| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ADWcleaner lässt sich nicht mehr starten.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.07.2014, 20:15
| #1 |
 |  ADWcleaner lässt sich nicht mehr starten. Ich habe mir auf Ratschlag eines freundes den ADWcleaner heruntergeladen, weil sich ständig nervige Leere Pop-up´s beim Surfen geöffnet haben und mein Browser (nutzte Firefox und Googlechrom, mittlerweile nur noch Chrom) extrem langsam und schwer fällig wurden. Mittlerweile ist es viel besser geworden, doch ich würde mein System (Vista 64bit) gerne regelmäßig mit ADWcleaner überprüfen können. Ich habe schon die Quarantäne in Avira gelöscht weil da ein Eintrag zum ADWcleaner drin war. Auch die Registry Reinigung mit CCleaner hat nichts gebracht. Ich bin wirklich Ratlos und Hoffe das Ihr mir helfen könnt. Mfg Jojobin |
|
03.07.2014, 21:00
| #2 | |
| /// TB-Ausbilder /// Anleitungs-Guru  | ADWcleaner lässt sich nicht mehr starten.Zitat:
Schauen wir mal genauer nach...  Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
04.07.2014, 12:30
| #3 |
| | ADWcleaner lässt sich nicht mehr starten. Hallo Jürgen, hier sind die gewünschten LogFiles:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Maddin at 2014-07-04 13:19:29
Running from C:\Users\Maddin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Alice Software 4.9.2 (HKLM-x32\...\Alice Software) (Version: 4.9.2 - HanseNet Telekommunikation GmbH)
Alice-Installationsdateien entfernen (HKLM-x32\...\Alice) (Version: - )
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-4300-A758B70C0A00}) (Version: 12.10.0.2951 - APN, LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Corel Home Office 5.0.36 (HKLM-x32\...\{080FE95E-5A89-4A54-BAAA-D769971B7C2D}) (Version: 5 - Corel)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden
D-Link DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version: - D-Link)
Energy Settings (HKLM-x32\...\{7613592F-B20C-4E1B-B2DD-67F0784D4373}) (Version: 1.0.7 - Fujitsu Siemens Computers)
F4500 (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden
Free YouTube Download version 3.2.0.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.0.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.1698.5652 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 (HKLM\...\{7F08A772-2816-4F46-84F1-49578502AD28}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.01.1015 - Logitech Inc.)
Logitech® Camera-Treiber (HKLM-x32\...\QcDrv) (Version: - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Nero 7 Demo (HKLM-x32\...\{C7E1449D-7638-6832-426D-589655951031}) (Version: 7.00.1466 - Nero AG)
Nero Reloaded PlugIn Pack 2.0.4 by GEAR (HKLM-x32\...\{F3D7915D-6B42-49FA-9FC8-5020479A6A57}) (Version: 2.0.4 - GoldEsel)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 (HKLM-x32\...\{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1) (Version: - Orban, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5772 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 5.9 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.9.123 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sniper Elite: Zombie Army (HKLM-x32\...\Steam App 235700) (Version: - Rebellion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SynWrite version 6.4.760 (HKLM-x32\...\SynWrite_is1) (Version: 6.4.760 - UVViewSoft)
SystemDiagnostics (HKLM-x32\...\{EF59DB7F-7426-426E-B862-7031F83ED304}) (Version: 2.04.0006 - Fujitsu Technology Solutions)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TerraTec Aureon 5.1 Audio Driver (HKLM\...\C-Media PCI Audio Driver) (Version: - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Tukui Client (HKLM-x32\...\{510CF4AB-E9C8-4F48-BB02-CDC11B880D68}) (Version: 2.2.7 - Tukui)
Tukui Client (HKLM-x32\...\{6517882E-E5E0-40DC-B3B0-A531FF2A06E8}) (Version: 2.4.5 - Tukui)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.6030.1 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.6030.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.6030.1 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Vista Demo Screen Saver (HKLM-x32\...\{9605D5C2-F545-40F2-B39A-0462E4CD3811}) (Version: 1.1.5 - Ventuz Technology)
Works Suite-Betriebssystem-Pack (x32 Version: 1.0.0.0000 - Microsoft Corporation) Hidden
WorldofTanks (HKCU\...\WorldofTanks) (Version: - WorldofTanks)
==================== Restore Points =========================
23-05-2014 18:17:07 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
23-05-2014 18:18:45 OpenOffice 4.1.0 wird installiert
31-05-2014 17:30:38 Windows Update
04-06-2014 00:15:05 Windows Update
10-06-2014 07:49:10 Windows Update
11-06-2014 17:32:58 Windows Update
17-06-2014 11:32:54 Windows Update
20-06-2014 17:38:26 Windows Update
20-06-2014 18:06:13 Entfernt Tom Clancy's Splinter Cell
22-06-2014 19:25:08 Geplanter Prüfpunkt
24-06-2014 06:10:19 Windows Update
02-07-2014 17:37:26 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {03734EA4-6886-4FFF-BDC9-10BDB40D1B41} - System32\Tasks\Google Updater and Installer => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {0C53DB7C-3292-41C6-BBE2-E09C1AAC656F} - System32\Tasks\WOT WFRI1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {0D60C924-08F7-4AAE-A8C9-72FED50DAF8A} - \Plus-HD-2.2-chromeinstaller No Task File <==== ATTENTION
Task: {133D8A4C-D133-4BB1-BE06-633AFE748C9C} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {1C26A2D5-BD29-4388-B66D-DD6D4A40B7A1} - System32\Tasks\WOT WMON1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {1F6F6465-1B1C-4B6C-BFFA-08B7DB938F46} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {213121A8-BEDD-4D7E-AFAD-04C9767D7779} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {22082927-5B18-4E51-9D24-37C1DC881406} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {36A0BB86-DA41-4B87-B65D-1FF7F4604AE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {39913DE5-5F6F-4DE9-BD8D-CF1DC0BC674E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {48C17C53-73B2-4132-863F-B783839616A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {4C4EE77B-4F44-4CF1-9882-6653C0FB77D3} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-27] (Google)
Task: {5B8E1D3C-500B-4185-9858-B8AE3B9B1B20} - \Plus-HD-2.2-updater No Task File <==== ATTENTION
Task: {5BB20900-5D7E-4327-904C-767A634A161A} - System32\Tasks\WOT T => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {6372E08D-540D-440A-8D2F-5167B33D2D9A} - \Plus-HD-2.2-enabler No Task File <==== ATTENTION
Task: {739DCE2D-7420-48CD-B30B-8091A8CBC200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {753EB692-0B14-4B0D-9B07-BC11ED29F8A8} - \HDvid Codec V1-enabler No Task File <==== ATTENTION
Task: {7642C8FD-D96B-4CE9-9D00-6FAFFB248A0E} - \Plus-HD-2.2-firefoxinstaller No Task File <==== ATTENTION
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {80A71535-3608-4738-9FE8-7DE6C5FE5A14} - System32\Tasks\WOT W2 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {83EACCD6-FB00-4468-987B-40903B45B1EB} - System32\Tasks\{0E0B6708-828E-4F31-8073-8CCE8A0A7924} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-06-05] (Skype Technologies S.A.)
