Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr

schrauber · 25.09.2014, 19:11

Mach bitte einen Vollscan mit deinem AV Programm. Und noch das frische FRST log und die Antwort auf meine Frage

marlen101 · 25.09.2014, 20:34

Also das Internet ist jetzt um einiges schneller. Vielen Dank!
Aber das CD Laufwerk will einfach noch immer nicht...

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014
Ran by Dorina Heller (administrator) on MARLEN-NOTEBOOK on 25-09-2014 21:30:54
Running from C:\Users\Dorina Heller\Documents\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Logitech, Inc.) C:\Users\Dorina Heller\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LULnchr.exe
(Logitech, Inc.) C:\Users\Dorina Heller\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [561152 2011-04-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544104 2011-04-07] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2011-04-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-25] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [714104 2011-03-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [{90140000-0018-0407-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-21-176568798-3075008774-576170976-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-176568798-3075008774-576170976-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => [X]
HKU\S-1-5-21-176568798-3075008774-576170976-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [SysOff] => C:\Windows\SysWOW64\SYSPREP\ClosespV.exe
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [306688 2012-03-26] (FileHippo.com)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-18\...\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-0018-0407-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
AppInit_DLLs: c:\Windows\System32\nvinitx.dll => c:\Windows\System32\nvinitx.dll [226920 2011-05-11] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:61807;https=127.0.0.1:61807
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120911193311.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120911193312.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: WOT - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: NoScript - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-03]
FF Extension: Adblock Plus - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-06-07]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> enhanced-search.com
CHR DefaultSearchURL: Default -> hxxp://www.enhanced-search.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=66DE3E659DB18485&affID=121136&tsp=5007
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\program files (x86)\google\chrome\application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\program files (x86)\google\chrome\application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\program files (x86)\google\chrome\application\37.0.2062.120\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-21]
CHR Extension: (Google Drive) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-21]
CHR Extension: (No Name) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
CHR Extension: (Google-Suche) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-21]
CHR Extension: (SiteAdvisor) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-01-21]
CHR Extension: (Google Wallet) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Thpsrv; C:\windows\system32\ThpSrv.exe [526848 2010-12-24] (TOSHIBA Corporation) [File not signed]
R2 TosCoSrv; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [480256 2011-04-20] (TOSHIBA Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 sxtap; C:\Windows\System32\sxtap.sys [29696 2012-02-05] (iiNES GmbH)
S3 Tosrfcom; No ImagePath
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 15:20 - 2014-09-25 15:20 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\CANON_INC
2014-09-25 10:13 - 2014-09-25 10:13 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-24 22:33 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-24 22:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-09-19 12:14 - 2014-09-19 12:14 - 00000912 _____ () C:\mbam.new.txt
2014-09-19 12:12 - 2014-09-19 12:12 - 00000000 __SHD () C:\Users\Dorina Heller\AppData\Local\EmieUserList
2014-09-19 12:12 - 2014-09-19 12:12 - 00000000 __SHD () C:\Users\Dorina Heller\AppData\Local\EmieSiteList
2014-09-19 12:01 - 2014-09-19 12:01 - 00001391 _____ () C:\Users\Dorina Heller\Desktop\JRT.txt
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\windows\ERUNT
2014-09-19 11:41 - 2014-09-25 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 11:38 - 2014-09-19 12:01 - 00000000 ____D () C:\AdwCleaner
2014-09-19 11:36 - 2014-09-19 11:36 - 00000486 _____ () C:\mbam.txt
2014-09-18 21:36 - 2014-09-25 20:26 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 20:52 - 2014-09-18 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-18 20:52 - 2014-09-18 20:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-18 20:52 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-09-18 20:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-09-18 17:01 - 2014-09-18 17:01 - 00000000 ____D () C:\windows\Sun
2014-09-18 17:01 - 2014-09-18 17:01 - 00000000 ____D () C:\Users\Dorina Heller\4.0
