| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win7: Firefox öffnet selbstständig neue TabsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.04.2014, 23:47
| #1 |
 |  Win7: Firefox öffnet selbstständig neue Tabs Hallo seit einigen Wochen schon öffnet mein Firefox ungehindert neue Tabs. Heute hats mir dann gereicht und ich habe ihn deinstalliert und anschließend wieder installiert. Das Problem wurde sogar noch schlimmer. Ich verwende Avira und mein letzter Scan war am 5.4. da bestand das Problem schon. Er hatte auch etwas gefunden ich weiß nur grade nicht mehr was. Im Moment läuft er nochmal durch das könnte aber eine Zeit dauern. Als mir dann endgültig der Kragen geplatzt ist habe ich Google gefragt und sollte in den Einstellungen von Firefox rumspielen. Allerdings nur in denen wo die Standardprogramme festgelegt werden. Der letzte Schritt hieß dann, dass es eine Malware oder ein Virus ist und so landete ich hier. Noch paar Daten zu meinem PC: Win 7 64 Bit und 2. Betriebssystem Win 8 ich meine auch 64 Bit Virenprogramm: Avira Privater Gebrauch Ich weiß nicht ob das was zur Sache bringt, aber ca. 2,5 Jahre alt Ich würde mich sehr freuen, wenn ihr mir helfen würdet, da ich etwas Angst um meine Unidaten bekommen habe.  Liebe Grüße und einen schönen 1. Mai |
|
01.05.2014, 00:12
| #2 |
| /// the machine /// TB-Ausbilder    | Win7: Firefox öffnet selbstständig neue Tabs hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
01.05.2014, 09:23
| #3 |
| | Win7: Firefox öffnet selbstständig neue Tabs OK alles erledigt
__________________FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014
Ran by alexandra (administrator) on ALEXANDRA-PC on 01-05-2014 10:14:06
Running from D:\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\ProgramData\IBUpdaterService\ibsvc.exe
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(National Instruments Corporation) D:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) D:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Windows Net) C:\Users\alexandra\AppData\Roaming\Windows Net Data\net.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM\...\Run: [AmIcoSinglun64] => c:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [378968 2012-01-05] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-09] (Microsoft Corporation)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3551576 2014-01-19] (Electronic Arts)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [Sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [lollipop] => lollipop
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\alexandra\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [Skype] => D:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\MountPoints2: {4fee0419-fe7a-11e2-bb4f-047d7bffad6c} - F:\autorun.exe
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\MountPoints2: {c15e4c8c-6e6d-11e3-991c-047d7bffad6c} - F:\Startme.exe
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\MountPoints2: {df694e28-9220-11e3-ab58-047d7bffad6c} - F:\AutoRun.exe
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [260928 2012-02-23] (NVIDIA Corporation)
AppInit_DLLs: ,C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [155456 2013-12-15] ()
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL [138048 2013-12-15] ()
Startup: C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\alexandra\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart Plus B210 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart Plus B210 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_3ebb124613ae4f838b93cacc54239a80_39_1007_20140414_DE_ie_sp_
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D448392948BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss_Btisdt7&mntrId=3452047D7BFFAD6C&affID=121565&tsp=5007
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_3ebb124613ae4f838b93cacc54239a80_39_1007_20140414_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.golsearch.com/?q={searchTerms}&babsrc=SP_ss_Btisdt6&mntrId=3452047D7BFFAD6C&affID=121565&tsp=5007
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tag=bds-p24-serp-de-ie-21&tbrId=v1_abb-channel-24_3ebb124613ae4f838b93cacc54239a80_39_1007_20140414_DE_ie_ds_&query={searchTerms}
SearchScopes: HKCU - {E9395785-9E40-44F0-9BC1-FCB9D2CD1221} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll (HQ-Video)
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: IEOptimizer - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SavingsBull\IEOptimizer.dll ()
BHO-x32: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll (HQ-Video)
BHO-x32: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll (Amazon Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default
FF user.js: detected! => C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\alexandra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HQ-Video-Profession-1.3 - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com [2014-03-09]
FF Extension: 4shared Desktop Plugin - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\4sharedCopyLinks [2013-09-16]
FF Extension: Amazon-Icon - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\amazon-icon@giga.de [2013-12-18]
FF Extension: pricealarm - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2013-12-18]
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\sparpilot@sparpilot.com [2014-04-22]
FF Extension: 4shared Desktop Plugin - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\4sharedCopyLinks.xpi [2013-03-14]
FF Extension: Amazon 1Button App for Firefox - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\abb@amazon.com.xpi [2014-01-31]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF Extension: Foxtab Speed Dial - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi [2014-03-26]
FF Extension: {7e47e45c-4d0a-4a42-8fe9-d538bab5ca88} - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{7e47e45c-4d0a-4a42-8fe9-d538bab5ca88}.xpi [2014-01-11]
FF Extension: Adblock Plus - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-04]
FF Extension: Skype Converter Light - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{dc9f1cb4-a7fb-4523-8222-ac71202e7dac}.xpi [2014-01-12]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-11]
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\alexandra\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\alexandra\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013-07-28]
FF HKLM-x32\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Users\alexandra\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF Extension: Zula Games - C:\Users\alexandra\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com [2013-07-28]
FF HKCU\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\alexandra\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\alexandra\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013-07-28]
FF HKCU\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Users\alexandra\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF Extension: Zula Games - C:\Users\alexandra\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com [2013-07-28]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-27]
CHR Extension: (No Name) - C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2013-12-18]
CHR Extension: (No Name) - C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna [2014-02-20]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-12-20]
CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\alexandra\AppData\Roaming\zulagames\zulagames.crx [2013-07-01]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\alexandra\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-12-18]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; D:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] ()
R2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [825280 2013-07-28] ()
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [710976 2014-01-27] ()
S3 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-10-31] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [42544 2009-06-18] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53296 2009-06-18] (National Instruments Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NIDomainService; D:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [356912 2009-06-18] (National Instruments Corporation)
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-06-04] (National Instruments Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [167936 2014-01-16] ()
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-01-18] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-01 10:14 - 2014-05-01 10:14 - 00000000 ____D () C:\FRST
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{FFAE47DE-DC8C-47F2-90A4-8B4336C10383}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D2A4E54F-9A08-4669-8912-A33C35D439C2}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D0E6D12B-D309-45DE-9C6A-68431030A72B}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{3A003DE3-AE5D-4843-A286-71365A421CD1}
2014-05-01 00:01 - 2014-05-01 00:01 - 00000000 ____D () C:\Users\alexandra\AppData\Local\PreEmptive Solutions
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieUserList
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieSiteList
2014-04-29 23:27 - 2014-05-01 00:09 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-23 00:33 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-23 00:33 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-23 00:33 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-23 00:33 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-23 00:33 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 00:33 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-23 00:33 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 00:33 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-23 00:33 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-23 00:33 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-23 00:33 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-23 00:33 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-23 00:33 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 00:33 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-23 00:33 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 00:33 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 00:33 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 00:33 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 00:33 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-23 00:33 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 00:33 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-23 00:33 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 00:33 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-23 00:33 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-23 00:33 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 00:33 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-23 00:33 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-23 00:33 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 00:33 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 00:33 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 00:33 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 00:33 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-23 00:33 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 00:33 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 00:33 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-23 00:33 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-23 00:32 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-23 00:32 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 00:32 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 00:32 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 00:32 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 00:32 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-23 00:32 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-23 00:32 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-23 00:32 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-23 00:32 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-23 00:32 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-23 00:32 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-22 23:59 - 2014-04-22 23:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-22 23:58 - 2013-07-18 10:43 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2014-04-22 23:57 - 2013-07-18 10:43 - 00795632 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-04-22 23:57 - 2013-07-18 10:43 - 00358896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-04-22 23:57 - 2013-07-18 10:43 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-04-14 16:29 - 2014-04-14 16:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-14 16:29 - 2014-04-14 16:29 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-14 16:29 - 2014-04-14 16:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-14 16:23 - 2014-04-14 16:23 - 00000000 ____D () C:\Users\alexandra\AppData\Local\Amazon Browser Bar
2014-04-14 16:22 - 2014-04-14 16:22 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\Users\alexandra\AppData\Roaming\pdfforge
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\Program Files (x86)\Amazon Browser Bar
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-04-14 16:22 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-04-14 16:22 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-04-14 16:22 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-04-14 16:22 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-04-14 16:22 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-04-14 16:22 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-04-09 20:08 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 20:08 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 20:08 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 20:08 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 20:08 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 20:08 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 20:08 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 20:08 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 20:08 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 20:08 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 20:08 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 20:08 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 20:08 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 20:08 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 20:08 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 20:08 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 20:07 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
==================== One Month Modified Files and Folders =======
2014-05-01 10:14 - 2014-05-01 10:14 - 00000000 ____D () C:\FRST
2014-05-01 10:14 - 2013-05-05 16:08 - 01278253 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 10:11 - 2013-06-04 19:23 - 00000000 ____D () C:\Users\alexandra\AppData\Roaming\Skype