Task: {9126A9BD-3BA0-45B2-8937-37FD34B7808C} - \DealPly No Task File <==== ATTENTION
Task: {92FCC7E2-AF62-4EF6-BE58-3DB1365A90B8} - \HDvid Codec V1-codedownloader No Task File <==== ATTENTION
Task: {A97048A0-D205-49CE-8A2B-A98D2BEB34D3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AF91A651-088C-4086-9CD4-384F3BA1067B} - System32\Tasks\WOT WWED1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {B13A788C-6EA7-46F5-858E-990B10A0C088} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {B6206A65-57D9-4506-AEF6-ABE2596CA1F9} - System32\Tasks\WOT WTUE1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {C8AED9DC-FEAF-4B53-BB4B-2B200DFAF959} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe [2011-11-21] (TuneUp Software)
Task: {D16C2F03-A27C-4D2E-B36C-D0064F83838E} - System32\Tasks\WOT W1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {E08A976F-F4F8-476D-AF80-CCF028FC15F6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E335426E-2CFB-4C9F-ACA1-534DF8D85D45} - \HDvid Codec V1-updater No Task File <==== ATTENTION
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EA9AA878-5CA3-4D7B-A5E1-E9CBCEF9A53D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Maddin => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-21] (Microsoft Corporation)
Task: {EDE5B0EC-8FF1-4476-A6D2-F191E23DF60B} - \Plus-HD-2.2-codedownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-10 20:12 - 2010-06-03 14:36 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
2012-06-18 20:29 - 2010-01-21 01:53 - 00496232 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2012-06-18 20:29 - 2010-01-21 01:52 - 00076392 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2012-06-18 20:29 - 2010-01-21 01:53 - 00731752 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2012-06-18 20:29 - 2010-01-21 01:53 - 00209000 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2011-01-03 23:00 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 01287456 _____ () C:\Program Files (x86)\Corel Home Office\A4W195.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 00546080 _____ () C:\Program Files (x86)\Corel Home Office\abdbcmn.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00808224 _____ () C:\Program Files (x86)\Corel Home Office\ABShare.DLL
2008-08-28 12:09 - 2008-08-28 12:09 - 00111904 _____ () C:\Program Files (x86)\Corel Home Office\ABViewForms.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00378144 _____ () C:\Program Files (x86)\Corel Home Office\ABMCmn.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00152864 _____ () C:\Program Files (x86)\Corel Home Office\abspel.dll
2008-08-28 12:10 - 2008-08-28 12:10 - 00066848 _____ () C:\Program Files (x86)\Corel Home Office\THXX.dll
2008-08-28 12:10 - 2008-08-28 12:10 - 00107808 _____ () C:\Program Files (x86)\Corel Home Office\VEXX.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 00288032 _____ () C:\Program Files (x86)\Corel Home Office\abcomctrl.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00255264 _____ () C:\Program Files (x86)\Corel Home Office\IMAGE.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00230688 _____ () C:\Program Files (x86)\Corel Home Office\abpivot.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00980256 _____ () C:\Program Files (x86)\Corel Home Office\abo.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00787744 _____ () C:\Program Files (x86)\Corel Home Office\abow.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00161056 _____ () C:\Program Files (x86)\Corel Home Office\abimgsrc.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 12563744 _____ () C:\Program Files (x86)\Corel Home Office\ABGerman.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 01561888 _____ () C:\Program Files (x86)\Corel Home Office\abdrwngs.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00242976 _____ () C:\Program Files (x86)\Corel Home Office\abgfx.dll
2014-01-30 15:28 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-30 15:28 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-30 15:28 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: ANIWZCS2Service => "C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
MSCONFIG\startupreg: GDFirewallTray => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2014 01:12:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2014 08:25:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2014 07:45:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2014 07:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avcenter.exe, Version 14.0.5.396 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: fc8
Anfangszeit: 01cf9616cde16379
Zeitpunkt der Beendigung: 51262
Error: (07/02/2014 06:54:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 07:52:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 02:01:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 09:00:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2014 07:55:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2014 09:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: KtmRm für Distributed Transaction Coordinator2147942438 (0x80070026)
Error: (07/04/2014 01:12:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058
Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058
Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: KtmRm für Distributed Transaction Coordinator2147942438 (0x80070026)
Error: (07/03/2014 08:25:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058
Microsoft Office Sessions:
=========================
Error: (07/04/2014 01:12:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/03/2014 08:25:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2014 07:45:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/02/2014 07:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avcenter.exe14.0.5.396fc801cf9616cde1637951262
Error: (07/02/2014 06:54:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 07:52:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 02:01:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/01/2014 09:00:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/30/2014 07:55:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2014 09:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-11-19 12:16:20.136
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:42.006
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:41.906
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\GameHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:41.802
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:41.698
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\GameHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:41.582
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:41.464
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\GameHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:41.354
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:41.254
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\GameHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2010-12-15 16:24:41.153
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 4094.32 MB
Available physical RAM: 2123.83 MB
Total Pagefile: 8391.92 MB
Available Pagefile: 6228.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:327.54 GB) (Free:162.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:592.25 GB) (Free:428.3 GB) NTFS
Drive f: (DJ_AIO_06_F4500_) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: C347115F)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=328 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=592 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Maddin (administrator) on MARTIN on 04-07-2014 13:24:18
Running from C:\Users\Maddin\Downloads
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
() C:\Windows\SysWOW64\HsMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Corel) C:\Program Files (x86)\Corel Home Office\CORELC~1.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Cmaudio8768GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\...\Run: [Picasa Media Detector] => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
HKU\.DEFAULT\...\Run: [fsc-reg] => c:\fsc-reg\fscreg.exe [380688 2008-08-01] (Fujitsu Siemens)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3559629360-2871224288-528010784-1000\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1000\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
BootExecute:
==================== Internet (Whitelisted) ====================
URLSearchHook: HKLM-x32 - (No Name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {301B60B5-4EE1-421E-95C2-22CB96AA0A8F} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms}
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No File
Toolbar: HKCU - No Name - {62D40876-DF18-411F-9D34-A9DD7A197BC5} - No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=13 - C:\Program Files (x86)\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: FoxyDeal - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-05-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-20]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-20]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-20]
CHR Extension: (Google Drive) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-20]
CHR Extension: (YouTube) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-20]
CHR Extension: (Adblock Plus) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-05]
CHR Extension: (Google-Suche) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-20]
CHR Extension: (Google Wallet) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (Google Mail) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-20]
CHR HKLM-x32\...\Chrome\Extension: [bbecdmcnlcoebdcidcfdkoimbjkcegbc] - C:\Users\Maddin\AppData\Roaming\Browser Extensions\amazonsh_1.0.crx [2013-11-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM-x32\...\Chrome\Extension: [nlcphjankhppgohedpkjonpadimhaoof] - C:\Users\Maddin\AppData\Roaming\Browser Extensions\sh_1.0.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [801872 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-01] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 D-Link Wireless N DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-06-03] ()
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-05-14] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-11-21] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-25] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-05-22] (C-Media Inc)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1035104 2010-04-29] (Ralink Technology Corp.)
S3 PDNMp50; C:\Windows\SysWOW64\drivers\PDNMp50.sys [28224 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PDNSp50; C:\Windows\SysWOW64\drivers\PDNSp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
R1 {55685567-4840-4a91-962b-49a412e9485a}Gt64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt64.sys [60088 2014-05-28] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 LVcKap64; system32\DRIVERS\LVcKap64.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PDNSp50a64; System32\Drivers\PDNSp50a64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-04 13:19 - 2014-07-04 13:24 - 00038379 _____ () C:\Users\Maddin\Downloads\Addition.txt
2014-07-04 13:17 - 2014-07-04 13:24 - 00016025 _____ () C:\Users\Maddin\Downloads\FRST.txt
2014-07-04 13:17 - 2014-07-04 13:24 - 00000000 ____D () C:\FRST
2014-07-04 13:16 - 2014-07-04 13:16 - 02083840 _____ (Farbar) C:\Users\Maddin\Downloads\FRST64.exe
2014-07-02 19:41 - 2014-07-02 19:41 - 00537974 _____ () C:\Users\Maddin\Downloads\noscript-2.6.8.31.xpi.zip
2014-06-26 22:09 - 2014-06-26 22:09 - 00000921 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-26 22:07 - 2014-06-26 22:08 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\Maddin\Downloads\TeamSpeak3-Client-win64-3.0.15.exe
2014-06-26 10:13 - 2014-06-26 10:13 - 00000000 ____D () C:\New Folder
2014-06-26 10:10 - 2014-07-02 19:41 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\SynWrite
2014-06-26 10:10 - 2014-07-02 19:41 - 00000000 ____D () C:\SynWrite