2014-09-18 15:40 - 2014-09-18 15:40 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-18 15:40 - 2014-09-18 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-18 15:39 - 2014-09-18 15:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-18 15:39 - 2014-09-18 15:40 - 00000000 ____D () C:\Program Files\iTunes
2014-09-18 15:39 - 2014-09-18 15:40 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-18 15:39 - 2014-09-18 15:39 - 00000000 ____D () C:\Program Files\iPod
2014-09-18 13:59 - 2014-09-18 13:59 - 00040843 _____ () C:\ComboFix.txt
2014-09-18 12:47 - 2014-09-18 13:59 - 00000000 ____D () C:\Qoobox
2014-09-18 12:47 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-09-18 12:47 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-09-18 12:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-09-18 12:45 - 2014-09-18 13:58 - 00000000 ____D () C:\windows\erdnt
2014-09-16 23:31 - 2014-09-16 23:31 - 00347816 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\MicrosoftFixit.dvd.MATSKB.Run (1).exe
2014-09-16 23:05 - 2014-09-16 23:05 - 00347816 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-09-16 23:04 - 2014-09-16 23:04 - 00638243 _____ () C:\Users\Dorina Heller\Downloads\CDDVDWin8.meta.diagcab
2014-09-16 22:08 - 2014-09-16 22:09 - 00000000 ____D () C:\Users\Dorina Heller\.tfo4
2014-09-16 20:38 - 2014-09-16 20:38 - 00001275 _____ () C:\Users\Dorina Heller\Desktop\Revo Uninstaller.lnk
2014-09-16 20:38 - 2014-09-16 20:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-14 10:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-14 10:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-14 10:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-14 10:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-14 10:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-14 10:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-14 10:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-14 10:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-14 10:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-14 10:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-14 10:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-14 10:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-14 10:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-14 10:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-14 10:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-14 10:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-14 10:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-14 10:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-14 10:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-14 10:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-14 10:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-14 10:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-14 10:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-14 10:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 10:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-14 10:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-14 10:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-14 10:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-14 10:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-14 10:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-14 10:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-14 10:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-14 10:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-14 10:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-14 10:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-14 10:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-14 10:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-14 10:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-14 10:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-14 10:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-14 10:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-14 10:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 10:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-14 10:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-14 10:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-14 10:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-14 10:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-14 10:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-14 10:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-14 10:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-14 10:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-14 10:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-14 10:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-14 10:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-14 10:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-14 10:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-14 10:12 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-14 10:12 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-13 16:13 - 2014-09-25 21:31 - 00000000 ____D () C:\FRST
