleaner Gelöscht : C:\sc-cleaner.txt Gelöscht : C:\Users\VM\Desktop\adwcleaner.exe Gelöscht : C:\Users\VM\Desktop\Fixlog.txt Gelöscht : C:\Users\VM\Desktop\FRST.exe Gelöscht : C:\Users\VM\Desktop\FRST.txt Gelöscht : C:\Users\VM\Desktop\JRT.exe Gelöscht : C:\Users\VM\Desktop\sc-cleaner.exe Gelöscht : C:\Users\VM\Downloads\Addition.txt Gelöscht : C:\Users\VM\Downloads\adwcleaner (1).exe Gelöscht : C:\Users\VM\Downloads\adwcleaner.exe Gelöscht : C:\Users\VM\Downloads\FRST.txt Gelöscht : C:\Users\VM\Downloads\JRT.exe Gelöscht : C:\Users\VM\Downloads\sc-cleaner.exe Gelöscht : HKLM\SOFTWARE\AdwCleaner ~ Erstelle ein Backup der Registrierungsdatenbank ... OK ~ Lösche die Wiederherstellungspunkte ... Ein neuer Wiederherstellungspunkt wurde erstellt ! ~ Stelle die Systemeinstellungen wieder her ... OK ########## - EOF - ########## Ich werde versuchen in Zukunft vorsichtiger zu sein... :-) Mach's gut und ich hoffe, dass du diesmal länger Ruhe vor mir hast! Herzlichen DANK und liebe Grüße Claudia Ähem, einziges Problem ist jetzt nur noch, dass der PC jetzt, mit der ganzen aktiven Sicherheitssoftware extrem langsam geworden ist. Kann man das irgendwie beschleunigen? LG Claudia |
06.03.2014, 10:37 | #14 |
/// the machine /// TB-Ausbilder | Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Was läuft den aktuell alles an Sicherheitssoftware?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
06.03.2014, 11:18 | #15 |
| Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( Naja, alles was du mir gesagt hast (WinPatrol, WOT und TFC) und zusätzlich AVAST, AdBlock und AdBlockPlus. Und ich bin mir nicht sicher, ob hier sonst noch was drauf war, als ich den Rechner übernommen habe. |
Themen zu Sicherheitssoftware reicht nicht, schon wieder Befall von Malware auf meinem PC. :-( |
4d36e972-e325-11ce-bfc1-08002be10318, adw-cleaner, alcatel, antivirus, avira, browser, converter, defender, device driver, dvdvideosoft ltd., entfernen, feedback, google, home, homepage, iexplore.exe, installation, launch, lightning, malware, minidump, mp3, newtab, programm, realtek, registry, rundll, scan, schutz, server, services.exe, software, svchost.exe, system, windows |