2014-05-01 10:10 - 2014-02-20 22:22 - 00003148 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job
2014-05-01 10:10 - 2014-02-20 22:22 - 00002670 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job
2014-05-01 10:10 - 2014-02-20 22:22 - 00001588 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job
2014-05-01 10:10 - 2014-02-20 22:22 - 00001544 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job
2014-05-01 10:10 - 2014-02-20 22:22 - 00001442 _____ () C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job
2014-05-01 10:10 - 2014-01-18 12:07 - 00000000 ____D () C:\Users\alexandra\AppData\Roaming\newnext.me
2014-05-01 10:10 - 2014-01-12 01:13 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-01 10:10 - 2013-05-05 17:32 - 00428414 _____ () C:\Windows\PFRO.log
2014-05-01 10:10 - 2013-05-05 17:32 - 00014266 _____ () C:\Users\Public\CAFADEBUG.log
2014-05-01 10:10 - 2013-05-05 16:46 - 00000000 ___DC () C:\Program Files (x86)\Pando Networks
2014-05-01 10:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-01 10:10 - 2009-07-14 06:51 - 00063629 _____ () C:\Windows\setupact.log
2014-05-01 00:36 - 2014-01-12 01:13 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-01 00:23 - 2013-07-28 20:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 00:17 - 2014-01-18 12:17 - 00000302 _____ () C:\Windows\Tasks\FoxTab.job
2014-05-01 00:09 - 2014-04-29 23:27 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-01 00:07 - 2014-01-18 12:07 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-05-01 00:07 - 2013-05-05 16:08 - 00000000 ___RD () C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-01 00:05 - 2014-01-18 12:06 - 00000000 ____D () C:\Users\alexandra\AppData\Local\Mobogenie
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{FFAE47DE-DC8C-47F2-90A4-8B4336C10383}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D2A4E54F-9A08-4669-8912-A33C35D439C2}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D0E6D12B-D309-45DE-9C6A-68431030A72B}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{3A003DE3-AE5D-4843-A286-71365A421CD1}
2014-05-01 00:01 - 2014-05-01 00:01 - 00000000 ____D () C:\Users\alexandra\AppData\Local\PreEmptive Solutions
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 23:41 - 2013-06-27 17:34 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieUserList
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieSiteList
2014-04-30 17:47 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-30 17:47 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-30 17:46 - 2009-07-14 19:58 - 00775908 _____ () C:\Windows\system32\perfh007.dat
2014-04-30 17:46 - 2009-07-14 19:58 - 00178772 _____ () C:\Windows\system32\perfc007.dat
2014-04-30 17:46 - 2009-07-14 07:13 - 01835406 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 17:43 - 2013-07-28 20:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-30 17:43 - 2013-07-28 20:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 17:43 - 2013-07-28 20:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 23:27 - 2013-12-26 22:47 - 00000000 ____D () C:\Program Files (x86)\Show-Password
2014-04-29 23:27 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-29 23:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-24 16:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-24 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 23:59 - 2014-04-22 23:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-22 23:58 - 2013-05-05 16:12 - 00000000 ___DC () C:\Program Files (x86)\Intel
2014-04-14 16:29 - 2014-04-14 16:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-14 16:29 - 2014-04-14 16:29 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-14 16:29 - 2014-04-14 16:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-14 16:29 - 2013-05-11 02:59 - 00000000 ____D () C:\Users\alexandra\AppData\Local\Adobe
2014-04-14 16:29 - 2013-05-06 09:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-14 16:23 - 2014-04-14 16:23 - 00000000 ____D () C:\Users\alexandra\AppData\Local\Amazon Browser Bar
2014-04-14 16:22 - 2014-04-14 16:22 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\Users\alexandra\AppData\Roaming\pdfforge
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\Program Files (x86)\Amazon Browser Bar
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-04-13 19:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-09 23:44 - 2013-05-05 16:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-05 14:31 - 2014-01-12 01:13 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-05 14:31 - 2014-01-12 01:13 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Some content of TEMP:
====================
C:\Users\alexandra\AppData\Local\Temp\43676uninstall.exe
C:\Users\alexandra\AppData\Local\Temp\amazonicon_v3.exe
C:\Users\alexandra\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\alexandra\AppData\Local\Temp\AutoRun.exe
C:\Users\alexandra\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\alexandra\AppData\Local\Temp\avgnt.exe
C:\Users\alexandra\AppData\Local\Temp\BackupSetup.exe
C:\Users\alexandra\AppData\Local\Temp\bitool.dll
C:\Users\alexandra\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\alexandra\AppData\Local\Temp\drm_dyndata_7390006.dll
C:\Users\alexandra\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\alexandra\AppData\Local\Temp\eauninstall.exe
C:\Users\alexandra\AppData\Local\Temp\First15.exe
C:\Users\alexandra\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\alexandra\AppData\Local\Temp\icqsetup.exe
C:\Users\alexandra\AppData\Local\Temp\install_flashplayer11x32ax_gtbd_chrd_dn_aaa_aih.exe
C:\Users\alexandra\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\alexandra\AppData\Local\Temp\ose00000.exe
C:\Users\alexandra\AppData\Local\Temp\ose00001.exe
C:\Users\alexandra\AppData\Local\Temp\sdanircmdc.exe
C:\Users\alexandra\AppData\Local\Temp\sdapskill.exe
C:\Users\alexandra\AppData\Local\Temp\SkypeSetup.exe
C:\Users\alexandra\AppData\Local\Temp\Sqlite3.dll
C:\Users\alexandra\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\alexandra\AppData\Local\Temp\uninst1.exe
C:\Users\alexandra\AppData\Local\Temp\vcredist_x64.exe
C:\Users\alexandra\AppData\Local\Temp\vcredist_x86.exe
C:\Users\alexandra\AppData\Local\Temp\VP6Install.exe
C:\Users\alexandra\AppData\Local\Temp\VP6VFW.dll
C:\Users\alexandra\AppData\Local\Temp\_Show_Password.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-30 19:08
==================== End Of Log ============================
--- --- --- --- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014
Ran by alexandra at 2014-05-01 10:14:32
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
4shared Desktop (HKLM-x32\...\4shared Desktop) (Version: - )
64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.3042.60281 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.3042.60281 - Alcor Micro Corp.) Hidden
Amazon 1Button App (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
Amazon 1Button App (x32 Version: 1.0.4 - Amazon) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A00}) (Version: 12.10.0.2948 - APN, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.28.50 - Conexant)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
Die Sims 2: Family Fun - Accessoires (HKLM-x32\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version: - )
Die Sims 2: Nightlife (HKLM-x32\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version: - )
Die Sims 2: Open For Business (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - )
Die Sims 2: Wilde Campus-Jahre (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version: - )
Die Sims™ 2 Apartment-Leben (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts)
Die Sims™ 2 Freizeit-Spaß (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts)
Die Sims™ 2 Gute Reise (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
Die Sims™ 2 H&M®-Fashion-Accessoires (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
Die Sims™ 2 Haustiere (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
Die Sims™ 2 IKEA® Home-Accessoires (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires (HKLM-x32\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version: - Electronic Arts)
Die Sims™ 2 Party-Accessoires (HKLM-x32\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version: - )
Die Sims™ 2 Teen Style-Accessoires (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version: - Electronic Arts)
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
Die Sims™ 2: Glamour-Accessoires (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - )
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Dotfuscator Software Services - Community Edition - DEU (HKLM-x32\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
emu8086 microprocessor emulator (HKLM-x32\...\emu8086 microprocessor emulator_is1) (Version: - emu8086)
Far Cry (OEM) (HKLM-x32\...\InstallShield_{F400BA3B-B134-4701-8536-68A99CD44F5A}) (Version: 1.00.0000 - Ihr Firmenname)
Far Cry (OEM) (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Free YouTube Download version 3.2.13.925 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.13.925 - DVDVideoSoft Ltd.)
Free YouTube to DVD Converter version 3.1.20.1230 (HKLM-x32\...\Free YouTube to DVD Converter_is1) (Version: 3.1.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Plus B210 series - Grundlegende Software für das Gerät (HKLM\...\{1686185A-3D85-428D-8786-ACB403B9D420}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Hilfe (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HQ-Video-Profession-1.3 (HKLM-x32\...\HQ-Video-Profession-1.3) (Version: 1.34.1.29 - HQ-Video) <==== ATTENTION
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.11.1214.1 - Lenovo EasyCamera)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Lollipop (HKCU\...\lollipop) (Version: - Lollipop Network, S.L.) <==== ATTENTION
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{8583E7E3-2237-4981-B957-E28E5E9AB678}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{92C5C058-E941-47C3-B7E8-38A79C605969}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{9C3B8582-A72A-4835-8903-877A834407BB}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{E1C1D175-C23E-38F4-9AC1-ABE5167022CF}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Performance Collection Tools - DEU (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
NI EULA Depot (x32 Version: 2.71.128 - National Instruments) Hidden
NI LabVIEW Real-Time NBFifo (x32 Version: 9.0.222.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2009 (x32 Version: 9.0.316.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2009 (x32 Version: 9.0.127.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Web Services (x32 Version: 9.0.197.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 9.0.185.0 - National Instruments) Hidden
NI Logos 5.1 (x32 Version: 5.1.118.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.1.66.0 - National Instruments) Hidden
NI Logos64 5.1 (Version: 5.1.71.0 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.1.63.0 - National Instruments) Hidden
NI Math Kernel Libraries (64-bit) (Version: 1.0.14.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.28.0 - National Instruments) Hidden
NI MDF Support (x32 Version: 2.71.128 - National Instruments) Hidden
NI Service Locator (x32 Version: 9.0.260.0 - National Instruments) Hidden
NI TDMS (64-bit) (Version: 2.0.170.0 - National Instruments) Hidden
NI TDMS (x32 Version: 2.0.170.0 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 9.0.128.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 9.0.146.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 2.71.128 - National Instruments) Hidden
NI VC2005MSMs x64 (Version: 8.01.5 - National Instruments) Hidden
NI VC2005MSMs x86 (x32 Version: 8.01.5 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.100 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.100 - National Instruments) Hidden
NVIDIA Grafiktreiber 295.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.93 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.7.12 (Version: 1.7.12 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.11.1111 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.11.1111 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.1111 - NVIDIA Corporation)
NVIDIA Systemsteuerung 295.93 (Version: 295.93 - NVIDIA Corporation) Hidden
NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek)
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
SavingsBull (x32 Version: 1.0.0.0 - SavingsBull) Hidden <==== ATTENTION
SavingsbullFilter (HKLM\...\{813BA625-B0FA-48D8-9B75-59759C88C219}) (Version: 1.0.0.0 - SavingsBull Filter) <==== ATTENTION
Secure Download Manager (HKLM-x32\...\{E98D115E-D621-4723-8AF0-147BADA9A466}) (Version: 3.1.40 - Kivuto Solutions Inc.)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software von National Instruments (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
Sony PC Companion 2.10.188 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Studie zur Verbesserung von HP Photosmart Plus B210 series Produkten (HKLM\...\{8EB5554F-0A28-49EE-9FBA-0A41079F3B92}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Updater Service (HKLM-x32\...\Updater Service) (Version: 15,9,28,27 - ) <==== ATTENTION
V102_MRSim2 (HKLM-x32\...\{22257B19-CCAF-4C46-B249-9D431F2C4B8D}) (Version: 1.0.0 - FH-Giessen)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Utils (HKLM-x32\...\Windows Utils) (Version: - )
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WPM17.8.0.3325 (HKLM-x32\...\WPM) (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
==================== Restore Points =========================
14-04-2014 14:01:39 Removed Adobe Reader XI (11.0.06) - Deutsch.
22-04-2014 20:42:02 Geplanter Prüfpunkt
22-04-2014 22:32:41 Windows Update
30-04-2014 17:15:19 Geplanter Prüfpunkt
30-04-2014 22:03:31 Removed Helium
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {167B15C5-2320-4FF6-BF5F-B855DC276DEF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {527F1823-2F61-4E26-A487-A133969F80AD} - System32\Tasks\HQ-Video-Profession-1.3-enabler => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe [2014-02-20] (HQ-Video) <==== ATTENTION
Task: {57A04E1D-E207-4117-8EC5-BE4BC1065618} - System32\Tasks\HQ-Video-Profession-1.3-updater => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe [2014-02-20] (HQ-Video) <==== ATTENTION
Task: {63E4B6EC-C78A-4687-8508-DEFA6E854571} - System32\Tasks\HQ-Video-Profession-1.3-chromeinstaller => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe [2014-02-20] (HQ-Video) <==== ATTENTION
Task: {8098DFC3-406F-45C0-AA63-428463833A34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30] (Adobe Systems Incorporated)
Task: {A371C340-859D-4D01-A837-9B8D078FB865} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {BD5ABF3E-A062-4CD9-8C6F-00ED4C8256AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-12] (Google Inc.)