2014-09-13 16:11 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-13 16:11 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-13 15:56 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-13 15:56 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-13 15:55 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-13 15:55 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-13 15:55 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-13 15:55 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-13 15:55 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-13 15:30 - 2014-09-13 15:30 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-11 20:38 - 2014-09-11 20:38 - 00266288 _____ () C:\windows\Minidump\091114-51074-01.dmp
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-10 11:34 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-10 11:34 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-08-28 12:27 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-28 12:27 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-28 12:27 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-27 14:25 - 2014-08-27 14:25 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{F68BB0CC-8E97-411E-ADC9-B76F2851EBC6}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-25 21:31 - 2014-09-13 16:13 - 00000000 ____D () C:\FRST
2014-09-25 21:29 - 2013-10-24 12:14 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 20:44 - 2013-01-21 18:37 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 20:26 - 2014-09-18 21:36 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-25 19:49 - 2012-09-09 17:32 - 01223600 _____ () C:\windows\WindowsUpdate.log
2014-09-25 15:52 - 2012-09-09 20:10 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Gedanken
2014-09-25 15:20 - 2014-09-25 15:20 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\CANON_INC
2014-09-25 15:09 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-09-25 10:42 - 2013-06-07 14:30 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-09-25 10:16 - 2011-02-11 10:21 - 00699682 _____ () C:\windows\system32\perfh007.dat
2014-09-25 10:16 - 2011-02-11 10:21 - 00149790 _____ () C:\windows\system32\perfc007.dat
2014-09-25 10:16 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-25 10:14 - 2013-01-21 19:03 - 00002146 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 10:13 - 2014-09-25 10:13 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-25 10:02 - 2014-09-19 11:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 22:33 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-24 22:33 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-24 22:28 - 2013-01-21 18:37 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 12:14 - 2014-09-19 12:14 - 00000912 _____ () C:\mbam.new.txt
2014-09-19 12:12 - 2014-09-19 12:12 - 00000000 __SHD () C:\Users\Dorina Heller\AppData\Local\EmieUserList
2014-09-19 12:12 - 2014-09-19 12:12 - 00000000 __SHD () C:\Users\Dorina Heller\AppData\Local\EmieSiteList
2014-09-19 12:01 - 2014-09-19 12:01 - 00001391 _____ () C:\Users\Dorina Heller\Desktop\JRT.txt
2014-09-19 12:01 - 2014-09-19 11:38 - 00000000 ____D () C:\AdwCleaner
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\windows\ERUNT
2014-09-19 11:49 - 2012-09-09 23:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 11:45 - 2010-11-21 05:47 - 00520360 _____ () C:\windows\PFRO.log
2014-09-19 11:45 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-19 11:45 - 2009-07-14 06:51 - 00085829 _____ () C:\windows\setupact.log
2014-09-19 11:36 - 2014-09-19 11:36 - 00000486 _____ () C:\mbam.txt
2014-09-19 00:22 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\IME
2014-09-18 21:58 - 2012-10-01 18:54 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\GameCenter
2014-09-18 20:53 - 2012-09-09 19:31 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Malwarebytes
2014-09-18 20:53 - 2012-09-09 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 20:52 - 2014-09-18 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-18 20:52 - 2014-09-18 20:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-18 20:52 - 2012-09-09 19:31 - 00001073 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-18 18:54 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Bewerbungen
2014-09-18 17:01 - 2014-09-18 17:01 - 00000000 ____D () C:\windows\Sun
2014-09-18 17:01 - 2014-09-18 17:01 - 00000000 ____D () C:\Users\Dorina Heller\4.0
2014-09-18 17:01 - 2012-09-09 18:20 - 00000000 ____D () C:\Users\Dorina Heller
2014-09-18 16:09 - 2012-09-09 18:27 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Toshiba
2014-09-18 15:40 - 2014-09-18 15:40 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-18 15:40 - 2014-09-18 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-18 15:40 - 2014-09-18 15:39 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-18 15:40 - 2014-09-18 15:39 - 00000000 ____D () C:\Program Files\iTunes
2014-09-18 15:40 - 2014-09-18 15:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-18 15:39 - 2014-09-18 15:39 - 00000000 ____D () C:\Program Files\iPod
2014-09-18 15:36 - 2012-09-10 22:03 - 00000000 ____D () C:\ProgramData\Apple
2014-09-18 13:59 - 2014-09-18 13:59 - 00040843 _____ () C:\ComboFix.txt
2014-09-18 13:59 - 2014-09-18 12:47 - 00000000 ____D () C:\Qoobox
2014-09-18 13:59 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-18 13:58 - 2014-09-18 12:45 - 00000000 ____D () C:\windows\erdnt