2014-06-26 10:10 - 2014-06-26 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynWrite
2014-06-26 10:08 - 2014-06-26 10:10 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite (1).exe
2014-06-26 10:04 - 2014-06-26 10:06 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite.exe
2014-06-25 22:29 - 2014-06-26 08:02 - 00000666 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-06-25 22:28 - 2014-07-01 14:11 - 00000000 ____D () C:\Users\Maddin\Documents\StarCraft II
2014-06-25 22:28 - 2014-06-26 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-24 20:55 - 2014-06-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-24 20:46 - 2014-06-24 20:46 - 01342659 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.213.exe
2014-06-24 20:42 - 2014-06-24 21:44 - 00002114 _____ () C:\Windows\PFRO.log
2014-06-24 08:28 - 2014-06-24 08:28 - 02804344 _____ (TeamViewer GmbH) C:\Users\Maddin\Downloads\customermodule_avira_support_de.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TeamViewer
2014-06-23 11:04 - 2014-06-23 11:04 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212 (1).exe
2014-06-19 21:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-19 21:57 - 2014-06-19 21:57 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212.exe
2014-06-19 15:52 - 2014-06-19 15:52 - 00011965 _____ () C:\Users\Maddin\Documents\Unbenannt 1.ods
2014-06-19 14:35 - 2014-06-19 14:35 - 00448512 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\TFC (1).exe
2014-06-12 21:57 - 2014-06-12 21:57 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2014-06-11 08:54 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 08:54 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 08:54 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 08:54 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 08:54 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 08:54 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 08:54 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 08:54 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 08:54 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-11 08:54 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-11 08:54 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 08:54 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 08:54 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 08:54 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 08:54 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 08:54 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 08:54 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 08:54 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-11 08:54 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 08:54 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 08:54 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-11 08:54 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-11 08:54 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 08:54 - 2014-04-26 20:21 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 08:54 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 08:54 - 2014-04-05 11:10 - 01422784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 08:54 - 2014-03-10 08:26 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 08:54 - 2014-03-10 08:26 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 08:54 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 08:54 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-05 15:25 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-05 15:24 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
2014-07-04 13:24 - 2014-07-04 13:19 - 00038379 _____ () C:\Users\Maddin\Downloads\Addition.txt
2014-07-04 13:24 - 2014-07-04 13:17 - 00016025 _____ () C:\Users\Maddin\Downloads\FRST.txt
2014-07-04 13:24 - 2014-07-04 13:17 - 00000000 ____D () C:\FRST
2014-07-04 13:16 - 2014-07-04 13:16 - 02083840 _____ (Farbar) C:\Users\Maddin\Downloads\FRST64.exe
2014-07-04 13:15 - 2014-05-09 19:49 - 01243299 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 13:14 - 2009-12-04 19:15 - 00004140 _____ () C:\Windows\System32\Tasks\Google Software Updater
2014-07-04 13:14 - 2009-08-27 21:27 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-07-04 13:12 - 2014-01-30 15:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 13:11 - 2009-01-26 12:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-04 13:11 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-04 13:11 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 13:11 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 21:17 - 2009-07-04 16:33 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\CorelHomeOffice
2014-07-03 21:17 - 2006-11-02 17:42 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-03 21:04 - 2014-01-30 15:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 20:55 - 2013-01-29 20:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 23:07 - 2014-04-19 00:19 - 00000000 ____D () C:\Users\Maddin\AppData\Local\Battle.net
2014-07-02 23:07 - 2010-11-19 21:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-02 23:07 - 2009-12-30 21:40 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TS3Client
2014-07-02 19:41 - 2014-07-02 19:41 - 00537974 _____ () C:\Users\Maddin\Downloads\noscript-2.6.8.31.xpi.zip
2014-07-02 19:41 - 2014-06-26 10:10 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\SynWrite
2014-07-02 19:41 - 2014-06-26 10:10 - 00000000 ____D () C:\SynWrite
2014-07-02 19:33 - 2011-05-19 18:49 - 00003686 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D93DBACB-AE77-466D-9B91-FD8EC005C83B}
2014-07-01 14:11 - 2014-06-25 22:28 - 00000000 ____D () C:\Users\Maddin\Documents\StarCraft II
2014-07-01 14:05 - 2013-03-27 20:49 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-26 22:09 - 2014-06-26 22:09 - 00000921 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-26 22:08 - 2014-06-26 22:07 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\Maddin\Downloads\TeamSpeak3-Client-win64-3.0.15.exe
2014-06-26 22:06 - 2009-12-30 21:39 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-06-26 10:13 - 2014-06-26 10:13 - 00000000 ____D () C:\New Folder
2014-06-26 10:10 - 2014-06-26 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynWrite
2014-06-26 10:10 - 2014-06-26 10:08 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite (1).exe
2014-06-26 10:06 - 2014-06-26 10:04 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite.exe
2014-06-26 08:02 - 2014-06-25 22:29 - 00000666 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-06-26 08:02 - 2014-06-25 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-25 22:29 - 2010-04-07 14:41 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-25 22:26 - 2014-04-19 00:18 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 21:44 - 2014-06-24 20:42 - 00002114 _____ () C:\Windows\PFRO.log
2014-06-24 20:55 - 2014-06-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-24 20:48 - 2013-02-16 13:14 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-06-24 20:47 - 2013-12-13 16:22 - 00000000 ____D () C:\AdwCleaner
2014-06-24 20:46 - 2014-06-24 20:46 - 01342659 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.213.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 02804344 _____ (TeamViewer GmbH) C:\Users\Maddin\Downloads\customermodule_avira_support_de.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TeamViewer
2014-06-23 11:04 - 2014-06-23 11:04 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212 (1).exe
2014-06-22 20:37 - 2014-04-28 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-06-22 20:37 - 2013-05-31 04:21 - 00003786 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-06-20 20:07 - 2014-03-24 16:39 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-06-20 20:07 - 2009-04-09 17:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-20 20:01 - 2013-11-13 18:15 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-06-20 19:59 - 2014-01-30 15:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 19:59 - 2014-01-30 15:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 19:42 - 2013-03-27 20:49 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-19 22:01 - 2009-04-09 17:00 - 00000000 ____D () C:\ProgramData\ICQ
2014-06-19 22:00 - 2009-04-03 16:44 - 00000000 ____D () C:\Users\Maddin
2014-06-19 21:57 - 2014-06-19 21:57 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212.exe
2014-06-19 15:52 - 2014-06-19 15:52 - 00011965 _____ () C:\Users\Maddin\Documents\Unbenannt 1.ods
2014-06-19 15:41 - 2010-11-27 21:19 - 00009725 _____ () C:\ProgramData\hpzinstall.log
2014-06-19 15:26 - 2010-11-27 21:19 - 00225436 _____ () C:\Windows\hpoins46.dat
2014-06-19 15:26 - 2006-11-02 14:34 - 00000281 _____ () C:\Windows\win.ini
2014-06-19 14:35 - 2014-06-19 14:35 - 00448512 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\TFC (1).exe
2014-06-17 13:33 - 2013-12-20 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-13 08:44 - 2008-01-21 13:10 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-13 08:44 - 2008-01-21 13:09 - 00674024 _____ () C:\Windows\system32\perfh007.dat
2014-06-13 08:44 - 2008-01-21 13:09 - 00146036 _____ () C:\Windows\system32\perfc007.dat
2014-06-12 21:57 - 2014-06-12 21:57 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2014-06-11 19:40 - 2013-08-14 14:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 19:37 - 2006-11-02 14:35 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-11 12:02 - 2012-06-19 11:45 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-06-05 15:25 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-05 15:24 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iPod
2014-06-05 15:24 - 2014-04-28 11:15 - 00000000 ____D () C:\ProgramData\Apple Computer
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4500.dll
Some content of TEMP:
====================
C:\Users\Maddin\AppData\Local\Temp\avgnt.exe
C:\Users\Maddin\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-07-04 13:24
==================== End Of Log ============================
1111111[/CODE] Bitte schön, die angeforderten LogFiles Mfg Jojobin |
|
04.07.2014, 12:39
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | ADWcleaner lässt sich nicht mehr starten. Hi, Schritt 1  Malwarebytes Antimalware
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
04.07.2014, 13:18
| #5 |
| | ADWcleaner lässt sich nicht mehr starten. Hallo, sobald ich den Button drücken will "In Zwischenablage kopieren" stürzt MBAM ab. Keine Ahnung wieso Mfg Jojobin |
|
04.07.2014, 13:24
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | ADWcleaner lässt sich nicht mehr starten.
__________________ --> ADWcleaner lässt sich nicht mehr starten. |
|
04.07.2014, 13:27
| #7 |
| | ADWcleaner lässt sich nicht mehr starten. Okay, dann lasse ich das Programm nochmal durchlaufen |
|
04.07.2014, 13:31
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | ADWcleaner lässt sich nicht mehr starten. Nee, mußte nicht. Gehe einfach statt auf "In Zwischenablage kopieren" links daneben auf Exportieren. Lesestoff MBAM-Funde posten: So gehts...Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden. Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
04.07.2014, 13:35
| #9 |
| | ADWcleaner lässt sich nicht mehr starten. Klappt nicht, sobald ich den Knopf drücke, hängt sich das programm auf |
|
04.07.2014, 13:39
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | ADWcleaner lässt sich nicht mehr starten. Ok, wenn Du das Suchlaufprotokoll anklickst, kannst dann einen Screenshot machen, damit ich sehe was Du alles in Quarantäne geschoben hast? Zusätzlich: Schritt 1 Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro-32 Bit Version HitmanPro-64 Bit Version
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
04.07.2014, 13:55
| #11 |
| | ADWcleaner lässt sich nicht mehr starten. Ne Blöde Frage, aber wie bekomme ich den Screenshot ins Forum? |
|
04.07.2014, 13:56
| #12 |
| /// TB-Ausbilder /// Anleitungs-Guru | ADWcleaner lässt sich nicht mehr starten. Das Bild mit dem Büroklammersymbol anhängen... 