Task: {BE70C3B2-304F-4682-BC0E-D8DE7CE2907D} - System32\Tasks\FoxTab => C:\Users\ALEXAN~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C72B2796-69DF-4AC7-A7CC-8FB605707F45} - System32\Tasks\HQ-Video-Profession-1.3-firefoxinstaller => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe [2014-02-20] (HQ-Video) <==== ATTENTION
Task: {DBE48134-1E5B-4F0E-A5D8-74E7B38B23B8} - System32\Tasks\MirageAgent => c:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28] (CyberLink)
Task: {E01748C5-A9BC-498E-880A-20CE2875D6CA} - System32\Tasks\HPCustParticipation HP Photosmart Plus B210 series => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F947BB07-A004-48D4-8B20-512AAC4EA537} - System32\Tasks\HQ-Video-Profession-1.3-codedownloader => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe [2014-02-20] (HQ-Video) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\ALEXAN~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-07-28 21:08 - 2013-07-28 21:07 - 00825280 _____ () C:\ProgramData\IBUpdaterService\ibsvc.exe
2014-01-27 22:45 - 2014-01-27 22:45 - 00710976 _____ () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
2011-03-31 17:08 - 2011-03-31 17:08 - 00080896 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-01-16 17:06 - 2014-01-16 17:06 - 00167936 _____ () c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
2013-11-20 12:34 - 2013-11-20 12:34 - 00317952 _____ () c:\Program Files\SavingsbullFilter\ProtocolFilters.dll
2013-11-20 12:35 - 2013-11-20 12:35 - 00110080 _____ () c:\Program Files\SavingsbullFilter\nfapi.dll
2013-03-21 20:24 - 2013-03-21 20:24 - 00222368 _____ () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
2013-05-05 16:11 - 2010-10-26 12:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2012-02-18 00:21 - 2012-02-18 00:21 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-13 01:30 - 2013-09-13 01:28 - 00394824 _____ () D:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-30 23:42 - 2014-04-22 11:25 - 03845232 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-30 17:43 - 2014-04-30 17:43 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/01/2014 10:10:51 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DTLite.exe, Version: 4.48.1.347, Zeitstempel: 0x526e206a
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xb04
Startzeit der fehlerhaften Anwendung: 0xDTLite.exe0
Pfad der fehlerhaften Anwendung: DTLite.exe1
Pfad des fehlerhaften Moduls: DTLite.exe2
Berichtskennung: DTLite.exe3
Error: (04/30/2014 11:59:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Toolbar.exe, Version: 21.5.0.2560, Zeitstempel: 0x5272f72c
Name des fehlerhaften Moduls: so.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5272f720
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6a2e8870
ID des fehlerhaften Prozesses: 0x2578
Startzeit der fehlerhaften Anwendung: 0xToolbar.exe0
Pfad der fehlerhaften Anwendung: Toolbar.exe1
Pfad des fehlerhaften Moduls: Toolbar.exe2
Berichtskennung: Toolbar.exe3
Error: (04/30/2014 11:59:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Au_.exe, Version: 4.48.1.347, Zeitstempel: 0x4bc06cda
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc06d007e
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x8470
Startzeit der fehlerhaften Anwendung: 0xAu_.exe0
Pfad der fehlerhaften Anwendung: Au_.exe1
Pfad des fehlerhaften Moduls: Au_.exe2
Berichtskennung: Au_.exe3
Error: (04/30/2014 11:57:59 PM) (Source: MsiInstaller) (User: alexandra-PC)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox
Error: (04/30/2014 11:57:58 PM) (Source: MsiInstaller) (User: alexandra-PC)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox
Error: (04/30/2014 11:57:57 PM) (Source: MsiInstaller) (User: alexandra-PC)
Description: Produkt: Ask Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox
Error: (04/30/2014 11:33:54 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17041 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 4a48
Startzeit: 01cf64bab53536c1
Endzeit: 10
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID:
Error: (04/30/2014 11:32:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17041, Zeitstempel: 0x531807e4
Name des fehlerhaften Moduls: SoftonicEng.dll, Version: 1.8.20.0, Zeitstempel: 0x51b68b1f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00029ba3
ID des fehlerhaften Prozesses: 0x6660
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Error: (04/30/2014 11:29:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/30/2014 11:27:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17041, Zeitstempel: 0x531807e4
Name des fehlerhaften Moduls: IEOptimizer.dll, Version: 0.0.0.0, Zeitstempel: 0x53037983
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000014fa
ID des fehlerhaften Prozesses: 0x58c4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
System errors:
=============
Error: (05/01/2014 10:11:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (05/01/2014 10:11:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (05/01/2014 10:10:44 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (05/01/2014 10:10:23 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (05/01/2014 00:11:31 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WebCakeUpdater" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/01/2014 00:07:21 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/30/2014 05:41:40 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/30/2014 05:41:35 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/30/2014 05:40:41 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (04/30/2014 05:40:18 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 3957.11 MB
Available physical RAM: 1539.78 MB
Total Pagefile: 13912.39 MB
Available Pagefile: 11405.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.15 GB) (Free:63.17 GB) NTFS
Drive d: () (Fixed) (Total:568.63 GB) (Free:445.88 GB) NTFS
Drive e: (Volume) (Fixed) (Total:130 GB) (Free:114.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 8B1E8B1E)
Partition 1: (Not Active) - (Size=569 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=130 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: E2A06380)
Partition 1: (Not Active) - (Size=8 GB) - (Type=84)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
02.05.2014, 07:26
| #4 |
| /// the machine /// TB-Ausbilder | Win7: Firefox öffnet selbstständig neue Tabs Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.05.2014, 17:38
| #5 |
| | Win7: Firefox öffnet selbstständig neue Tabs Hey entschuldige das es so lange gedauert hat. Hatte viel zu tun. Bin jetzt beim ersten Schritt. Was genau soll ich da markieren oder einfach alles oder gar nichts? |
|
07.05.2014, 11:11
| #6 |
| /// the machine /// TB-Ausbilder | Win7: Firefox öffnet selbstständig neue Tabs Bei dieser Abfrage sowie der vielleicht folgenden mit Ordnern immer Markiere alle und dann löschen drücken.
__________________ --> Win7: Firefox öffnet selbstständig neue Tabs |
|
07.05.2014, 17:51
| #7 |
| | Win7: Firefox öffnet selbstständig neue Tabs Ok habe es erstmal gemacht. Einige Sachen findet Revo aber nicht. Undzwar: SavingBull HQ-Video-Profession sc UPDATE~1 (gibts gleich 3x) HQ-Video-Profession (und irgendwas mit firefoxinstaller gibts 3x) HQ-Video-Profession (und irgendwas mit codedownloader gibts 3x) HQ-Video-Profession (und irgendwas mit enabler 2x) HQ-Video-Profession (und irgendwas mit updater 2x) HQ-Video-Profession (und irgendwas mit chromeinstaller 2x) Außerdem rächt sich mein Laptop grade etwas. Er öffnet etwa die 3fache Menge an Tabs als vorher  |
|
08.05.2014, 10:42
| #8 |
| /// the machine /// TB-Ausbilder | Win7: Firefox öffnet selbstständig neue Tabs Diese Dinge bitte über Windows deinstallieren, wenn dort vorhanden in der Liste. Dann direkt weiter mit den nächsten Schritten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.05.2014, 11:10
| #9 |
| | Win7: Firefox öffnet selbstständig neue Tabs Die Dateien habe ich auch bei Windows nicht gefunden. Beim Combofix kam eine Meldung das der Zugriff auf die Registry verhindert wurde. Code:
ATTFilter ComboFix 14-05-05.01 - alexandra 09.05.2014 11:44:49.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3957.2656 [GMT 2:00]
ausgeführt von:: d:\users\alexandra\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\alexandra\AppData\Local\assembly\tmp
c:\users\alexandra\AppData\Roaming\Microsoft\Windows\Recent\PDFCreator.url
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome.manifest
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\asyncDB.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\background.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\browserAction.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\contextMenu.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\dbManager.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\dom_bg.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\fileManager.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\firefox.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\firefoxNotifications.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\firefoxOmnibox.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\message.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\pageAction.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\request.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\tabs.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\webRequest.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\api\windowsMessagingHandler.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\background.html
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\baseObject.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\browser.xul
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\addressBarChangeObserver.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\console.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\consts.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\delegate.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\extensionDataStore.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\folderIOWrapper.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\httpObserver.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\IDBWrapper.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\installer.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\logFile.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\prefs.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\progressListenerObserver.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\registry.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\reloadObserver.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\reports.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\requestObject.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\searchSettings.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\uninstallObserver.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\updateManager.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\utils.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\core\xhr.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\dialog.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\ffCoreFilesIndex.txt
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\main.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\options.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\options.xul
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\platformVersion.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\chrome\content\search_dialog.xul
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\defaults\preferences\prefs.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\manifest.xml
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins.json
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\1_base.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\102_dealply_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\103_intext_5_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\104_jollywallet_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\119_similar_web_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\123_intext_adv_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\17_jQuery.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\182_openUrl.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\183_tabsWrapper.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\190_pops_5_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\191_ciuvo_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\207_dbWrapper.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\21_debug.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\22_resources.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\220_icm_base_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\221_icm_downloads_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\223_imonomy_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\226_set_campaign_id_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\231_revizer_ws_dynamic_2_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\232_revizer_p_dynamic_2_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\242_price_gong_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\244_engageya_inner_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\246_setup.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\257_adextent_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\28_initializer.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\47_resources_background.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\64_appApiMessage.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\7_hooks.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\72_appApiValidation.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\9_search_engine_hook.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\98_omniCommands.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\userCode\background.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\userCode\extension.js
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\install.rdf
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\locale\en-US\translations.dtd
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button1.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button2.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button3.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button4.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\button5.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\crossrider_statusbar.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\icon128.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\icon16.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\icon24.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\icon48.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\panelarrow-up.png
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\popup.html
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\skin.css
c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\skin\update.css
c:\windows\IsUn0407.exe
D:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Level Quality Watcher
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-09 bis 2014-05-09 ))))))))))))))))))))))))))))))
.
.
2014-05-07 15:26 . 2014-04-29 14:01 23547904 ----a-w- c:\windows\system32\mshtml.dll
2014-05-07 15:26 . 2014-04-29 13:40 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-07 15:26 . 2014-04-29 12:34 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-07 15:26 . 2014-05-07 15:26 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-06 16:16 . 2014-04-14 02:24 465408 ----a-w- c:\windows\system32\aepdu.dll
2014-05-06 16:16 . 2014-04-14 02:19 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-01 08:14 . 2014-05-01 08:15 -------- d-----w- C:\FRST
2014-04-30 22:01 . 2014-04-30 22:01 -------- d-----w- c:\users\alexandra\AppData\Local\PreEmptive Solutions
2014-04-30 21:42 . 2014-04-30 21:42 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-04-30 21:27 . 2014-04-30 21:27 -------- d-sh--w- c:\users\alexandra\AppData\Local\EmieUserList
2014-04-30 21:27 . 2014-04-30 21:27 -------- d-sh--w- c:\users\alexandra\AppData\Local\EmieSiteList
2014-04-22 22:32 . 2014-03-08 02:34 809680 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2014-04-22 22:32 . 2014-03-06 08:53 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-04-22 22:32 . 2014-03-06 06:22 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-04-22 22:32 . 2014-03-06 05:58 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-04-22 22:32 . 2014-03-06 05:41 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-04-22 22:32 . 2014-03-08 01:59 811728 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2014-04-22 22:32 . 2014-03-06 07:11 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-04-22 22:32 . 2014-03-06 06:40 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-04-22 22:32 . 2014-03-06 06:53 13551104 ----a-w- c:\windows\system32\ieframe.dll
2014-04-22 22:32 . 2014-03-06 08:11 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-04-22 22:32 . 2014-03-06 07:46 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-04-22 21:58 . 2013-07-18 08:43 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2014-04-22 21:57 . 2013-07-18 08:43 795632 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-04-22 21:57 . 2013-07-18 08:43 358896 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-04-22 21:57 . 2013-07-18 08:43 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-04-14 14:23 . 2014-04-14 14:23 -------- d-----w- c:\users\alexandra\AppData\Local\Amazon Browser Bar
2014-04-14 14:22 . 2014-04-14 14:22 -------- d-----w- c:\users\alexandra\AppData\Roaming\pdfforge
2014-04-14 14:22 . 2012-05-05 08:54 662288 ----a-w- c:\windows\SysWow64\MSCOMCT2.OCX
2014-04-14 14:22 . 2012-05-05 08:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2014-04-14 14:22 . 2012-05-05 08:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2014-04-14 14:22 . 1998-07-06 15:56 125712 ----a-w- c:\windows\SysWow64\VB6DE.DLL
2014-04-14 14:22 . 1998-07-06 15:55 158208 ----a-w- c:\windows\SysWow64\MSCMCDE.DLL
2014-04-14 14:22 . 1998-07-06 15:55 64512 ----a-w- c:\windows\SysWow64\MSCC2DE.DLL
2014-04-14 14:22 . 2014-04-14 14:22 -------- d-----w- c:\program files (x86)\Amazon Browser Bar
2014-04-14 14:22 . 2014-04-14 14:22 -------- d-----w- c:\program files (x86)\Amazon
2014-04-09 18:07 . 2014-01-24 02:37 1684928 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-30 15:43 . 2013-07-28 18:13 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-30 15:43 . 2013-07-28 18:13 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-04 09:17 . 2014-04-09 18:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}]
2014-02-18 09:17 86800 ----a-w- c:\program files (x86)\SavingsBull\IEOptimizer.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-12-20 19:17 12240 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-12-20 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lollipop"="lollipop" [X]
"HP Photosmart Plus B210 series (NET)"="c:\program files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"EADM"="d:\program files (x86)\Origin\Origin.exe" [2014-01-19 3551576]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"NextLive"="c:\users\alexandra\AppData\Roaming\newnext.me\nengine.dll" [2014-01-06 1283584]
"Skype"="d:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-06-01 506712]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2011-12-09 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"avgnt"="d:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-20 689744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-07-18 292088]
.