2014-09-18 13:56 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-09-18 12:42 - 2013-12-22 16:33 - 00003990 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{174F0087-2257-44CC-8E99-A8AAB004518F}
2014-09-18 12:41 - 2011-05-25 21:33 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-18 12:35 - 2011-05-25 21:33 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-18 12:19 - 2013-07-19 09:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\HE Verlag
2014-09-18 12:19 - 2013-07-19 09:27 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Hubert_Ebner_Verlags_GmbH
2014-09-16 23:31 - 2014-09-16 23:31 - 00347816 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\MicrosoftFixit.dvd.MATSKB.Run (1).exe
2014-09-16 23:05 - 2014-09-16 23:05 - 00347816 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-09-16 23:04 - 2014-09-16 23:04 - 00638243 _____ () C:\Users\Dorina Heller\Downloads\CDDVDWin8.meta.diagcab
2014-09-16 22:48 - 2012-09-09 18:29 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Toshiba
2014-09-16 22:09 - 2014-09-16 22:08 - 00000000 ____D () C:\Users\Dorina Heller\.tfo4
2014-09-16 21:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-16 21:46 - 2011-05-25 21:18 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-16 21:12 - 2012-09-09 20:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-16 20:38 - 2014-09-16 20:38 - 00001275 _____ () C:\Users\Dorina Heller\Desktop\Revo Uninstaller.lnk
2014-09-16 20:38 - 2014-09-16 20:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-16 14:37 - 2013-12-21 20:22 - 00000217 _____ () C:\Users\Dorina Heller\AppData\Roaming\WB.CFG
2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-09-14 10:11 - 2014-05-07 02:07 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-13 15:31 - 2014-03-24 12:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-13 15:30 - 2014-09-13 15:30 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-13 15:30 - 2014-03-24 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-13 13:57 - 2014-02-22 12:26 - 00031232 ___SH () C:\Users\Dorina Heller\Documents\Thumbs.db
2014-09-12 10:16 - 2012-09-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 10:15 - 2014-02-26 03:38 - 01594964 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-12 10:13 - 2013-08-16 00:11 - 00000000 ____D () C:\windows\system32\MRT
2014-09-12 09:55 - 2012-09-09 20:04 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-12 05:41 - 2011-05-25 21:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-09-12 05:41 - 2011-05-25 20:58 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2014-09-12 05:41 - 2011-05-25 20:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-09-12 05:41 - 2011-05-25 20:49 - 00000000 ____D () C:\Program Files\PlayReady
2014-09-12 05:41 - 2011-02-11 10:20 - 00000000 ____D () C:\windows\SysWOW64\de
2014-09-12 05:41 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-12 05:41 - 2010-11-21 09:06 - 00000000 ____D () C:\windows\SysWOW64\sysprep
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\uk-UA
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\th-TH
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sr-Latn-CS
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sppui
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sl-SI
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sk-SK
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Setup
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ro-RO
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Recovery
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ras
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\oobe
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\manifeststore
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\lv-LV
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\lt-LT
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\InstallShield
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\icsxml
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\hr-HR
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\he-IL
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\et-EE
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\com
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\bg-BG
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ar-SA
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\AdvancedInstallers
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\migwiz
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\servicing
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\L2Schemas
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-12 05:38 - 2012-09-09 18:05 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-09-12 05:38 - 2012-09-09 17:55 - 00000000 ____D () C:\windows\SysWOW64\SDA
2014-09-12 05:38 - 2012-09-09 17:47 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-09-12 05:38 - 2012-09-09 17:43 - 00000000 ____D () C:\windows\SysWOW64\Microsoft.VC80.MFC
2014-09-12 05:38 - 2012-09-09 17:42 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-09-12 05:37 - 2012-09-11 20:07 - 00000000 ____D () C:\windows\system32\Macromed
2014-09-12 05:37 - 2012-09-10 22:03 - 00000000 ____D () C:\windows\System32\Tasks\Apple