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
04.07.2014, 14:06
| #13 |
| | ADWcleaner lässt sich nicht mehr starten. Muss ich das irgendwo hochladen? Der will ne URL haben. Sorry für die ganzen fragen aber ich bin nicht grad der Überflieger wenns um Computer geht Hier die LogFile von HitmanPro Code:
ATTFilter
|
|
04.07.2014, 14:22
| #14 |
| /// TB-Ausbilder /// Anleitungs-Guru | ADWcleaner lässt sich nicht mehr starten. Nö, geht so... Schritt 1 ESET Online Scanner
Schritt 2 Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
04.07.2014, 19:02
| #15 |
| | ADWcleaner lässt sich nicht mehr starten. Esset Log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=b8fb1c511dd121499f6596361388b400
# engine=19022
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-04 05:33:56
# local_time=2014-07-04 07:33:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 904945 242019142 0 0
# scanned=213580
# found=105
# cleaned=0
# scan_time=14486
sh=297834C3BA7DDC4ED4662C56468655B25C7B0D62 ft=1 fh=c7091104e653332e vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll.vir"
sh=9B62FB6B35E95AF7CBA9E6D862C2981ACC53F95E ft=1 fh=3a4703d3e461e003 vn="Variante von Win32/Toolbar.CrossRider.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bg.exe.vir"
sh=024EFC6650D86DBBF0E2253F885E814AD0D4AA55 ft=1 fh=4b650565e700c147 vn="Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho64.dll.vir"
sh=F7EAF3844A2FA167F1B3D5514B5E95B7FE2EB584 ft=1 fh=3d74ec294a8747eb vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil.exe.vir"
sh=2B4570CBF54B53B94F8A6FDCA4B668CFCC228892 ft=1 fh=c71c0011db67283c vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil64.dll.vir"
sh=4867658EBE979AFDB081378ECEE7EAFA521EEE90 ft=1 fh=3d74ec29dcde0a77 vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil64.exe.vir"
sh=9081272059283C29EA6399FEDA5C8F2259D1D27D ft=1 fh=b4e3473111de4047 vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-codedownloader.exe.vir"
sh=646462BADEC3189BAF4BD7BF72DA38FE4E4DDDB3 ft=1 fh=75c4d8404236fdba vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-enabler.exe.vir"
sh=E0D174DD3160397559899BF96E08C71159B13D53 ft=1 fh=9c36fb84f91539bc vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-updater.exe.vir"
sh=24165C1DD00ACE869F1BD75885E6C8CAAE374809 ft=1 fh=1ce77273f922b6a7 vn="Win32/Packed.VMDetector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\utils.exe.vir"
sh=78B657E2CFB4833BB489C9CD4C75F2221886EBFE ft=1 fh=627bc7b48335d3b2 vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\HDvidCodecIE.exe.vir"
sh=DFE43AD6B4B6E815442723162D307C4D15D6E83E ft=1 fh=dbdf43c41bcd540b vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\hdvidextsetup.exe.vir"
sh=709D5E1CE0B870E11AACABC3CF0522071EF4C026 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\33036.crx.vir"
sh=7BD13D5690CD812FC9B811CB004AE37E40E9D444 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\33036.xpi.vir"
sh=1D6F12EBD2BF0535CA11ED3CD5CDC38679D722E2 ft=1 fh=4dcd4b473cf7ddae vn="Variante von Win32/Toolbar.CrossRider.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll.vir"
sh=00933B5933E1107D24FDDFC8B0A2D31A16C57935 ft=1 fh=f2a5cf74b45ae7a8 vn="Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho64.dll.vir"
sh=F7667725C4641FE94BC1CC05D2DBE32D42A956EA ft=1 fh=4f182d81264934b1 vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-buttonutil64.dll.vir"
sh=EF4353472B3D27A841392B8AB48A3D4F20249CE3 ft=1 fh=7bda7a14e0b62f7e vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-buttonutil64.exe.vir"
sh=AC97CEDAD226F33E4C2AD936E8FDD7750235C8B0 ft=1 fh=a877c2ea96e3c90a vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe.vir"
sh=2529974DBE6E0C679B8F7392F5D28DF73EAB88FE ft=1 fh=741cdb47a6210c97 vn="Variante von Win32/Toolbar.CrossRider.T evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe.vir"
sh=ACA0F6C38D7AA605914CFF2C4A6753A753F20428 ft=1 fh=c86d96adef0c5495 vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-enabler.exe.vir"
sh=9D989CEF71E0E8CCEC77DB2427FF84363D569A19 ft=1 fh=5b6006e2634990d4 vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe.vir"
sh=B8D7F5484360F42AE0052242C5D05D327C6F4787 ft=1 fh=a23594fed862e14e vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-updater.exe.vir"
sh=C7C0F42A23562AA6DCCD60326FD8CC2AA41B5448 ft=1 fh=c053642cee9f3def vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=125B1C393F2104CBA08183E495C0907BFF7EDA22 ft=1 fh=ea25908c8365106f vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=8E85792765D0E0BF52107CFF4A6620995DB19BB0 ft=1 fh=627da500ea2e265f vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir"
sh=6043D1ACD51FD373472020FBB748C405AAF22397 ft=1 fh=4c716dbbae6c21b9 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=FF431CD8693F4045BD7BD87DBCE54B820F000FC0 ft=1 fh=16c2e1bd3fd6b7e2 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=5836A5DF3860241F6B69F2292ABCE592A13689B6 ft=1 fh=a3db04555f559ea8 vn="Variante von Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=9DC13DB9C123270C2356ED410128E11D5ADF7C6E ft=1 fh=023ab782f0a9b07d vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=BEFC0099864AA52ABB0A3B99793A5A1BF525401D ft=1 fh=64b34719c3735e0d vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\winzipersvc.exe.vir"
sh=56659F7FF1F1FA7906A77228E315F65F38BCEF73 ft=1 fh=0ff759dfc352fd03 vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=662B9923F7C796C1766AF1488302447F9216061A ft=1 fh=fff34c570ca51c53 vn="Variante von MSIL/Adware.PullUpdate.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\InternetUpdater\InternetUpdaterService.exe.vir"
sh=F0C172550AA4ED9255C4D7AFCC650991F29AB7AA ft=1 fh=f4da2b89fff0e940 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Updater\Uninstall.exe.vir"
sh=A70C63312CBCD0D975236E48372A5F3275A01554 ft=1 fh=b3500ac9ac48c1c9 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir"
sh=9EFDE89A61BAAA7D5D5D4B08214BE3D2EE505248 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\102_dealply_m.js.vir"
sh=57F445259F179510FE1EACAAD27A82E87305756C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\103_intext_5_m.js.vir"
sh=30630D311A124BA372D209C02247D8A4238E3610 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\104_jollywallet_m.js.vir"
sh=04253E738106628805978963C1648F429CD2A08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\105_corticas_m.js.vir"
sh=D7B46B5A4169AC7B179A70D92A6139EA9C4EAE6F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\108_icm_m.js.vir"
sh=DA209282A25696B4D678B78442C261C5D81DC81B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\119_similar_web_m.js.vir"
sh=E5DA6BC389AFE8C4BE0D4BDF007094964623BEE4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\123_intext_adv_m.js.vir"
sh=B8B5897BC3983B6CE75447868BDAE3EB1441E61C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\155_ibario_pops_m.js.vir"
sh=00211CE73FB698A04BEF6622CB5B086D520B896D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js.vir"
sh=DB730C30AB384D45E22D00304F1103E934CB33B9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\178_revizer_ws_dynamic_m.js.vir"
sh=94D9025E35A51C71746811F94F4AA5EFC9133252 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\179_revizer_p_dynamic_m.js.vir"
sh=E87ABD87A6168E160F36A5CE9E444C1719F203DC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\180_bpo_serp_m.js.vir"
sh=B4853CCBF4F400FB3A12155815CFFD0D74C8EEAC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\184_noproblemppc_m.js.vir"
sh=AF993393F8553D67CDA46A7E16D768A12464A7C7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\189_active_sanity.js.vir"
sh=39D85F60370A7E5065A9BDC9D83216476D768A60 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\191_ciuvo_m.js.vir"
sh=7F88F1865FBE0A134FAEA5DA7B88C7264BBC1606 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\194_retargeting_bi_m.js.js.vir"
sh=705F7674C554A2BDA26E88C6776C54FDBF379002 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\195_icm_convertmedia_m.js.vir"
sh=BAFD0049395B7968BFFBC54723176162D6687D58 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\208_gam_manager.js.vir"
sh=D767D39DA00E1507AB72DF2BBF0DF984E5F67F87 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\221_icm_downloads_m.js.vir"
sh=2DC335A206411AD5B2CB8E8AB2B1333596493CB9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\226_set_campaign_id_m.js.vir"
sh=99ED957925C94680B2842F0C146CF7F28A86CCD0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir"
sh=9D7E00EC736140394D5885417303D94D44553A41 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.26.215_0\extensionData\plugins\194.js.vir"
sh=465A61F1CA60AA5CC6B395A524A560FBEFF6F798 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.26.215_0\extensionData\plugins\91.js.vir"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\LocalLow\softonic-de3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll.vir"
sh=CCAA0FF50DB699E9A228346CD413AAB42E358CD9 ft=1 fh=e07319f97f2359ad vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\15B58DC5C7724C2F8A94970D73D245B5\LatestDLMgr.exe.vir"
sh=6578328F5E21CD553EF80BB218F5F0012A404580 ft=1 fh=3011ffa59345c6eb vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\2BF74664463843378BDF4B5212CC8090\Iminent_CB_p1v4.exe.vir"
sh=CCAA0FF50DB699E9A228346CD413AAB42E358CD9 ft=1 fh=e07319f97f2359ad vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\2BF74664463843378BDF4B5212CC8090\LatestDLMgr.exe.vir"
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\2BF74664463843378BDF4B5212CC8090\OCBrowserHelper_1.0.3.85.dll.vir"