c:\users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
net.lnk - c:\users\alexandra\AppData\Roaming\Windows Net Data\net.exe [2013-12-18 709120]
Tintenwarnungen überwachen - HP Photosmart Plus B210 series (Netzwerk).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Photosmart Plus B210 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0CF2P49F05J9;CONNECTION=NW;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 netfilter64;netfilter64;c:\windows\system32\drivers\netfilter64.sys;c:\windows\SYSNATIVE\drivers\netfilter64.sys [x]
S2 AntiVirSchedulerService;Avira Planer;d:\program files (x86)\Avira\AntiVir Desktop\sched.exe;d:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;d:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;d:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 SavingsbullFilterService64;SavingsbullFilterService64;c:\program files\SavingsbullFilter\SavingsbullFilterService64.exe;c:\program files\SavingsbullFilter\SavingsbullFilterService64.exe [x]
S2 SkypeUpdate;Skype Updater;d:\program files (x86)\Skype\Updater\Updater.exe;d:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Updater Service for AMZN;Updater Service for AMZN;c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe;c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-28 15:43]
.
2014-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11 23:13]
.
2014-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11 23:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-12-20 19:17 13776 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" [2013-12-20 13776]
.
[HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-03-29 883840]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-02-21 1654400]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-01-05 378968]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-04 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-04 771056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-04 770032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_3ebb124613ae4f838b93cacc54239a80_39_1007_20140414_DE_ie_sp_
mDefault_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
mDefault_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575
mStart Page = hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}
IE: &Download All using 4shared Desktop - d:\program files (x86)\4shared Desktop\Desktop.32/D_ALL_LINK
IE: &Download using 4shared Desktop - d:\program files (x86)\4shared Desktop\Desktop.32/D_ONE_LINK
IE: Nach Microsoft E&xel exportieren - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
LSP: d:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\
FF - ExtSQL: !HIDDEN! 2013-07-28 21:08; speedanalysis02@SpeedAnalysis.com; c:\users\alexandra\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF - ExtSQL: !HIDDEN! 2013-07-28 21:08; zulagames@ZulaGames.com; c:\users\alexandra\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com
FF - user.js: extensions.irspeeddial.aflt - fxtb103
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 334247509
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzuyByE0EyDyEtA0BzztB0DtAtDtB0Bzy0EtN0D0Tzu0SyByEzztN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1Czu
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Sony PC Companion - c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110511151178} - c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
AddRemove-zulagames - c:\program files (x86)\Zula Games\uninst.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1570462422-647281090-2477604668-1000\Software\SecuROM\License information*]
"datasecu"=hex:23,65,d3,25,b3,92,32,7a,f1,85,42,a5,13,41,26,c0,08,3a,5d,9d,fc,
80,5e,d8,d4,92,6d,bb,f0,ba,5f,2c,cc,86,2c,be,16,3f,81,a3,91,c3,db,b2,07,49,\
"rkeysecu"=hex:ab,2b,5f,5b,8e,b2,7c,30,c9,10,7d,20,68,2a,7f,5d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
d:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\lkads.exe
c:\windows\SysWOW64\lktsrv.exe
d:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\SysWOW64\nisvcloc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-09 11:53:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-05-09 09:53
.
Vor Suchlauf: 12 Verzeichnis(se), 67.374.862.336 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 68.573.700.096 Bytes frei
.
- - End Of File - - 817A25376FB7EF97D15A5B634E2F7953
5FB38429D5D77768867C76DCBDB35194
|
|
10.05.2014, 10:52
| #10 |
| /// the machine /// TB-Ausbilder | Win7: Firefox öffnet selbstständig neue Tabs Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.05.2014, 21:01
| #11 |
| | Win7: Firefox öffnet selbstständig neue Tabs mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 13.05.2014 Suchlauf-Zeit: 21:32:38 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.05.13.12 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: alexandra Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 311934 Verstrichene Zeit: 10 Min, 27 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 2 PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe, 2672, Löschen bei Neustart, [9c547dd34239d6600d022f65dc268779] PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe, 2868, Löschen bei Neustart, [1ad6df717ffced49b742b004a063916f] Module: 0 (No malicious items detected) Registrierungsschlüssel: 35 PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [00f0361a9fdc0c2a96031d3e669c6f91], PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [00f0361a9fdc0c2a96031d3e669c6f91], PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [7c7419373e3dfa3c1f73da49d62cf40c], PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, In Quarantäne, [7c7419373e3dfa3c1f73da49d62cf40c], PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}, In Quarantäne, [0ae64e02f9825fd78419bf9ca45e7f81], PUP.Optional.WebCake.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DF84E609-C3A4-49CB-A160-61767DAF8899}, In Quarantäne, [0ae64e02f9825fd78419bf9ca45e7f81], PUP.Optional.WebCake.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AF6B0594-6008-4327-93E5-608AD710A6FA}, Löschen bei Neustart, [7977a2ae9dde1c1abbe164f743bfc040], PUP.Optional.SavingsBull.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SavingsbullFilterService64, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.AmazonTB.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Updater Service for AMZN, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.AmazonTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Amazon Browser Settings, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.DomaIQ.A, HKLM\SOFTWARE\DomaIQ, In Quarantäne, [915f75db56256dc9a29d514a05fd07f9], PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\Savings Bull, In Quarantäne, [cf2171df95e656e013fe2f6520e231cf], PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\SavingsBull Filter, In Quarantäne, [7f71113fa3d83bfbb161553f48ba827e], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [8c6487c980fb58de2a02a3176a99d52b], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{813BA625-B0FA-48D8-9B75-59759C88C219}, In Quarantäne, [ab457cd42b502c0a468dec94808231cf], PUP.Optional.NationZoom.A, HKLM\SOFTWARE\WOW6432NODE\nationzoomSoftware, In Quarantäne, [48a8aaa67ffce84e505d8b3348bb738d], PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\WOW6432NODE\SavingsbullFilter, In Quarantäne, [5c943917116a9b9b0e055b39fc0642be], PUP.Optional.Zulagames.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gflandjopdloblmlcoiidmncpinmmacn, In Quarantäne, [4fa17ed2b0cb73c31cc67144c83b33cd], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [3fb1262a83f885b1b973526861a256aa], PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 2.5, Löschen bei Neustart, [5b956fe17cff78be88093c5757ab3bc5], PUP.Optional.HQVideoProfession.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQ-Video-Profession-1.3, Löschen bei Neustart, [21cfe07087f4a69028189001a161b54b], PUP.Optional.DataMngr.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Löschen bei Neustart, [09e7dd734a314ee8d963e1cd6a99ac54], PUP.Optional.SavingsBull.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SavingsBull, Löschen bei Neustart, [d020dd731e5d2214fe47e5e2ea19d927], PUP.Optional.HQVideoProfession.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQ-Video-Profession-1.3, Löschen bei Neustart, [3db3e36d93e8ee4841ffb3deab5755ab], PUP.Optional.SavingsBull.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Savings Bull, Löschen bei Neustart, [e40cbf913546979f16fa296b05fd32ce], PUP.Optional.SavingsBull.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SavingsBull, Löschen bei Neustart, [c62aa7a9780355e122228b3cf01313ed], PUP.Optional.AlexaTB.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, Löschen bei Neustart, [22cef7598bf0c37319decaea57acba46], PUP.Optional.InstallCore.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Löschen bei Neustart, [a34d75db9fdc4aec1c25ebadfa0815eb], PUP.Optional.InstallCore.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Löschen bei Neustart, [e30de66a5d1e88aee87bac029a6959a7], PUP.Optional.CrossRider.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\HQ-Video, Löschen bei Neustart, [d8189db3b2c91d19a4a96f130002eb15], PUP.Optional.Qone8, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [79775af62853072fc5666b4f2cd739c7], PUP.Optional.BProtector.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, Löschen bei Neustart, [de12b0a0a5d65ed8bcdcb9f8e12212ee], PUP.Optional.SavingsBull.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Level Quality Watcher, In Quarantäne, [5b951e32b2c9a096229079f99a685ea2], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511151178}, In Quarantäne, [a7497ed2f7849b9b0c9d67e259ab10f0], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511151178}, In Quarantäne, [a7497ed2f7849b9b0c9d67e259ab10f0], Registrierungswerte: 4 PUP.Optional.NextLive.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\alexandra\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, Löschen bei Neustart, [fef297b9de9d7abc714b5df6669be020] PUP.Optional.InstallCore.A, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0J1L2U1C1H1Q0R2X1L1R1P0B1P, Löschen bei Neustart, [e30de66a5d1e88aee87bac029a6959a7] PUP.BProtector, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www.searchgol.com/?babsrc=HP_ss_Btisdt7&mntrId=3452047D7BFFAD6C&affID=121565&tsp=5007, Löschen bei Neustart, [34bc62ee99e2f2448cb2644ad72c1ee2] PUP.BProtector, HKU\S-1-5-21-1570462422-647281090-2477604668-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Löschen bei Neustart, [3cb4fb551566082e330c129c21e224dc] Registrierungsdaten: 7 PUP.Optional.NationZoom.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575),Ersetzt,[21cfe26edaa1bf771f1658e5b74de41c] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[7b751e320c6f1a1ca03a65e18b799a66] PUP.Optional.NationZoom.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}),Ersetzt,[5799f45c98e3f442e94b0b32c83c54ac] PUP.Optional.NationZoom.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575),Ersetzt,[fbf5be9259226ec81d16261750b44bb5] PUP.Optional.NationZoom.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.nationzoom.com/?type=hp&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575),Ersetzt,[dc14b69ab2c9f93daa8b59e47391d828] PUP.Optional.NationZoom, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.nationzoom.com/web/?type=ds&ts=1390039593&from=tugs&uid=ST750LM022XHN-M750MBB_S2USJ9EC709575&q={searchTerms}),Ersetzt,[7977a1af89f281b558cb380f2cd8926e] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[41afe26e314ae84ee9f1d07619eb0000] Ordner: 22 PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter, Löschen bei Neustart, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SpeedAnalysis.A, C:\Users\alexandra\AppData\Roaming\SpeedAnalysis2, In Quarantäne, [8f61de726a114bebd7a4c7e5c53e27d9], PUP.Optional.AmazonTB.A, C:\Users\alexandra\AppData\Local\Amazon Browser Bar, In Quarantäne, [935d153bec8f59dd0fe9f4c0be457e82], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar, Löschen bei Neustart, [1ad6df717ffced49b742b004a063916f], PUP.Optional.Zulagames.A, C:\Users\alexandra\AppData\Roaming\zulagames, In Quarantäne, [c12fafa17dfeb38329b653627d8614ec], PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01, In Quarantäne, [90603a1683f8a29496a19f2050b36799], PUP.Optional.OpenCandy, C:\Users\alexandra\AppData\Roaming\OpenCandy, In Quarantäne, [6888f35d98e38aac2c68e38b3fc3a55b], PUP.Optional.OpenCandy, C:\Users\alexandra\AppData\Roaming\OpenCandy\30A8529063CB491B99795E3667E34126, In Quarantäne, [6888f35d98e38aac2c68e38b3fc3a55b], PUP.Optional.OpenCandy, C:\Users\alexandra\AppData\Roaming\OpenCandy\815ACEE47B0448068D9ED5E928143CC0, In Quarantäne, [6888f35d98e38aac2c68e38b3fc3a55b], PUP.Optional.OpenCandy, C:\Users\alexandra\AppData\Roaming\OpenCandy\C3D7563B65E04E788957E956FDA58CAA, In Quarantäne, [6888f35d98e38aac2c68e38b3fc3a55b], PUP.Optional.OpenCandy, C:\Users\alexandra\AppData\Roaming\OpenCandy\F74C418EFF224AD69ECAE7EABBB17689, In Quarantäne, [6888f35d98e38aac2c68e38b3fc3a55b], PUP.Optional.FileScout.A, C:\Users\alexandra\AppData\Roaming\File Scout, In Quarantäne, [d61ab99714671f17426a3b3318ea53ad], PUP.Optional.NextLive.A, C:\Users\alexandra\AppData\Roaming\newnext.me, In Quarantäne, [b7397dd33348b28486c02e428d75d12f], PUP.Optional.NextLive.A, C:\Users\alexandra\AppData\Roaming\newnext.me\cache, In Quarantäne, [b7397dd33348b28486c02e428d75d12f], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsBull, In Quarantäne, [5b951e32b2c9a096229079f99a685ea2], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.CrossRider.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\lndipknmjijnalnkamonmljeaojdbpna, In Quarantäne, [bd3353fdc0bbeb4b61674c26de24c040], PUP.Optional.CrossRider.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\lndipknmjijnalnkamonmljeaojdbpna\1.26.5_0, In Quarantäne, [bd3353fdc0bbeb4b61674c26de24c040], PUP.Optional.AmazonTB.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\jetpack\abb@amazon.com, In Quarantäne, [e20ed47cd2a968cedd53fc78bf439a66], PUP.Optional.AmazonTB.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\jetpack\abb@amazon.com\simple-storage, In Quarantäne, [e20ed47cd2a968cedd53fc78bf439a66], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], Dateien: 213 PUP.Optional.NextLive.A, C:\Users\alexandra\AppData\Roaming\newnext.me\nengine.dll, In Quarantäne, [fef297b9de9d7abc714b5df6669be020], PUP.Optional.CouponDownloader.A, C:\Program Files (x86)\SavingsBull\IEOptimizer.dll, In Quarantäne, [7c7419373e3dfa3c1f73da49d62cf40c], PUP.Optional.WebCake.A, C:\Program Files (x86)\Movdap\WebCakeIEClient.dll, In Quarantäne, [0ae64e02f9825fd78419bf9ca45e7f81], PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, In Quarantäne, [bb35242c27543df967a17897c2420af6], PUP.Optional.Babylon.A, C:\Users\alexandra\AppData\Roaming\OpenCandy\30A8529063CB491B99795E3667E34126\DeltaTB.exe, In Quarantäne, [b040f25e790244f2d1480cf99b66b24e], PUP.Optional.Babylon.A, C:\Users\alexandra\AppData\Roaming\OpenCandy\C3D7563B65E04E788957E956FDA58CAA\DeltaTB.exe, In Quarantäne, [569a6ee27cffb1854ccdc342d22f11ef], PUP.Optional.OpenCandy.A, C:\Users\alexandra\AppData\Roaming\OpenCandy\F74C418EFF224AD69ECAE7EABBB17689\Setupsft_chr_p1v7.exe, In Quarantäne, [d8180e420d6e0531aaf395a1e81c5aa6], PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [16dadd733e3d2f07a42c8b95669a6898], PUP.Optional.NextLive.A, C:\Users\alexandra\AppData\Local\genienext\nengine.dll, In Quarantäne, [7e7267e9a2d93ff7902c7dd6f40d8977], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\searchplugins\softonic.xml, In Quarantäne, [a848e16fccafb08622b589000df5f808], PUP.Optional.AmazonTB.