2014-09-12 05:37 - 2012-09-09 20:33 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-12 05:37 - 2011-02-11 10:20 - 00000000 ____D () C:\windows\system32\de
2014-09-12 05:37 - 2009-07-14 07:32 - 00000000 ____D () C:\windows\system32\restore
2014-09-12 05:37 - 2009-07-14 07:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-09-12 05:37 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-12 05:36 - 2010-11-21 09:16 - 00000000 ____D () C:\windows\ShellNew
2014-09-12 05:35 - 2014-06-07 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-09-12 05:35 - 2014-03-18 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter
2014-09-12 05:35 - 2014-03-16 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-12 05:35 - 2014-01-02 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-09-12 05:35 - 2013-11-13 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-12 05:35 - 2013-03-16 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 05:35 - 2013-01-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 05:35 - 2012-11-15 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-09-12 05:35 - 2012-09-09 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-12 05:35 - 2012-09-09 20:10 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Coeurier
2014-09-12 05:35 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Artikel_Reports_Letters_Family
2014-09-12 05:35 - 2012-09-09 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2014-09-12 05:35 - 2012-09-09 18:20 - 00000000 ___RD () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:35 - 2012-09-09 18:20 - 00000000 ___RD () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:35 - 2012-09-09 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA VIDEO PLAYER
2014-09-12 05:35 - 2012-09-09 17:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:35 - 2012-09-09 17:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:35 - 2011-05-25 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Service
2014-09-12 05:34 - 2014-06-07 15:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-09-12 05:34 - 2014-01-02 17:08 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-09-12 05:34 - 2013-06-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-12 05:34 - 2013-03-16 18:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 05:34 - 2012-10-01 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GameCenter
2014-09-12 05:34 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-12 05:34 - 2012-09-10 21:06 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-09-12 05:34 - 2012-09-09 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2014-09-12 05:34 - 2012-09-09 18:27 - 00000000 ____D () C:\Program Files\Amazon
2014-09-12 05:34 - 2012-09-09 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2014-09-12 05:33 - 2013-03-16 18:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 05:33 - 2012-09-09 19:09 - 00000000 ____D () C:\Program Files (x86)\Panda USB Vaccine
2014-09-12 05:33 - 2011-05-25 20:57 - 00000000 ____D () C:\Program Files (x86)\Photo-Service
2014-09-12 05:32 - 2014-05-11 22:46 - 00000000 ____D () C:\Program Files (x86)\Anki
2014-09-12 05:32 - 2014-03-18 18:14 - 00000000 ____D () C:\Program Files (x86)\InstallConverter
2014-09-12 05:32 - 2013-06-07 14:23 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-12 05:32 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-12 05:32 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-12 05:32 - 2012-09-09 19:08 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-09-12 05:32 - 2012-09-09 18:26 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-09-12 05:20 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2014-09-12 04:57 - 2014-03-24 12:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-11 22:30 - 2013-10-24 12:14 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 22:30 - 2012-09-11 20:07 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 22:30 - 2012-09-11 20:07 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-11 20:38 - 2014-09-11 20:38 - 00266288 _____ () C:\windows\Minidump\091114-51074-01.dmp
2014-09-11 20:38 - 2014-04-13 20:30 - 00000000 ____D () C:\windows\Minidump
2014-09-11 20:37 - 2014-04-13 20:29 - 878928776 _____ () C:\windows\MEMORY.DMP
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-10 00:11 - 2014-09-24 22:33 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-09-09 23:47 - 2014-09-24 22:33 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-09-05 14:52 - 2014-05-17 00:50 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Windows Live
2014-09-05 04:10 - 2014-09-13 16:11 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-13 16:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-30 19:21 - 2013-09-30 21:01 - 00000000 ____D () C:\Users\Dorina Heller\Documents\1_SOAS
2014-08-29 10:42 - 2009-07-14 06:45 - 00341344 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-28 00:23 - 2013-10-12 12:34 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Skype
2014-08-27 14:25 - 2014-08-27 14:25 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{F68BB0CC-8E97-411E-ADC9-B76F2851EBC6}
2014-08-27 14:23 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Bilder