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\970DB58AA60F4204828738487A6F1FF7\OCBrowserHelper_1.0.3.85.dll.vir"
sh=515646FFCED3B23D908C7F0E417B631F3B07A056 ft=1 fh=89f1249ae3e9df25 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\FBCFE37D39F64CBF90D57F405DA1F2E6\HSS-2.67-install-p76-335-conduit.exe.vir"
sh=BEE96291323D129CF104D0FA8ECBE8AAB5E4BCA5 ft=1 fh=c71c001156299171 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Nero_Move_it_Essentials\Nero Move it Essentials\unit_app_75\Toolbar.exe"
sh=0AB7E14045C76206A8733C6E4D36220A58C85A77 ft=1 fh=9f671b8e7a289dd3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
sh=B506B2465FD10608020D30ED9047B5E11DE63FA0 ft=1 fh=10102a51b62618f2 vn="Win32/Bundled.Toolbar.Ask.E potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe"
sh=408E55A7D2D56C02EF844CA63C1EA8D440D1F8B2 ft=1 fh=cf5f3ba9cab9d1c3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll"
sh=EC5913DE16698FF281FE1F1108602BD300AFDA91 ft=1 fh=400322602d09beb6 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe"
sh=4E3A9EF57C71B5829AC8CD185CBED27AF6610C13 ft=1 fh=83a0e01ca2b69786 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll"
sh=698FB11D2C5D96C744D8602AD22309F10509063A ft=1 fh=c3312308a781a9fa vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll"
sh=0111559B94F5572B6777EBE3E85CB9F9C94BC85B ft=1 fh=76e883fd9357c7a4 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe"
sh=BB237CE0031AFF6ABD4E3626D7C6AE3D6ABEDB5A ft=1 fh=2522929e49563be6 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll"
sh=9C835C702D070F54C59E36FED31696261FEBFDA3 ft=1 fh=29643e02259e76bc vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll"
sh=B27AA1F8303815E20CE148744957CB3726BCDE96 ft=1 fh=e7bb97c341e31fcc vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe"
sh=6CDE6B1DD298CA47510EB79334AE149F60FEFFCE ft=1 fh=0241d1e8e3e9ed03 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll"
sh=84987AF48F5107F84A12BB7418C0A7A2106906B0 ft=1 fh=6e62188c597b6ea7 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll"
sh=1D8EC6612F09B82BE7D61BB29C69D5E78DD9D677 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\AskToolbarInstaller-12.10.0_AVIRA-V7C.msi"
sh=0AB7E14045C76206A8733C6E4D36220A58C85A77 ft=1 fh=9f671b8e7a289dd3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe"
sh=408E55A7D2D56C02EF844CA63C1EA8D440D1F8B2 ft=1 fh=cf5f3ba9cab9d1c3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll"
sh=EC5913DE16698FF281FE1F1108602BD300AFDA91 ft=1 fh=400322602d09beb6 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe"
sh=4E3A9EF57C71B5829AC8CD185CBED27AF6610C13 ft=1 fh=83a0e01ca2b69786 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\SO.dll"
sh=698FB11D2C5D96C744D8602AD22309F10509063A ft=1 fh=c3312308a781a9fa vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll"
sh=0111559B94F5572B6777EBE3E85CB9F9C94BC85B ft=1 fh=76e883fd9357c7a4 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe"
sh=BB237CE0031AFF6ABD4E3626D7C6AE3D6ABEDB5A ft=1 fh=2522929e49563be6 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll"
sh=9C835C702D070F54C59E36FED31696261FEBFDA3 ft=1 fh=29643e02259e76bc vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll"
sh=B27AA1F8303815E20CE148744957CB3726BCDE96 ft=1 fh=e7bb97c341e31fcc vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe"
sh=0F17C64E7D6FEE1347019A0A7E2C78DFA98B5E55 ft=1 fh=a3e012e963e0f858 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
sh=6CDE6B1DD298CA47510EB79334AE149F60FEFFCE ft=1 fh=0241d1e8e3e9ed03 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll"
sh=84987AF48F5107F84A12BB7418C0A7A2106906B0 ft=1 fh=6e62188c597b6ea7 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll"
sh=3EFB0D2DE276FB8A10A07F04E326481095CB78AA ft=1 fh=d53919b725032eb4 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\vntldr.exe"
sh=0F17C64E7D6FEE1347019A0A7E2C78DFA98B5E55 ft=1 fh=a3e012e963e0f858 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=FD0483A45EF23EB4DEF1523906A28A4A5D3C0D77 ft=1 fh=fcf2e467b851cbbd vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=C8B96034415ABE6FDBA82FF60E8157E97DED8CC6 ft=1 fh=afea4f88be0404c6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Maddin\Downloads\ccsetup410pro.exe"
sh=F36AAC832975A632FA8BE587E5777777245FFA69 ft=1 fh=ae8eb907f63eab71 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\Firefox - CHIP-Installer.exe"
sh=6595EBE98D06263EDBB10C84DD857DF6CB932800 ft=1 fh=8177540bcf935086 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\OpenOffice - CHIP-Installer(1).exe"
sh=B48B1E6B136CF17C143DC15485A2ECBF8403D6EB ft=1 fh=4480f35869d896ea vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\OpenOffice - CHIP-Installer(2).exe"
sh=7FC797F92BE743F580CBC7F4DB1D64A8B82890E9 ft=1 fh=a254ad6ed11136b5 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\OpenOffice - CHIP-Installer.exe"
sh=6DA77E62AF75D8A8BD1307C3BC4320CA7976049A ft=1 fh=ed04f9185abe4587 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\YTDSetup_4.8.0.4.exe"
sh=D65C9B8B90C17471B595F97F547003EC5B5028C1 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\18e07.msi"
sh=C70872D7B4F48D529A179C0FA54AB65FB1B982F4 ft=1 fh=f2e2b15faf5e28f3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\MSIBC30.tmp"
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014 Ran by Maddin (administrator) on MARTIN on 04-07-2014 19:52:02 Running from C:\Users\Maddin\Downloads Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe () C:\Windows\SysWOW64\HsMgr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Corel) C:\Program Files (x86)\Corel Home Office\CORELC~1.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Microsoft Corporation) C:\Windows\System32\FirewallControlPanel.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Cmaudio8768GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-01] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe" "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware " [54072 2014-05-12] (Malwarebytes Corporation) HKU\.DEFAULT\...\Run: [Picasa Media Detector] => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe HKU\.DEFAULT\...\Run: [fsc-reg] => c:\fsc-reg\fscreg.exe [380688 2008-08-01] (Fujitsu Siemens) HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-3559629360-2871224288-528010784-1000\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Setup.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1000\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Setup.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Setup.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_Plugin.exe -update plugin HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Installer.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_Plugin.exe -update plugin HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Installer.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () BootExecute: ==================== Internet (Whitelisted) ==================== URLSearchHook: HKLM-x32 - (No Name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {301B60B5-4EE1-421E-95C2-22CB96AA0A8F} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms} BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.) BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.) Toolbar: HKLM-x32 - No Name - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.) Toolbar: HKCU - No Name - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No File Toolbar: HKCU - No Name - {62D40876-DF18-411F-9D34-A9DD7A197BC5} - No File Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pack.google.com/Google Updater;version=13 - C:\Program Files (x86)\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll (Google) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: FoxyDeal - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-05-10] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20] FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-03] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-20] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-20] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR StartupUrls: "hxxp://www.google.de/" CHR Extension: (Google Docs) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-20] CHR Extension: (Google Drive) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-20] CHR Extension: (YouTube) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-20] CHR Extension: (Adblock Plus) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-05] CHR Extension: (Google-Suche) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-20] CHR Extension: (Google Wallet) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20] CHR Extension: (Google Mail) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-20] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02] CHR HKLM-x32\...\Chrome\Extension: [nlcphjankhppgohedpkjonpadimhaoof] - C:\Users\Maddin\AppData\Roaming\Browser Extensions\sh_1.0.crx [2012-03-02] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= ATTENTION: => Could not perform signature verification. Cryptographic Service is not running. R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [801872 2014-07-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-01] (Avira Operations GmbH & Co. KG) S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.) R2 D-Link Wireless N DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-06-03] () R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] () R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-07-04] (SurfRight B.V.) R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] () R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions) U3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-05-14] (TuneUp Software) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-11-21] (TuneUp Software) ==================== Drivers (Whitelisted) ==================== R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG) S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-25] (AVG Technologies) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-20] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG) R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-05-22] (C-Media Inc) R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1035104 2010-04-29] (Ralink Technology Corp.) S3 PDNMp50; C:\Windows\SysWOW64\drivers\PDNMp50.sys [28224 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA)) S3 PDNSp50; C:\Windows\SysWOW64\drivers\PDNSp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA)) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software) U0 wfgcbea; C:\Windows\System32\drivers\suklhuxe.sys [79064 2014-07-04] (Malwarebytes Corporation) R1 {55685567-4840-4a91-962b-49a412e9485a}Gt64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt64.sys [60088 2014-05-28] (StdLib) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 LVcKap64; system32\DRIVERS\LVcKap64.sys [X] S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 PDNSp50a64; System32\Drivers\PDNSp50a64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-04 15:29 - 2014-07-04 15:29 - 02347384 _____ (ESET) C:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe 2014-07-04 15:26 - 2014-07-04 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-04 15:25 - 2014-07-04 15:25 - 02347384 _____ (ESET) C:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe 2014-07-04 15:05 - 2014-07-04 15:05 - 00186726 _____ () C:\Users\Maddin\Desktop\HitmanPro_20140704_1505.log 2014-07-04 14:53 - 2014-07-04 14:54 - 00001750 _____ () C:\Users\Public\Desktop\HitmanPro.lnk 2014-07-04 14:53 - 2014-07-04 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2014-07-04 14:53 - 2014-07-04 14:53 - 00000000 ____D () C:\Program Files\HitmanPro 2014-07-04 14:52 - 2014-07-04 14:53 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-07-04 14:52 - 2014-07-04 14:52 - 11185664 _____ (SurfRight B.V.) C:\Users\Maddin\Downloads\HitmanPro_x64.exe 2014-07-04 14:10 - 2014-07-04 14:10 - 00000255 _____ () C:\Users\Maddin\Desktop\Suchlauf.txt 2014-07-04 14:09 - 2014-07-04 14:09 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\suklhuxe.sys 2014-07-04 13:46 - 2014-07-04 14:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-04 13:45 - 2014-07-04 13:45 - 00000947 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-04 13:45 - 2014-07-04 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-04 13:45 - 2014-07-04 13:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-04 13:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-04 13:45 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-04 13:44 - 2014-07-04 13:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Maddin\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-04 13:19 - 2014-07-04 13:26 - 00038376 _____ () C:\Users\Maddin\Downloads\Addition.txt 2014-07-04 13:17 - 2014-07-04 19:52 - 00019493 _____ () C:\Users\Maddin\Downloads\FRST.txt 2014-07-04 13:17 - 2014-07-04 19:52 - 00000000 ____D () C:\FRST 2014-07-04 13:16 - 2014-07-04 13:16 - 02083840 _____ (Farbar) C:\Users\Maddin\Downloads\FRST64.exe 2014-07-02 19:41 - 2014-07-02 19:41 - 00537974 _____ () C:\Users\Maddin\Downloads\noscript-2.6.8.31.xpi.zip 2014-06-26 22:09 - 2014-06-26 22:09 - 00000921 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-26 22:07 - 2014-06-26 22:08 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\Maddin\Downloads\TeamSpeak3-Client-win64-3.0.15.exe 2014-06-26 10:13 - 2014-06-26 10:13 - 00000000 ____D () C:\New Folder 2014-06-26 10:10 - 2014-07-02 19:41 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\SynWrite 2014-06-26 10:10 - 2014-07-02 19:41 - 00000000 ____D () C:\SynWrite 2014-06-26 10:10 - 2014-06-26 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynWrite 2014-06-26 10:08 - 2014-06-26 10:10 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite (1).exe 2014-06-26 10:04 - 2014-06-26 10:06 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite.exe 2014-06-25 22:29 - 2014-06-26 08:02 - 00000666 _____ () C:\Users\Public\Desktop\StarCraft II.lnk 2014-06-25 22:28 - 2014-07-01 14:11 - 00000000 ____D () C:\Users\Maddin\Documents\StarCraft II 2014-06-25 22:28 - 2014-06-26 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II 2014-06-24 20:55 - 2014-06-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-24 20:46 - 2014-06-24 20:46 - 01342659 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.213.exe 2014-06-24 20:42 - 2014-06-24 21:44 - 00002114 _____ () C:\Windows\PFRO.log 2014-06-24 08:28 - 2014-06-24 08:28 - 02804344 _____ (TeamViewer GmbH) C:\Users\Maddin\Downloads\customermodule_avira_support_de.exe 2014-06-24 08:28 - 2014-06-24 08:28 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TeamViewer 2014-06-23 11:04 - 2014-06-23 11:04 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212 (1).exe 2014-06-19 21:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-19 21:57 - 2014-06-19 21:57 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212.exe 2014-06-19 15:52 - 2014-06-19 15:52 - 00011965 _____ () C:\Users\Maddin\Documents\Unbenannt 1.ods 2014-06-19 14:35 - 2014-06-19 14:35 - 00448512 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\TFC (1).exe 2014-06-12 21:57 - 2014-06-12 21:57 - 00000000 ____D () C:\ProgramData\HPSSUPPLY 2014-06-11 08:54 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-11 08:54 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-11 08:54 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-11 08:54 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-11 08:54 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-11 08:54 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-11 08:54 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-06-11 08:54 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-11 08:54 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-06-11 08:54 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-11 08:54 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-11 08:54 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-11 08:54 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-11 08:54 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-11 08:54 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-11 08:54 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-11 08:54 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-11 08:54 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-06-11 08:54 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-06-11 08:54 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-06-11 08:54 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-11 08:54 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-11 08:54 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-11 08:54 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-11 08:54 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-11 08:54 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 08:54 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-11 08:54 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-06-11 08:54 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 08:54 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-11 08:54 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-06-11 08:54 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 08:54 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-11 08:54 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 08:54 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 08:54 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-06-11 08:54 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 08:54 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 08:54 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 08:54 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-06-11 08:54 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-06-11 08:54 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-11 08:54 - 2014-04-26 20:21 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-11 08:54 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-11 08:54 - 2014-04-05 11:10 - 01422784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-11 08:54 - 2014-03-10 08:26 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-11 08:54 - 2014-03-10 08:26 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-11 08:54 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-11 08:54 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-05 15:25 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\Program Files\iTunes 2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-06-05 15:24 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iPod ==================== One Month Modified Files and Folders ======= 2014-07-04 19:52 - 2014-07-04 13:17 - 00019493 _____ () C:\Users\Maddin\Downloads\FRST.txt 2014-07-04 19:52 - 2014-07-04 13:17 - 00000000 ____D () C:\FRST 2014-07-04 19:11 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-04 19:11 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-04 19:04 - 2014-01-30 15:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-04 19:00 - 2014-05-09 19:49 - 01254195 _____ () C:\Windows\WindowsUpdate.log 2014-07-04 18:55 - 2013-01-29 20:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-04 15:29 - 2014-07-04 15:29 - 02347384 _____ (ESET) C:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe 2014-07-04 15:26 - 2014-07-04 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-04 15:25 - 2014-07-04 15:25 - 02347384 _____ (ESET) C:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe 2014-07-04 15:05 - 2014-07-04 15:05 - 00186726 _____ () C:\Users\Maddin\Desktop\HitmanPro_20140704_1505.log 2014-07-04 14:54 - 2014-07-04 14:53 - 00001750 _____ () C:\Users\Public\Desktop\HitmanPro.lnk 2014-07-04 14:53 - 2014-07-04 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2014-07-04 14:53 - 2014-07-04 14:53 - 00000000 ____D () C:\Program Files\HitmanPro 2014-07-04 14:53 - 2014-07-04 14:52 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-07-04 14:52 - 2014-07-04 14:52 - 11185664 _____ (SurfRight B.V.) C:\Users\Maddin\Downloads\HitmanPro_x64.exe 2014-07-04 14:40 - 2014-07-04 13:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-04 14:10 - 2014-07-04 14:10 - 00000255 _____ () C:\Users\Maddin\Desktop\Suchlauf.txt 2014-07-04 14:09 - 2014-07-04 14:09 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\suklhuxe.sys 2014-07-04 14:09 - 2014-01-31 13:13 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\52eb85fbe56da19e5803d976 2014-07-04 14:09 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\MSAgent 2014-07-04 13:45 - 2014-07-04 13:45 - 00000947 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-04 13:45 - 2014-07-04 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-04 13:45 - 2014-07-04 13:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-04 13:45 - 2010-07-25 21:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-04 13:44 - 2014-07-04 13:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Maddin\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-04 13:37 - 2009-12-04 19:15 - 00004140 _____ () C:\Windows\System32\Tasks\Google Software Updater 2014-07-04 13:37 - 2009-08-27 21:27 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job 2014-07-04 13:26 - 2014-07-04 13:19 - 00038376 _____ () C:\Users\Maddin\Downloads\Addition.txt 2014-07-04 13:16 - 2014-07-04 13:16 - 02083840 _____ (Farbar) C:\Users\Maddin\Downloads\FRST64.exe 2014-07-04 13:12 - 2014-01-30 15:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-04 13:11 - 2009-01-26 12:49 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-04 13:11 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-03 21:17 - 2009-07-04 16:33 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\CorelHomeOffice 2014-07-03 21:17 - 2006-11-02 17:42 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-07-02 23:07 - 2014-04-19 00:19 - 00000000 ____D () C:\Users\Maddin\AppData\Local\Battle.net 2014-07-02 23:07 - 2010-11-19 21:26 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-02 23:07 - 2009-12-30 21:40 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TS3Client 2014-07-02 19:41 - 2014-07-02 19:41 - 00537974 _____ () C:\Users\Maddin\Downloads\noscript-2.6.8.31.xpi.zip 2014-07-02 19:41 - 2014-06-26 10:10 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\SynWrite 2014-07-02 19:41 - 2014-06-26 10:10 - 00000000 ____D () C:\SynWrite 2014-07-02 19:33 - 2011-05-19 18:49 - 00003686 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D93DBACB-AE77-466D-9B91-FD8EC005C83B} 2014-07-01 14:11 - 2014-06-25 22:28 - 00000000 ____D () C:\Users\Maddin\Documents\StarCraft II 2014-07-01 14:05 - 2013-03-27 20:49 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-26 22:09 - 2014-06-26 22:09 - 00000921 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-26 22:08 - 2014-06-26 22:07 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\Maddin\Downloads\TeamSpeak3-Client-win64-3.0.15.exe 2014-06-26 22:06 - 2009-12-30 21:39 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client 2014-06-26 10:13 - 2014-06-26 10:13 - 00000000 ____D () C:\New Folder 2014-06-26 10:10 - 2014-06-26 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynWrite 2014-06-26 10:10 - 2014-06-26 10:08 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite (1).exe 2014-06-26 10:06 - 2014-06-26 10:04 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite.exe 2014-06-26 08:02 - 2014-06-25 22:29 - 00000666 _____ () C:\Users\Public\Desktop\StarCraft II.lnk 2014-06-26 08:02 - 2014-06-25 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II 2014-06-25 22:29 - 2010-04-07 14:41 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-06-25 22:26 - 2014-04-19 00:18 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-24 21:44 - 2014-06-24 20:42 - 00002114 _____ () C:\Windows\PFRO.log 2014-06-24 20:55 - 2014-06-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-24 20:48 - 2013-02-16 13:14 - 00000000 ____D () C:\Program Files (x86)\Amazon 2014-06-24 20:47 - 2013-12-13 16:22 - 00000000 ____D () C:\AdwCleaner 2014-06-24 20:46 - 2014-06-24 20:46 - 01342659 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.213.exe 2014-06-24 08:28 - 2014-06-24 08:28 - 02804344 _____ (TeamViewer GmbH) C:\Users\Maddin\Downloads\customermodule_avira_support_de.exe 2014-06-24 08:28 - 2014-06-24 08:28 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TeamViewer 2014-06-23 11:04 - 2014-06-23 11:04 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212 (1).exe 2014-06-22 20:37 - 2014-04-28 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader 2014-06-22 20:37 - 2013-05-31 04:21 - 00003786 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager 2014-06-20 20:07 - 2014-03-24 16:39 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft 2014-06-20 20:07 - 2009-04-09 17:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-06-20 20:01 - 2013-11-13 18:15 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-06-20 19:59 - 2014-01-30 15:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-20 19:59 - 2014-01-30 15:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-20 19:42 - 2013-03-27 20:49 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-19 22:01 - 2009-04-09 17:00 - 00000000 ____D () C:\ProgramData\ICQ 2014-06-19 22:00 - 2009-04-03 16:44 - 00000000 ____D () C:\Users\Maddin 2014-06-19 21:57 - 2014-06-19 21:57 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212.exe 2014-06-19 15:52 - 2014-06-19 15:52 - 00011965 _____ () C:\Users\Maddin\Documents\Unbenannt 1.ods 2014-06-19 15:41 - 2010-11-27 21:19 - 00009725 _____ () C:\ProgramData\hpzinstall.log 2014-06-19 15:26 - 2010-11-27 21:19 - 00225436 _____ () C:\Windows\hpoins46.dat 2014-06-19 15:26 - 2006-11-02 14:34 - 00000281 _____ () C:\Windows\win.ini 2014-06-19 14:35 - 2014-06-19 14:35 - 00448512 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\TFC (1).exe 2014-06-17 13:33 - 2013-12-20 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-13 08:44 - 2008-01-21 13:10 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-13 08:44 - 2008-01-21 13:09 - 00674024 _____ () C:\Windows\system32\perfh007.dat 2014-06-13 08:44 - 2008-01-21 13:09 - 00146036 _____ () C:\Windows\system32\perfc007.dat 2014-06-12 21:57 - 2014-06-12 21:57 - 00000000 ____D () C:\ProgramData\HPSSUPPLY 2014-06-11 19:40 - 2013-08-14 14:48 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-11 19:37 - 2006-11-02 14:35 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-06-11 12:02 - 2012-06-19 11:45 - 00000000 ____D () C:\Program Files (x86)\Diablo III 2014-06-05 15:25 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iTunes 2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-06-05 15:24 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iPod 2014-06-05 15:24 - 2014-04-28 11:15 - 00000000 ____D () C:\ProgramData\Apple Computer Files to move or delete: ==================== C:\Users\Public\AlexaNSISPlugin.4500.dll Some content of TEMP: ==================== C:\Users\Maddin\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-07-04 13:24 ==================== End Of Log ============================ Addition Log Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Maddin at 2014-07-04 19:52:40
Running from C:\Users\Maddin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Alice Software 4.9.2 (HKLM-x32\...\Alice Software) (Version: 4.9.2 - HanseNet Telekommunikation GmbH)
Alice-Installationsdateien entfernen (HKLM-x32\...\Alice) (Version: - )
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-4300-A758B70C0A00}) (Version: 12.10.0.2951 - APN, LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Corel Home Office 5.0.36 (HKLM-x32\...\{080FE95E-5A89-4A54-BAAA-D769971B7C2D}) (Version: 5 - Corel)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden
D-Link DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version: - D-Link)
Energy Settings (HKLM-x32\...\{7613592F-B20C-4E1B-B2DD-67F0784D4373}) (Version: 1.0.7 - Fujitsu Siemens Computers)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F4500 (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden
Free YouTube Download version 3.2.0.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.0.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.1698.5652 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.220 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 (HKLM\...\{7F08A772-2816-4F46-84F1-49578502AD28}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.01.1015 - Logitech Inc.)
Logitech® Camera-Treiber (HKLM-x32\...\QcDrv) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Nero 7 Demo (HKLM-x32\...\{C7E1449D-7638-6832-426D-589655951031}) (Version: 7.00.1466 - Nero AG)
Nero Reloaded PlugIn Pack 2.0.4 by GEAR (HKLM-x32\...\{F3D7915D-6B42-49FA-9FC8-5020479A6A57}) (Version: 2.0.4 - GoldEsel)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 (HKLM-x32\...\{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1) (Version: - Orban, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5772 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 5.9 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.9.123 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sniper Elite: Zombie Army (HKLM-x32\...\Steam App 235700) (Version: - Rebellion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SynWrite version 6.4.760 (HKLM-x32\...\SynWrite_is1) (Version: 6.4.760 - UVViewSoft)
SystemDiagnostics (HKLM-x32\...\{EF59DB7F-7426-426E-B862-7031F83ED304}) (Version: 2.04.0006 - Fujitsu Technology Solutions)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TerraTec Aureon 5.1 Audio Driver (HKLM\...\C-Media PCI Audio Driver) (Version: - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Tukui Client (HKLM-x32\...\{510CF4AB-E9C8-4F48-BB02-CDC11B880D68}) (Version: 2.2.7 - Tukui)
Tukui Client (HKLM-x32\...\{6517882E-E5E0-40DC-B3B0-A531FF2A06E8}) (Version: 2.4.5 - Tukui)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.6030.1 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.6030.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.6030.1 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Vista Demo Screen Saver (HKLM-x32\...\{9605D5C2-F545-40F2-B39A-0462E4CD3811}) (Version: 1.1.5 - Ventuz Technology)
Works Suite-Betriebssystem-Pack (x32 Version: 1.0.0.0000 - Microsoft Corporation) Hidden
WorldofTanks (HKCU\...\WorldofTanks) (Version: - WorldofTanks)
==================== Restore Points =========================
31-05-2014 17:30:38 Windows Update
04-06-2014 00:15:05 Windows Update
10-06-2014 07:49:10 Windows Update
11-06-2014 17:32:58 Windows Update
17-06-2014 11:32:54 Windows Update
20-06-2014 17:38:26 Windows Update
20-06-2014 18:06:13 Entfernt Tom Clancy's Splinter Cell
22-06-2014 19:25:08 Geplanter Prüfpunkt
24-06-2014 06:10:19 Windows Update
02-07-2014 17:37:26 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {03734EA4-6886-4FFF-BDC9-10BDB40D1B41} - System32\Tasks\Google Updater and Installer => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {0C53DB7C-3292-41C6-BBE2-E09C1AAC656F} - System32\Tasks\WOT WFRI1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {0D60C924-08F7-4AAE-A8C9-72FED50DAF8A} - \Plus-HD-2.2-chromeinstaller No Task File <==== ATTENTION
Task: {133D8A4C-D133-4BB1-BE06-633AFE748C9C} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {1C26A2D5-BD29-4388-B66D-DD6D4A40B7A1} - System32\Tasks\WOT WMON1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {1F6F6465-1B1C-4B6C-BFFA-08B7DB938F46} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {213121A8-BEDD-4D7E-AFAD-04C9767D7779} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {22082927-5B18-4E51-9D24-37C1DC881406} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {36A0BB86-DA41-4B87-B65D-1FF7F4604AE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {39913DE5-5F6F-4DE9-BD8D-CF1DC0BC674E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {48C17C53-73B2-4132-863F-B783839616A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {4C4EE77B-4F44-4CF1-9882-6653C0FB77D3} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-27] (Google)
Task: {5B8E1D3C-500B-4185-9858-B8AE3B9B1B20} - \Plus-HD-2.2-updater No Task File <==== ATTENTION
Task: {5BB20900-5D7E-4327-904C-767A634A161A} - System32\Tasks\WOT T => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {6372E08D-540D-440A-8D2F-5167B33D2D9A} - \Plus-HD-2.2-enabler No Task File <==== ATTENTION
Task: {739DCE2D-7420-48CD-B30B-8091A8CBC200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {753EB692-0B14-4B0D-9B07-BC11ED29F8A8} - \HDvid Codec V1-enabler No Task File <==== ATTENTION
Task: {7642C8FD-D96B-4CE9-9D00-6FAFFB248A0E} - \Plus-HD-2.2-firefoxinstaller No Task File <==== ATTENTION
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {80A71535-3608-4738-9FE8-7DE6C5FE5A14} - System32\Tasks\WOT W2 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {83EACCD6-FB00-4468-987B-40903B45B1EB} - System32\Tasks\{0E0B6708-828E-4F31-8073-8CCE8A0A7924} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-06-05] (Skype Technologies S.A.)
Task: {9126A9BD-3BA0-45B2-8937-37FD34B7808C} - \DealPly No Task File <==== ATTENTION
Task: {92FCC7E2-AF62-4EF6-BE58-3DB1365A90B8} - \HDvid Codec V1-codedownloader No Task File <==== ATTENTION
Task: {A97048A0-D205-49CE-8A2B-A98D2BEB34D3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AF91A651-088C-4086-9CD4-384F3BA1067B} - System32\Tasks\WOT WWED1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {B13A788C-6EA7-46F5-858E-990B10A0C088} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {B6206A65-57D9-4506-AEF6-ABE2596CA1F9} - System32\Tasks\WOT WTUE1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {C8AED9DC-FEAF-4B53-BB4B-2B200DFAF959} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe [2011-11-21] (TuneUp Software)
Task: {D16C2F03-A27C-4D2E-B36C-D0064F83838E} - System32\Tasks\WOT W1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {E08A976F-F4F8-476D-AF80-CCF028FC15F6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E335426E-2CFB-4C9F-ACA1-534DF8D85D45} - \HDvid Codec V1-updater No Task File <==== ATTENTION
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EA9AA878-5CA3-4D7B-A5E1-E9CBCEF9A53D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Maddin => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-21] (Microsoft Corporation)
Task: {EDE5B0EC-8FF1-4476-A6D2-F191E23DF60B} - \Plus-HD-2.2-codedownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-10 20:12 - 2010-06-03 14:36 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
2012-06-18 20:29 - 2010-01-21 01:53 - 00496232 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2012-06-18 20:29 - 2010-01-21 01:52 - 00076392 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2012-06-18 20:29 - 2010-01-21 01:53 - 00731752 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2012-06-18 20:29 - 2010-01-21 01:53 - 00209000 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2011-01-03 23:00 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 01287456 _____ () C:\Program Files (x86)\Corel Home Office\A4W195.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 00546080 _____ () C:\Program Files (x86)\Corel Home Office\abdbcmn.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00808224 _____ () C:\Program Files (x86)\Corel Home Office\ABShare.DLL
2008-08-28 12:09 - 2008-08-28 12:09 - 00111904 _____ () C:\Program Files (x86)\Corel Home Office\ABViewForms.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00378144 _____ () C:\Program Files (x86)\Corel Home Office\ABMCmn.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00152864 _____ () C:\Program Files (x86)\Corel Home Office\abspel.dll
2008-08-28 12:10 - 2008-08-28 12:10 - 00066848 _____ () C:\Program Files (x86)\Corel Home Office\THXX.dll
2008-08-28 12:10 - 2008-08-28 12:10 - 00107808 _____ () C:\Program Files (x86)\Corel Home Office\VEXX.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 00288032 _____ () C:\Program Files (x86)\Corel Home Office\abcomctrl.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00255264 _____ () C:\Program Files (x86)\Corel Home Office\IMAGE.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00230688 _____ () C:\Program Files (x86)\Corel Home Office\abpivot.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00980256 _____ () C:\Program Files (x86)\Corel Home Office\abo.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00787744 _____ () C:\Program Files (x86)\Corel Home Office\abow.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00161056 _____ () C:\Program Files (x86)\Corel Home Office\abimgsrc.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 12563744 _____ () C:\Program Files (x86)\Corel Home Office\ABGerman.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 01561888 _____ () C:\Program Files (x86)\Corel Home Office\abdrwngs.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00242976 _____ () C:\Program Files (x86)\Corel Home Office\abgfx.dll
2014-01-30 15:28 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-30 15:28 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-30 15:28 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: ANIWZCS2Service => "C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
MSCONFIG\startupreg: GDFirewallTray => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2014 07:51:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (07/04/2014 07:51:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (07/04/2014 07:44:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (07/04/2014 03:29:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (07/04/2014 03:29:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (07/04/2014 03:26:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (07/04/2014 03:25:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (07/04/2014 02:34:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0xdc, Anwendungsstartzeit mbam.exe0.
Error: (07/04/2014 02:31:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0xcac, Anwendungsstartzeit mbam.exe0.
Error: (07/04/2014 02:26:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0xfe8, Anwendungsstartzeit mbam.exe0.
System errors:
=============
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: KtmRm für Distributed Transaction Coordinator2147942438 (0x80070026)
Error: (07/04/2014 01:12:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058
Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058
Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: KtmRm für Distributed Transaction Coordinator2147942438 (0x80070026)
Error: (07/03/2014 08:25:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058
Microsoft Office Sessions:
=========================
Error: (07/04/2014 07:51:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe
Error: (07/04/2014 07:51:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe
Error: (07/04/2014 07:44:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (07/04/2014 03:29:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe
Error: (07/04/2014 03:29:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe
Error: (07/04/2014 03:26:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe
Error: (07/04/2014 03:25:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe
Error: (07/04/2014 02:34:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fddc01cf9783e9a2f6a8
Error: (07/04/2014 02:31:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdcac01cf978354b09f78
Error: (07/04/2014 02:26:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdfe801cf9783144142f8
CodeIntegrity Errors:
===================================
Date: 2014-07-04 19:52:34.983
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 19:52:34.612
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 19:52:34.234
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 19:52:33.858
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 19:52:33.375
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 19:52:33.002
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 19:52:32.628
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 19:52:32.256
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 14:29:49.246
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-07-04 14:29:48.723
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 63%
Total physical RAM: 4094.32 MB
Available physical RAM: 1500.77 MB
Total Pagefile: 8391.92 MB
Available Pagefile: 5888.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (SYSTEM) (Fixed) (Total:327.54 GB) (Free:162.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:592.25 GB) (Free:428.3 GB) NTFS
Drive f: (DJ_AIO_06_F4500_) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: C347115F)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=328 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=592 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