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\abb@amazon.com.xpi, In Quarantäne, [fdf337191566e84e68958309e81a55ab], PUP.Optional.Babylon.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\searchplugins\babylon.xml, In Quarantäne, [3eb2d27e512a6fc7f40a2468d82acf31], PUP.Optional.BProtector.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\bProtector_extensions.sqlite, In Quarantäne, [c72968e8f08b8aac1af394f979895da3], PUP.Optional.BProtector.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\bprotector_prefs.js, In Quarantäne, [737dce82dba0a88eb658e1ac0ef403fd], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\sample.dll, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\Installbat64.dll, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\Microsoft.Deployment.WindowsInstaller.dll, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\Microsoft.Deployment.WindowsInstaller.xml, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\netfilter64.sys, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\nfapi.dll, Löschen bei Neustart, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\nfregdrv.exe, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\ProtocolFilters.dll, Löschen bei Neustart, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe, Löschen bei Neustart, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\SvcConfig64.exe, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsbullFilter\SvcControl64.exe, In Quarantäne, [9c547dd34239d6600d022f65dc268779], PUP.Optional.SpeedAnalysis.A, C:\Users\alexandra\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx, In Quarantäne, [8f61de726a114bebd7a4c7e5c53e27d9], PUP.Optional.SpeedAnalysis2.A, C:\Users\alexandra\AppData\Roaming\speedanalysis.ico, In Quarantäne, [bf31f8581c5f0234ca916748689b5aa6], PUP.Optional.AmazonTB.A, C:\Users\alexandra\AppData\Local\Amazon Browser Bar\protect.xml, In Quarantäne, [935d153bec8f59dd0fe9f4c0be457e82], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.ini, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\installer.xml, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\search_protect.exe, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe, Löschen bei Neustart, [1ad6df717ffced49b742b004a063916f], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\uninstall.ico, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\uninstall.json, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\uninstaller.exe, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.AmazonTB.A, C:\Program Files (x86)\Amazon Browser Bar\update.xml, In Quarantäne, [1ad6df717ffced49b742b004a063916f], PUP.Optional.Zulagames.A, C:\Users\alexandra\AppData\Roaming\zulagames\zulagames.crx, In Quarantäne, [c12fafa17dfeb38329b653627d8614ec], PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe, In Quarantäne, [90603a1683f8a29496a19f2050b36799], PUP.Optional.Adpeak, C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe, In Quarantäne, [90603a1683f8a29496a19f2050b36799], PUP.Optional.OpenCandy, C:\Users\alexandra\AppData\Roaming\OpenCandy\815ACEE47B0448068D9ED5E928143CC0\TuneUpUtilities2013-2200218_de-DE.exe, In Quarantäne, [6888f35d98e38aac2c68e38b3fc3a55b], PUP.Optional.FileScout.A, C:\Users\alexandra\AppData\Roaming\File Scout\uninst.exe, In Quarantäne, [d61ab99714671f17426a3b3318ea53ad], PUP.Optional.NextLive.A, C:\Users\alexandra\AppData\Roaming\newnext.me\nengine.cookie, In Quarantäne, [b7397dd33348b28486c02e428d75d12f], PUP.Optional.NextLive.A, C:\Users\alexandra\AppData\Roaming\newnext.me\cache\spark.bin, In Quarantäne, [b7397dd33348b28486c02e428d75d12f], PUP.Optional.SavingsBull.A, C:\Program Files\SavingsBull\uninstaller.exe, In Quarantäne, [5b951e32b2c9a096229079f99a685ea2], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\background.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\bootstrap.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\bootstrap.js.old, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\CustomActionInstall, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\CustomActionUninstall, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_addon_runner.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_api-utils.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_base64.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_byte-streams.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_collection.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_content.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_cortex.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_cuddlefish.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_deprecate.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_environment.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_errors.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_events.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_functional.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_globals.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_heritage.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_hidden-frame.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_light-traits.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_list.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_loader.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_match-pattern.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_memory.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_namespace.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_observer-service.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_plain-text-console.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_preferences-service.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_promise.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_querystring.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_addonkit_page-mod.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_addonkit_private-browsing.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_addonkit_request.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_sandbox.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_self.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_system.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_text-streams.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_timer.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_traceback.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_traits.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_unload.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_url.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_uuid.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_window-utils.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_xhr.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_xpcom.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_xul-app.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_addonkit_windows.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_file.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_base_runtime.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_locales.json, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_traits_core.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_bootstrap.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_content_content-proxy.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_content_content-worker.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_content_loader.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_content_symbiont.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_content_worker.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_dom_events.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_events_assembler.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_event_core.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_event_target.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_harness-options.json, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_icon.png, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_icon64.png, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_install.rdf, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_l10n_core.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_l10n_html.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_l10n_loader.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_l10n_locale.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_l10n_prefs.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_main.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_main.js.old, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_prefs.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_privatebrowsing_utils.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_system_events.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_tabs_events.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_tabs_observer.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_tabs_tab.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_tabs_utils.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_utils_data.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_utils_object.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_utils_registry.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_utils_thumbnail.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_windows_dom.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_windows_loader.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_windows_observer.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_windows_tabs.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\ff_window_utils.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon128.png, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon16.png, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon32.png, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon48.png, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon64.png, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\icon8.png, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\IEOptimizer64.dll, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\manifest.json, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\marcopolo.js, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.dll, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\Microsoft.Deployment.WindowsInstaller.xml, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\SendJson.dll, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.SavingsBull.A, C:\Program Files (x86)\SavingsBull\uninstaller.exe, In Quarantäne, [12de163a0e6d26109d15284a9c66dc24], PUP.Optional.AmazonTB.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\jetpack\abb@amazon.com\simple-storage\store.json, In Quarantäne, [e20ed47cd2a968cedd53fc78bf439a66], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\appCntrl.js, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.html, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.js, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\chMntz.dll, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ct.js, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CTB.dll, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\dpk.js, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.htm, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.js, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\json2.min.js, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\logo.png, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\manifest.json, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\pref.json, In Quarantäne, [34bc8ac66d0e0f273f12a1d5ab572fd1], PUP.Optional.CrossRider.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "143a4daac5896059c4013c19fa802898");), Ersetzt,[5e9297b996e50e288c73f67c28dc2ad6] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.admin", false);), Ersetzt,[5f9197b9d7a4b581e42c8fe4d72d0ff1] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.aflt", "OC");), Ersetzt,[d21e9ab6a4d778be2de388eb16ee60a0] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");), Ersetzt,[78782e22c0bbf2444cc48ae96c98ed13] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.autoRvrt", "false");), Ersetzt,[9d53450b3e3d9a9ca26e3d36e61e738d] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dfltLng", "de");), Ersetzt,[05eb70e0b1ca44f2b9573e35b94bbf41] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dfltSrch", true);), Ersetzt,[8e626de3542744f2e52bbeb5758fdc24] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dnsErr", true);), Ersetzt,[f00051ff136873c37c94452ea06416ea] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.excTlbr", false);), Ersetzt,[ca26ee6297e4fb3be62a9cd7e2227a86] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.ffxUnstlRst", false);), Ersetzt,[618f73dd4833da5cd13fc9aafe066a96] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpg", true);), Ersetzt,[b53bc68a7506043232debbb828dce818] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=34522b9e00000000000016e543b82d30");), Ersetzt,[1fd12b2534473cfa45cb3d36ee165ba5] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.id", "34522b9e00000000000016e543b82d30");), Ersetzt,[08e887c991eabd79809043307b8909f7] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.instlDay", "16036");), Ersetzt,[559ba3ad88f351e5c050d69d23e141bf] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.instlRef", "MOY00621");), Ersetzt,[29c780d02556d46212fe9fd4b054b947] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.newTab", true);), Ersetzt,[727ef35d94e73501e32d7df6e51fbf41] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=34522b9e00000000000016e543b82d30");), Ersetzt,[35bb68e8582344f2d33d096ab94bc739] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.prdct", "Softonic");), Ersetzt,[d917f0604437a78f21efd59e11f38878] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.prtnrId", "softonic");), Ersetzt,[b43c54fcccaf9c9af21e91e259abf50b] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.rvrt", "false");), Ersetzt,[717f222e57240f27001050232cd8cb35] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.smplGrp", "none");), Ersetzt,[3db3b29e93e8c373d040492ad72d9a66] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");), Ersetzt,[0ce4c88897e492a4040ceb8811f3f907] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrId", "opencandy2013");), Ersetzt,[42aec68a0a7158dec64a066d9c6808f8] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=34522b9e00000000000016e543b82d30&q=");), Ersetzt,[559b67e928530234b15f4c2763a19c64] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsn", "1.8.21.14");), Ersetzt,[18d8db75d2a946f0739da6cd3fc59d63] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsnTs", "1.8.21.1417:24:16");), Ersetzt,[ae4285cb95e6f3436fa1d59eb45034cc] PUP.Optional.Softonic.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsni", "1.8.21.14");), Ersetzt,[7b7567e94635ff37838d7af9aa5af40c] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.admin", false);), Ersetzt,[e20efd531863ea4c51c5b3c023e119e7] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.aflt", "babsst");), Ersetzt,[df1159f7d4a7fa3ce234561d7a8a56aa] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), Ersetzt,[cf21d27ea9d2ca6c0f076d066d97669a] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.autoRvrt", "false");), Ersetzt,[04ec163a146734028c8a215238cc3fc1] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.dfltLng", "de");), Ersetzt,[59973f119fdc66d08195cea5d82cf709] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.excTlbr", false);), Ersetzt,[df116ce4e9922f073fd73340659fb848] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.ffxUnstlRst", true);), Ersetzt,[8a6639177605eb4b070f0e65ee16c838] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.id", "34522b9e000000000000047d7bffad6c");), Ersetzt,[4da31f31b6c5b284888ea6cd1ce8619f] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlDay", "15964");), Ersetzt,[737d024e99e2d066e036106325dfe21e] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlRef", "sst");), Ersetzt,[628ee26e166572c4ab6b4c27c93b22de] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.newTab", false);), Ersetzt,[e20eef617704191dc155c5ae63a1b54b] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prdct", "delta");), Ersetzt,[7b75c58bdd9eb284888e60137391936d] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prtnrId", "delta");), Ersetzt,[7f71024ed6a50d2948ce80f310f4c53b] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.rvrt", "false");), Ersetzt,[c927b39d34475dd9ed290d66db29c937] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.smplGrp", "none");), Ersetzt,[49a7df71f5867eb8779f066d0004738d] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrId", "base");), Ersetzt,[6d83f55b6a11af87db3b7ef543c1c43c] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrSrchUrl", "");), Ersetzt,[31bf91bfb7c40531b95df380f212758b] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsn", "1.8.24.6");), Ersetzt,[1ed2bb9546350630f71f92e16c98db25] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsnTs", "1.8.24.612:43:07");), Ersetzt,[faf62c24aad1ac8a080ec7acc044b749] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsni", "1.8.24.6");), Ersetzt,[6e82480807742a0ce82eaec52ed625db] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.babExt", "");), Ersetzt,[ee02c98769123006ea2ce68dcc384fb1] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.babTrack", "affID=121565&tsp=5007");), Ersetzt,[e010c09059220036b363c1b29c6808f8] PUP.Optional.Delta.A, C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.srcExt", "ss");), Ersetzt,[a848d17ff7843303878f0a697f85eb15] Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.208 - Bericht erstellt am 13/05/2014 um 21:41:15
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : alexandra - ALEXANDRA-PC
# Gestartet von : D:\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : APNMCP
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\DSearchLink
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\Movdap
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Show-Password
Ordner Gelöscht : C:\Windows\Installer\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Ordner Gelöscht : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
Ordner Gelöscht : C:\Program Files\Level Quality Watcher
Ordner Gelöscht : C:\Users\alexandra\AppData\Local\AskPartnerNetwork
Ordner Gelöscht : C:\Users\alexandra\AppData\Local\genienext
Ordner Gelöscht : C:\Users\alexandra\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\alexandra\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\alexandra\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\Movdap
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : D:\Eigene Dokumente\Mobogenie
Ordner Gelöscht : D:\Eigene Dokumente\Optimizer Pro
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Datei Gelöscht : C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi
Datei Gelöscht : C:\Users\alexandra\daemonprocess.txt
Datei Gelöscht : C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\invalidprefs.js
Datei Gelöscht : C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : D:\Users\alexandra\Desktop\Allerlei\Search.lnk
Verknüpfung Desinfiziert : C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\alexandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\alexandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [zulagames@ZulaGames.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\lollipop.exe
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [lollipop]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKCU\Software\582dbdbb66ee514
Schlüssel Gelöscht : HKLM\SOFTWARE\582dbdbb66ee514
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902208}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905508}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906608}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444904408}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{41564952-412D-5637-00A7-7A786E7484D7}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905508}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906608}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{41564952-412D-5637-00A7-7A786E7484D7}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Show-Password
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zulagames
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\1708EDD6AB4EB164A86999D0AF0ABE1D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\1708EDD6AB4EB164A86999D0AF0ABE1D
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0 (de)
[ Datei : C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=34522b9e00000000000016e543b82d30");
Zeile gelöscht : user_pref("extensions.Softonic.id", "34522b9e00000000000016e543b82d30");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16036");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=34522b9e00000000000016e543b82d30");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=34522b9e00000000000016e543b82d30&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1417:24:16");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "143a4daac5896059c4013c19fa802898");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "34522b9e000000000000047d7bffad6c");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15964");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.612:43:07");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121565&tsp=5007");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.gutscheinwahn.kampagnen", "[{\"pid\":\"3914\",\"url\":\"orion.de\",\"typ\":\"0\"},{\"pid\":\"3725\",\"url\":\"pixum.de\",\"typ\":\"0\"},{\"pid\":\"9259\",\"url\":\"design-bestsel[...]
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [16914 octets] - [13/05/2014 21:40:26]
AdwCleaner[S0].txt - [15708 octets] - [13/05/2014 21:41:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15769 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by alexandra on 13.05.2014 at 21:51:23,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1570462422-647281090-2477604668-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E9395785-9E40-44F0-9BC1-FCB9D2CD1221}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.05.2014 at 21:56:14,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by alexandra (administrator) on ALEXANDRA-PC on 13-05-2014 21:58:12
Running from D:\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(National Instruments Corporation) D:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Thisisu) D:\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM\...\Run: [AmIcoSinglun64] => c:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [378968 2012-01-05] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3551576 2014-01-19] (Electronic Arts)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [Skype] => D:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
AppInit_DLLs: c:\Windows\System32\nvinitx.dll => c:\Windows\System32\nvinitx.dll [260928 2012-02-23] (NVIDIA Corporation)
Startup: C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart Plus B210 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart Plus B210 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_3ebb124613ae4f838b93cacc54239a80_39_1007_20140414_DE_ie_sp_
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D448392948BCE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\alexandra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 4shared Desktop Plugin - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\4sharedCopyLinks [2013-09-16]
FF Extension: Amazon-Icon - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\amazon-icon@giga.de [2013-12-18]
FF Extension: 4shared Desktop Plugin - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\4sharedCopyLinks.xpi [2013-03-14]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF Extension: {7e47e45c-4d0a-4a42-8fe9-d538bab5ca88} - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{7e47e45c-4d0a-4a42-8fe9-d538bab5ca88}.xpi [2014-01-11]
FF Extension: Adblock Plus - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-04]
FF Extension: Skype Converter Light - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{dc9f1cb4-a7fb-4523-8222-ac71202e7dac}.xpi [2014-01-12]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-11]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; D:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S3 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-10-31] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [42544 2009-06-18] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53296 2009-06-18] (National Instruments Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NIDomainService; D:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [356912 2009-06-18] (National Instruments Corporation)
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-06-04] (National Instruments Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-13 21:51 - 2014-05-13 21:51 - 00000000 ____D () C:\Windows\ERUNT
2014-05-13 21:40 - 2014-05-13 21:41 - 00000000 ____D () C:\AdwCleaner
2014-05-13 21:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-13 21:21 - 2014-05-13 21:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 21:20 - 2014-05-13 21:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-13 21:20 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 21:20 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-13 21:20 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 11:53 - 2014-05-09 11:53 - 00047996 _____ () C:\ComboFix.txt
2014-05-09 11:43 - 2014-05-09 11:53 - 00000000 ____D () C:\Qoobox
2014-05-09 11:43 - 2014-05-09 11:51 - 00000000 ____D () C:\Windows\erdnt
2014-05-09 11:43 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-09 11:43 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-09 11:43 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-07 17:26 - 2014-05-07 17:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-07 17:26 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-07 17:26 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-07 17:26 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-07 17:26 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 18:16 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 18:16 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-01 10:14 - 2014-05-13 21:58 - 00000000 ____D () C:\FRST
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{FFAE47DE-DC8C-47F2-90A4-8B4336C10383}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D2A4E54F-9A08-4669-8912-A33C35D439C2}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D0E6D12B-D309-45DE-9C6A-68431030A72B}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{3A003DE3-AE5D-4843-A286-71365A421CD1}
2014-05-01 00:01 - 2014-05-01 00:01 - 00000000 ____D () C:\Users\alexandra\AppData\Local\PreEmptive Solutions
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieUserList
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieSiteList
2014-04-29 23:27 - 2014-05-01 00:09 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-23 00:33 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-23 00:33 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-23 00:33 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 00:33 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-23 00:33 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 00:33 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-23 00:33 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-23 00:33 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-23 00:33 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-23 00:33 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 00:33 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-23 00:33 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 00:33 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 00:33 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 00:33 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 00:33 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-23 00:33 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 00:33 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-23 00:33 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 00:33 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-23 00:33 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-23 00:33 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 00:33 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-23 00:33 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-23 00:33 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 00:33 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 00:33 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 00:33 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 00:33 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-23 00:33 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 00:33 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 00:33 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-23 00:33 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-23 00:32 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 00:32 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 00:32 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 00:32 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 00:32 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-23 00:32 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-23 00:32 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-23 00:32 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-23 00:32 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-23 00:32 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-23 00:32 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-22 23:59 - 2014-04-22 23:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-22 23:58 - 2013-07-18 10:43 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2014-04-22 23:57 - 2013-07-18 10:43 - 00795632 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-04-22 23:57 - 2013-07-18 10:43 - 00358896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-04-22 23:57 - 2013-07-18 10:43 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-04-14 16:29 - 2014-04-14 16:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-14 16:29 - 2014-04-14 16:29 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-14 16:29 - 2014-04-14 16:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-14 16:22 - 2014-04-14 16:22 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-04-14 16:22 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-04-14 16:22 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-04-14 16:22 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-04-14 16:22 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-04-14 16:22 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-04-14 16:22 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
==================== One Month Modified Files and Folders =======
2014-05-13 21:58 - 2014-05-01 10:14 - 00000000 ____D () C:\FRST
2014-05-13 21:56 - 2014-01-12 01:13 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 21:51 - 2014-05-13 21:51 - 00000000 ____D () C:\Windows\ERUNT
2014-05-13 21:51 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 21:51 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 21:50 - 2013-06-04 19:23 - 00000000 ____D () C:\Users\alexandra\AppData\Roaming\Skype
2014-05-13 21:48 - 2009-07-14 19:58 - 00775908 _____ () C:\Windows\system32\perfh007.dat
2014-05-13 21:48 - 2009-07-14 19:58 - 00178772 _____ () C:\Windows\system32\perfc007.dat
2014-05-13 21:48 - 2009-07-14 07:13 - 01835406 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 21:44 - 2014-01-12 01:13 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 21:44 - 2013-05-05 17:32 - 00479742 _____ () C:\Windows\PFRO.log
2014-05-13 21:44 - 2013-05-05 17:32 - 00018202 _____ () C:\Users\Public\CAFADEBUG.log
2014-05-13 21:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-13 21:44 - 2009-07-14 06:51 - 00064357 _____ () C:\Windows\setupact.log
2014-05-13 21:42 - 2013-05-05 16:08 - 01584858 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 21:41 - 2014-05-13 21:40 - 00000000 ____D () C:\AdwCleaner
2014-05-13 21:41 - 2013-05-05 16:08 - 00001003 _____ () C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-13 21:41 - 2013-05-05 16:08 - 00000000 ___RD () C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-13 21:41 - 2013-05-05 16:08 - 00000000 ____D () C:\Users\alexandra
2014-05-13 21:36 - 2014-05-13 21:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 21:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-13 21:23 - 2013-07-28 20:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 21:20 - 2014-05-13 21:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-13 19:51 - 2014-01-12 01:13 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-13 19:51 - 2014-01-12 01:13 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 11:53 - 2014-05-09 11:53 - 00047996 _____ () C:\ComboFix.txt
2014-05-09 11:53 - 2014-05-09 11:43 - 00000000 ____D () C:\Qoobox
2014-05-09 11:53 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-09 11:51 - 2014-05-09 11:43 - 00000000 ____D () C:\Windows\erdnt
2014-05-09 11:51 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-07 21:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-07 17:26 - 2014-05-07 17:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-01 10:10 - 2013-05-05 16:46 - 00000000 ___DC () C:\Program Files (x86)\Pando Networks
2014-05-01 00:09 - 2014-04-29 23:27 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{FFAE47DE-DC8C-47F2-90A4-8B4336C10383}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D2A4E54F-9A08-4669-8912-A33C35D439C2}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D0E6D12B-D309-45DE-9C6A-68431030A72B}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{3A003DE3-AE5D-4843-A286-71365A421CD1}
2014-05-01 00:01 - 2014-05-01 00:01 - 00000000 ____D () C:\Users\alexandra\AppData\Local\PreEmptive Solutions
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 23:41 - 2013-06-27 17:34 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieUserList
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieSiteList
2014-04-30 17:43 - 2013-07-28 20:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-30 17:43 - 2013-07-28 20:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 17:43 - 2013-07-28 20:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 23:27 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-29 23:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-29 16:01 - 2014-05-07 17:26 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 15:40 - 2014-05-07 17:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-07 17:26 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-07 17:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-24 16:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-24 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 23:59 - 2014-04-22 23:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-22 23:58 - 2013-05-05 16:12 - 00000000 ___DC () C:\Program Files (x86)\Intel
2014-04-14 16:29 - 2014-04-14 16:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-14 16:29 - 2014-04-14 16:29 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-14 16:29 - 2014-04-14 16:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-14 16:29 - 2013-05-11 02:59 - 00000000 ____D () C:\Users\alexandra\AppData\Local\Adobe
2014-04-14 16:29 - 2013-05-06 09:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-14 16:22 - 2014-04-14 16:22 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-04-14 16:22 - 2014-04-14 16:22 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-04-14 04:24 - 2014-05-06 18:16 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-06 18:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Some content of TEMP:
====================
C:\Users\alexandra\AppData\Local\Temp\avgnt.exe
C:\Users\alexandra\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-30 19:08
==================== End Of Log ============================
|
|
14.05.2014, 19:14
| #12 |
| /// the machine /// TB-Ausbilder | Win7: Firefox öffnet selbstständig neue TabsESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.05.2014, 20:22
| #13 |
| | Win7: Firefox öffnet selbstständig neue Tabs Hey bevor ich das mache.. gehen meine Daten auf den Sticks vielleicht verloren? Und ich habe gar nicht so viele Eingänge das ich alle anschließen kann. Bin auch erst Samstag wieder zu erreichen also keine Eile. |
|
15.05.2014, 19:27
| #14 |
| /// the machine /// TB-Ausbilder | Win7: Firefox öffnet selbstständig neue Tabs Nein da geht nix verloren, du musst sie auch nit anstecken, du kannst sie halt eben jetzt gut mitscannen lassen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.05.2014, 05:46
| #15 |
| | Win7: Firefox öffnet selbstständig neue Tabs Soo den Schritt konnte ich nicht ausführen weil es den Ordner nicht gab Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset Oder ist der in Programme 86? ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8f8c4759eeb9b349b8853856074d43ce
# engine=18342
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-20 09:32:53
# local_time=2014-05-20 11:32:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 16441 21593135 9210 0
# compatibility_mode=5893 16776574 100 94 21592956 152251423 0 0
# scanned=169811
# found=27
# cleaned=0
# scan_time=4899
sh=EA8ADA75B6A0DBE8157470D7CCE54ADCF33C3F3E ft=1 fh=b9212dfc755e05d1 vn="MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movdap\WBDesktop.Updater.exe.vir"
sh=D6CFE89E51D1CF5C0043E538BC26C4477CE3EF3E ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip.vir"
sh=95826B332BD1AC0543C2BA4DB637D082A994B1E5 ft=1 fh=f3159d8e366dd55a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=749E0C6D85971204E397EAE65ED10A9A4AEF40AB ft=1 fh=ef830199de104882 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=1FD24BAE5755536F5B1CDF3F46A6C75BFD137933 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir"
sh=93AD648467F47DC2708810D169F26F4A814778C5 ft=1 fh=e589ccabe231da4b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=2FFBD96ED4F5FC3061CBFD8EA9F6C9A6EA6C0FA8 ft=1 fh=e9284a28f2c10a57 vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Desktop.OS.dll.vir"
sh=F2E800B358F190D46A9EB6E97CBB8A668C725325 ft=1 fh=1c6ef137a00e9d3b vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Dora.dat.vir"
sh=8812EB38B5309986AD72944D63E43BC4E66AB742 ft=1 fh=56778b77f2114d57 vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Maintain.dat.vir"
sh=B6E6DC1299626FD44E248266659E3D4FF235B415 ft=1 fh=aa3f7b066006d5dc vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Paladin.dat.vir"
sh=143A8D06E36495B062714306C96818D0DD17559E ft=1 fh=2cec664552f410f7 vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Phoenix.dat.vir"
sh=8F399BFA81BF493FF5FE7D4CD69A7C44E8EF1A6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\195_icm_convertmedia_m.js.vir"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=D415529E6702C43C6868C74DF87A5546AB66FA37 ft=1 fh=53b8a0068988c78d vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\alexandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DZ5LP5JH\Setup[1].exe"
sh=6205DDE47C041E3B67EFC540F89F24344835EE11 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B Anwendung" ac=I fn="C:\Windows\Installer\11866.msi"
sh=1867142971E46CEFBDC91D1C32BDDB89B9CC2FCB ft=1 fh=bed49cb1acf2aab9 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\DTLite4471-0333.exe"
sh=E750C443A83F9B135B499E7917C5A93120384BB3 ft=1 fh=4eedbac881d1fc72 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\DTLite4491-0356.exe"
sh=5370073341ACCBE180DC618D8A865180D384464F ft=1 fh=913156b70b27c805 vn="Win32/WinloadSDA.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\HP-Laserjet-P2055DN-Treiber-Setup.exe"
sh=4664947E126EC266DCB7A8CEC53D1BD22C534D92 ft=1 fh=b080198caa5497a7 vn="Win32/DomaIQ.BA evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Java(1).exe"
sh=97BC6899CEFB28A3447590C124F6C7E2ADE21ABF ft=1 fh=69f740bd6d5152f8 vn="Variante von Win32/DomaIQ.AY.gen evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Java.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\MyPhoneExplorer_1.8.5(1).exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=9434866971DD357600C9F2B1E31B7893C3A070F0 ft=1 fh=4f14aeb246e47811 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\PDFCreator-1_7_1_setup(1).exe"
sh=1447092BA29779C726829611180994E17718C412 ft=1 fh=23f22b72eb3a5b90 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\PDFCreator-1_7_2_setup_offline(1).exe"
sh=1447092BA29779C726829611180994E17718C412 ft=1 fh=23f22b72eb3a5b90 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\PDFCreator-1_7_2_setup_offline.exe"
sh=ABAFFEAE97732B06108B4E45E7BA6F69CB5F7B65 ft=1 fh=1ed5e6e7c2248efd vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\SoftonicDownloader_fuer_cdburnerxp-pro.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8f8c4759eeb9b349b8853856074d43ce
# engine=18342
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-21 12:06:20
# local_time=2014-05-21 02:06:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 25648 21602342 18417 0
# compatibility_mode=5893 16776574 100 94 21602163 152260630 0 0
# scanned=357303
# found=27
# cleaned=0
# scan_time=9146
sh=EA8ADA75B6A0DBE8157470D7CCE54ADCF33C3F3E ft=1 fh=b9212dfc755e05d1 vn="MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movdap\WBDesktop.Updater.exe.vir"
sh=D6CFE89E51D1CF5C0043E538BC26C4477CE3EF3E ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip.vir"
sh=95826B332BD1AC0543C2BA4DB637D082A994B1E5 ft=1 fh=f3159d8e366dd55a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=749E0C6D85971204E397EAE65ED10A9A4AEF40AB ft=1 fh=ef830199de104882 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=1FD24BAE5755536F5B1CDF3F46A6C75BFD137933 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir"
sh=93AD648467F47DC2708810D169F26F4A814778C5 ft=1 fh=e589ccabe231da4b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=2FFBD96ED4F5FC3061CBFD8EA9F6C9A6EA6C0FA8 ft=1 fh=e9284a28f2c10a57 vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Desktop.OS.dll.vir"
sh=F2E800B358F190D46A9EB6E97CBB8A668C725325 ft=1 fh=1c6ef137a00e9d3b vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Dora.dat.vir"
sh=8812EB38B5309986AD72944D63E43BC4E66AB742 ft=1 fh=56778b77f2114d57 vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Maintain.dat.vir"
sh=B6E6DC1299626FD44E248266659E3D4FF235B415 ft=1 fh=aa3f7b066006d5dc vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Paladin.dat.vir"
sh=143A8D06E36495B062714306C96818D0DD17559E ft=1 fh=2cec664552f410f7 vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\alexandra\AppData\Roaming\Movdap\dat\Phoenix.dat.vir"
sh=8F399BFA81BF493FF5FE7D4CD69A7C44E8EF1A6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\195_icm_convertmedia_m.js.vir"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=D415529E6702C43C6868C74DF87A5546AB66FA37 ft=1 fh=53b8a0068988c78d vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\alexandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DZ5LP5JH\Setup[1].exe"
sh=6205DDE47C041E3B67EFC540F89F24344835EE11 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B Anwendung" ac=I fn="C:\Windows\Installer\11866.msi"
sh=1867142971E46CEFBDC91D1C32BDDB89B9CC2FCB ft=1 fh=bed49cb1acf2aab9 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\DTLite4471-0333.exe"
sh=E750C443A83F9B135B499E7917C5A93120384BB3 ft=1 fh=4eedbac881d1fc72 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\DTLite4491-0356.exe"
sh=5370073341ACCBE180DC618D8A865180D384464F ft=1 fh=913156b70b27c805 vn="Win32/WinloadSDA.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\HP-Laserjet-P2055DN-Treiber-Setup.exe"
sh=4664947E126EC266DCB7A8CEC53D1BD22C534D92 ft=1 fh=b080198caa5497a7 vn="Win32/DomaIQ.BA evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Java(1).exe"
sh=97BC6899CEFB28A3447590C124F6C7E2ADE21ABF ft=1 fh=69f740bd6d5152f8 vn="Variante von Win32/DomaIQ.AY.gen evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Java.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\MyPhoneExplorer_1.8.5(1).exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=9434866971DD357600C9F2B1E31B7893C3A070F0 ft=1 fh=4f14aeb246e47811 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\PDFCreator-1_7_1_setup(1).exe"
sh=1447092BA29779C726829611180994E17718C412 ft=1 fh=23f22b72eb3a5b90 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\PDFCreator-1_7_2_setup_offline(1).exe"
sh=1447092BA29779C726829611180994E17718C412 ft=1 fh=23f22b72eb3a5b90 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\PDFCreator-1_7_2_setup_offline.exe"
sh=ABAFFEAE97732B06108B4E45E7BA6F69CB5F7B65 ft=1 fh=1ed5e6e7c2248efd vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\SoftonicDownloader_fuer_cdburnerxp-pro.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.83
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 51
Java version out of Date!
Adobe Flash Player 13.0.0.214
Adobe Reader XI
Mozilla Firefox (29.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by alexandra (administrator) on ALEXANDRA-PC on 21-05-2014 06:42:16
Running from D:\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(National Instruments Corporation) D:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) D:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
() D:\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM\...\Run: [AmIcoSinglun64] => c:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [378968 2012-01-05] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [548864 2011-12-09] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3551576 2014-01-19] (Electronic Arts)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1570462422-647281090-2477604668-1000\...\Run: [Skype] => D:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
AppInit_DLLs: c:\Windows\System32\nvinitx.dll => c:\Windows\System32\nvinitx.dll [260928 2012-02-23] (NVIDIA Corporation)
Startup: C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart Plus B210 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart Plus B210 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p24_serp_ie_de_display?ie=UTF8&tagbase=bds-p24&tbrId=v1_abb-channel-24_3ebb124613ae4f838b93cacc54239a80_39_1007_20140414_DE_ie_sp_
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2D448392948BCE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\alexandra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\searchplugins\amazon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 4shared Desktop Plugin - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\4sharedCopyLinks [2013-09-16]
FF Extension: Amazon-Icon - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\amazon-icon@giga.de [2013-12-18]
FF Extension: 4shared Desktop Plugin - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\4sharedCopyLinks.xpi [2013-03-14]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF Extension: {7e47e45c-4d0a-4a42-8fe9-d538bab5ca88} - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{7e47e45c-4d0a-4a42-8fe9-d538bab5ca88}.xpi [2014-01-11]
FF Extension: Adblock Plus - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-04]
FF Extension: Skype Converter Light - C:\Users\alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\49d00rah.default\Extensions\{dc9f1cb4-a7fb-4523-8222-ac71202e7dac}.xpi [2014-01-12]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-11]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; D:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S3 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-10-31] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [42544 2009-06-18] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53296 2009-06-18] (National Instruments Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NIDomainService; D:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [356912 2009-06-18] (National Instruments Corporation)
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-06-04] (National Instruments Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 SkypeUpdate; D:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-20 22:07 - 2014-05-20 22:07 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-14 21:26 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 21:26 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 21:26 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 21:26 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 21:26 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 21:26 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 17:41 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 17:41 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 17:41 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 17:41 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 17:41 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 17:41 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 17:41 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 17:41 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 17:41 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 17:41 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 17:41 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 17:41 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 17:41 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 17:41 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 17:41 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 17:41 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 17:41 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 17:41 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 17:41 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 17:41 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 17:41 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 17:41 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 17:41 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 17:41 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 17:41 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 17:41 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 17:41 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 17:41 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 17:41 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 17:41 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 17:41 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 17:41 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 17:41 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 17:41 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 21:51 - 2014-05-13 21:51 - 00000000 ____D () C:\Windows\ERUNT
2014-05-13 21:40 - 2014-05-13 21:41 - 00000000 ____D () C:\AdwCleaner
2014-05-13 21:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-13 21:21 - 2014-05-13 21:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 21:20 - 2014-05-13 21:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-13 21:20 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 21:20 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-13 21:20 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 11:53 - 2014-05-09 11:53 - 00047996 _____ () C:\ComboFix.txt
2014-05-09 11:43 - 2014-05-09 11:53 - 00000000 ____D () C:\Qoobox
2014-05-09 11:43 - 2014-05-09 11:51 - 00000000 ____D () C:\Windows\erdnt
2014-05-09 11:43 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-09 11:43 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-09 11:43 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-09 11:43 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-07 17:26 - 2014-05-17 13:23 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-01 10:14 - 2014-05-21 06:42 - 00000000 ____D () C:\FRST
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{FFAE47DE-DC8C-47F2-90A4-8B4336C10383}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D2A4E54F-9A08-4669-8912-A33C35D439C2}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D0E6D12B-D309-45DE-9C6A-68431030A72B}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{3A003DE3-AE5D-4843-A286-71365A421CD1}
2014-05-01 00:01 - 2014-05-01 00:01 - 00000000 ____D () C:\Users\alexandra\AppData\Local\PreEmptive Solutions
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieUserList
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieSiteList
2014-04-29 23:27 - 2014-05-01 00:09 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-23 00:33 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-23 00:33 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-23 00:33 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-23 00:33 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-23 00:33 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-23 00:33 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-23 00:33 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-23 00:33 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-23 00:33 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-23 00:33 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-23 00:33 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-23 00:33 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-23 00:33 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-23 00:33 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-23 00:33 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-23 00:33 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-23 00:33 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-23 00:33 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-23 00:33 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-23 00:33 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-23 00:33 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-23 00:33 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-23 00:33 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-23 00:33 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-23 00:33 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-23 00:33 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-23 00:33 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-23 00:33 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-23 00:33 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-23 00:33 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-23 00:33 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 00:33 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-23 00:33 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-23 00:32 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-23 00:32 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-23 00:32 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-23 00:32 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-23 00:32 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-23 00:32 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-23 00:32 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-23 00:32 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-23 00:32 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-23 00:32 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-23 00:32 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-22 23:59 - 2014-04-22 23:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-22 23:58 - 2013-07-18 10:43 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2014-04-22 23:57 - 2013-07-18 10:43 - 00795632 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-04-22 23:57 - 2013-07-18 10:43 - 00358896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-04-22 23:57 - 2013-07-18 10:43 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
==================== One Month Modified Files and Folders =======
2014-05-21 06:42 - 2014-05-01 10:14 - 00000000 ____D () C:\FRST
2014-05-21 06:39 - 2013-06-04 19:23 - 00000000 ____D () C:\Users\alexandra\AppData\Roaming\Skype
2014-05-21 06:23 - 2013-07-28 20:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-21 05:56 - 2014-01-12 01:13 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-21 05:04 - 2013-05-05 16:08 - 01862562 _____ () C:\Windows\WindowsUpdate.log
2014-05-20 22:38 - 2009-07-14 06:51 - 00065119 _____ () C:\Windows\setupact.log
2014-05-20 22:10 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-20 22:10 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-20 22:07 - 2014-05-20 22:07 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-20 22:07 - 2009-07-14 19:58 - 00775908 _____ () C:\Windows\system32\perfh007.dat
2014-05-20 22:07 - 2009-07-14 19:58 - 00178772 _____ () C:\Windows\system32\perfc007.dat
2014-05-20 22:07 - 2009-07-14 07:13 - 01835406 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-20 22:03 - 2014-01-12 01:13 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-20 22:02 - 2013-05-05 17:32 - 00220462 _____ () C:\Users\Public\CAFADEBUG.log
2014-05-20 22:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-17 14:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-17 14:25 - 2013-07-28 20:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 14:25 - 2013-07-28 20:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-17 14:25 - 2013-07-28 20:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-17 13:25 - 2013-05-05 16:08 - 00000000 ___RD () C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 13:25 - 2013-05-05 16:08 - 00000000 ___RD () C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 13:23 - 2014-05-07 17:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 21:26 - 2013-05-05 16:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 17:35 - 2014-04-14 16:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-13 21:51 - 2014-05-13 21:51 - 00000000 ____D () C:\Windows\ERUNT
2014-05-13 21:44 - 2013-05-05 17:32 - 00479742 _____ () C:\Windows\PFRO.log
2014-05-13 21:41 - 2014-05-13 21:40 - 00000000 ____D () C:\AdwCleaner
2014-05-13 21:41 - 2013-05-05 16:08 - 00001003 _____ () C:\Users\alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-13 21:41 - 2013-05-05 16:08 - 00000000 ____D () C:\Users\alexandra
2014-05-13 21:36 - 2014-05-13 21:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 21:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-05-13 21:20 - 2014-05-13 21:20 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 21:20 - 2014-05-13 21:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-13 19:51 - 2014-01-12 01:13 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-13 19:51 - 2014-01-12 01:13 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 11:53 - 2014-05-09 11:53 - 00047996 _____ () C:\ComboFix.txt
2014-05-09 11:53 - 2014-05-09 11:43 - 00000000 ____D () C:\Qoobox
2014-05-09 11:53 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-09 11:51 - 2014-05-09 11:43 - 00000000 ____D () C:\Windows\erdnt
2014-05-09 11:51 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-09 08:14 - 2014-05-14 17:41 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 17:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 06:40 - 2014-05-14 21:26 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 21:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 21:26 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 21:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 21:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 21:26 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-01 10:10 - 2013-05-05 16:46 - 00000000 ___DC () C:\Program Files (x86)\Pando Networks
2014-05-01 00:09 - 2014-04-29 23:27 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{FFAE47DE-DC8C-47F2-90A4-8B4336C10383}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D2A4E54F-9A08-4669-8912-A33C35D439C2}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{D0E6D12B-D309-45DE-9C6A-68431030A72B}
2014-05-01 00:04 - 2014-05-01 00:04 - 00003118 _____ () C:\Windows\System32\Tasks\{3A003DE3-AE5D-4843-A286-71365A421CD1}
2014-05-01 00:01 - 2014-05-01 00:01 - 00000000 ____D () C:\Users\alexandra\AppData\Local\PreEmptive Solutions
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000812 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-30 23:42 - 2014-04-30 23:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 23:41 - 2013-06-27 17:34 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieUserList
2014-04-30 23:27 - 2014-04-30 23:27 - 00000000 __SHD () C:\Users\alexandra\AppData\Local\EmieSiteList
2014-04-29 23:27 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-29 23:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-24 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 23:59 - 2014-04-22 23:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-22 23:58 - 2013-05-05 16:12 - 00000000 ___DC () C:\Program Files (x86)\Intel
Some content of TEMP:
====================
C:\Users\alexandra\AppData\Local\Temp\avgnt.exe
C:\Users\alexandra\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\alexandra\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2014-05-14 17:41] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-21 02:31
==================== End Of Log ============================
Ist denn jetzt alles weg? Und wenn ja was war denn das Problem eigentlich? |
|
| Themen zu Win7: Firefox öffnet selbstständig neue Tabs |
| avira, betriebssystem, daten, einstellungen, firefox, google, heute, jahre, kragen, malware, neue, nicht mehr, problem, sache, scan, schließe, schöne, tab, virus, win, win7, woche, wochen, würdet, öffnet |
WARNUNG an die MITLESER: 
Linear-Darstellung