Some content of TEMP:
====================
C:\Users\Dorina Heller\AppData\Local\Temp\avgnt.exe
C:\Users\Dorina Heller\AppData\Local\Temp\FileSystemView.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 18:50

==================== End Of Log ============================

--- --- ---

--- --- ---

Und hier die ESET file, das hab ich jetzt doch gefunden, lag also an mir nicht am Programm

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b6c33d741f946e4c810c158763362afe
# engine=20289
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-25 12:26:23
# local_time=2014-09-25 02:26:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 1155249 18326700 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 57115 163277833 0 0
# scanned=215394
# found=25
# cleaned=0
# scan_time=14943
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=9ABE489AF3684ABB96AB39F112768F69C83D0F8E ft=1 fh=f7fcd12f54d4e5cc vn="Win32/SpeedingUpMyPC.O Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=1375A8FFF1D262AD65AB09311A91AA9B96E83049 ft=1 fh=72898e0453db9d6a vn="Variante von Win32/SProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll.vir"
sh=9F8E488CB68193DABA2E820964EB6BB5B0053BA0 ft=1 fh=5c179f4fc04177a8 vn="Variante von Win64/SProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll.vir"
sh=2F367F244D08950211E4C05FB8EF8E0959BB773A ft=1 fh=20d3e0bbdedcd685 vn="Variante von Win32/AdWare.SpeedingUpMyPC.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir"
sh=410B32FD3FE4642644AD91AC60C69B86EC2762DD ft=1 fh=0e378a435beab91a vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=EFA112171D7EB49C8B65ABD5D393E044BD4891BC ft=1 fh=9251f61a566215ca vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\InstallConverter bundle uninstaller\uninstaller.exe"
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=B93A611E29C3BD6E13E9F3A2BD98F17EED127102 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPly.xpi.vir"
sh=30D457E18D2B8CAF0B8900A4D64146CB171B57E0 ft=1 fh=c5d4173284eff9c1 vn="Variante von Win32/DealPly.G evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir"
sh=2D6B1EC0EFA47C992C32AD9CECFB0EC4543ACA0A ft=1 fh=7076499debea4e9c vn="Variante von Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateVer.exe.vir"
sh=AAEA2D2C15813161F9E114E6E1708CE545D5C8CA ft=1 fh=0022d452663e533e vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SaveSense\SaveSenseUpdateVer.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir"
sh=10903598F769E2AC5F1E2372E90F6722A3A860B7 ft=1 fh=89560075533c3d40 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=88482528CE4F67A1004B50BA93282CEACCEDE534 ft=1 fh=e40b702402e604d5 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir"
sh=70D49B9ABA391E6976DAB5C4BEA63733459B3F1C ft=1 fh=0b76a05977e7722a vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir"
sh=F09B9B9B1D16D1539D23CC6ACDE0DC7BC983DF59 ft=1 fh=2dbadf99ca2df2d7 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir"
sh=268B9BF11D42D95D9C69CEFEB867A4CD144150B0 ft=1 fh=652c9ef5cadc4059 vn="Variante von Win32/YourFileDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Dorina Heller\Downloads\ad_johannem_de_columna_petrarca_deambulabamus_romae_soli_übersetzung_downloader.exe.part"
sh=BE1A961184324D52B42E6CCC3B8CB783A06F83C4 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\DORINA-NOTEBOOK\Backup Set 2012-04-11 223150\Backup Files 2012-04-11 223150\Backup files 2.zip"
sh=87CED16CFC83C1F0F34510E230E25CFC83BB92AC ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AEIT Trojaner" ac=I fn="D:\DORINA-NOTEBOOK\Backup Set 2012-04-11 223150\Backup Files 2012-04-15 194130\Backup files 1.zip"
sh=33267EA4498F95918D2B6D4FE382B506938F3905 ft=0 fh=0000000000000000 vn="Win32/Spy.Banker.XSL Trojaner" ac=I fn="D:\DORINA-NOTEBOOK\Backup Set 2012-04-11 223150\Backup Files 2012-05-06 204831\Backup files 1.zip"
sh=06AF24047869C2313C1D869F34FBD8FEB6967B3F ft=0 fh=0000000000000000 vn="Variante von Win32/Spy.Banker.XSL Trojaner" ac=I fn="D:\DORINA-NOTEBOOK\Backup Set 2012-04-11 223150\Backup Files 2012-05-13 190002\Backup files 1.zip"
sh=A5DF1E4505DFF63EFFBCA765346DC6E763092BCF ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\DORINA-NOTEBOOK\Backup Set 2012-04-11 223150\Backup Files 2012-05-20 190002\Backup files 1.zip"

schrauber · 26.09.2014, 15:42

Download Ordner leeren, Backup auf D löschen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ProxyServer: http=127.0.0.1:61807;https=127.0.0.1:61807
CHR DefaultSearchKeyword: Default -> enhanced-search.com
CHR DefaultSearchURL: Default -> hxxp://www.enhanced-search.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=66DE3E659DB18485&affID=121136&tsp=5007

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Was genau ist mit dem CD Laufwerk?

marlen101 · 26.09.2014, 16:31

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-09-2014
Ran by Dorina Heller at 2014-09-26 17:29:25 Run:1
Running from C:\Users\Dorina Heller\Documents\Downloads
Loaded Profile: Dorina Heller (Available profiles: UpdatusUser & Dorina Heller)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyServer: http=127.0.0.1:61807;https=127.0.0.1:61807
CHR DefaultSearchKeyword: Default -> enhanced-search.com
CHR DefaultSearchURL: Default -> hxxp://www.enhanced-search.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=66DE3E659DB18485&affID=121136&tsp=5007

*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
Chrome DefaultSearchKeyword deleted successfully.
Chrome DefaultSearchURL deleted successfully.

==== End of Fixlog ====

Das CD Laufwerk erkennt keine CDs/DVDs mehr...aber der Gerätemanager meint es funktioniert einwandfrei, Treiber hab ich auch schon versucht neu zu installieren, aber unverändert...

schrauber · 26.09.2014, 19:46

Dann wird das Laufwerk einfach kaputt sein.

marlen101 · 26.09.2014, 19:53

Okay...muss ich sonst noch irgendwas bei dem Computer machen?

Vielen vielen Danke für die tolle Hilfe bis jetzt!!
Lg marlen

schrauber · 27.09.2014, 19:11

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

marlen101 · 08.10.2014, 16:10

Hallo, doch noch eine Sache: Ich hab mir jetzt zwei verschiedene externe Laufwerke gekauft weil ich davon ausgegangen bin, dass das des Computers kaputt ist. Beide Laufwerke werden erkannt, aber es kann auf keinen Datenträger zugegriffen werden ("eventuell beschädigt. Stellen Sie sicher, dass der Datenträger ein Format verwendet, das von Windows erkannt wird....") An den Cds/DVDs kanns nicht liegen, da hab ich mehrere ausprobiert. Irgendwelche Ideen?

Vielen Dank, lg marlen

schrauber · 09.10.2014, 10:50

Was für laufwerke sind das?

marlen101 · 21.10.2014, 21:14

Die Sache mit den Laufwerken hat sich erledigt, hab ein neues eingebaut. Vielen Dank noch mal!!

Lg marlen

schrauber · 22.10.2014, 18:11

Gern Geschehen

25.09.2014, 19:11	#16
schrauber /// the machine /// TB-Ausbilder	Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr Mach bitte einen Vollscan mit deinem AV Programm. Und noch das frische FRST log und die Antwort auf meine Frage __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

26.09.2014, 19:46	#20
schrauber /// the machine /// TB-Ausbilder	Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr Dann wird das Laufwerk einfach kaputt sein. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

09.10.2014, 10:50	#24
schrauber /// the machine /// TB-Ausbilder	Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr Was für laufwerke sind das? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

22.10.2014, 18:11	#26
schrauber /// the machine /// TB-Ausbilder	Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr

Plagegeister aller Art und deren Bekämpfung: Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr