| kingsaday | 06.08.2013 19:37 |
Minimierung einiger Fenster
habe die vermutung das ich einen Virus auf meinem Rechner habe.
Ich komme dazu, weil wenn ich "vollbild" Spiele spiele schließen sie sich in unregelmäßigen abständen minimieren
Ich habe Windows 7 professional ; Service Pack 1; 32 bit version
Grafikkarte: Nvidia Gforce GTX 550 Ti
Prozessor: AMD Athlon II X4 640 Processor
Motherboard: Asus M4A77T/USB3 OTL Logfile: Code:
OTL logfile created on: 06.08.2013 16:34:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tim\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 71,36% Memory free
6,49 Gb Paging File | 4,75 Gb Available in Paging File | 73,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 53,61 Gb Total Space | 10,02 Gb Free Space | 18,68% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 280,61 Gb Free Space | 71,84% Space Free | Partition Type: NTFS
Drive E: | 487,17 Gb Total Space | 482,91 Gb Free Space | 99,12% Space Free | Partition Type: NTFS
Drive G: | 100,00 Mb Total Space | 71,51 Mb Free Space | 71,51% Space Free | Partition Type: NTFS
Computer Name: TIM-PC | User Name: tim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.08.06 16:33:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tim\Downloads\OTL.exe
PRC - [2013.07.25 02:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe
PRC - [2013.06.27 13:40:35 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.06.27 13:40:19 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.06.27 13:39:54 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.06.27 13:39:54 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.06.01 09:30:10 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.01.26 07:08:50 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\tim\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.07.17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2012.07.17 14:49:00 | 000,194,304 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.08.04 17:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011.08.04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011.03.14 19:09:00 | 002,565,520 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.07 09:56:11 | 000,138,192 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2011.01.16 17:04:04 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.16 16:13:52 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.20 14:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
PRC - [2010.11.20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010.05.24 11:10:34 | 001,683,360 | R--- | M] (VIA) -- C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2010.03.05 10:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2010.03.05 10:15:04 | 000,411,864 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2010.02.03 16:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2010.01.22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2003.04.17 08:54:16 | 000,012,288 | ---- | M] () -- D:\Programme\Winamp\winampa.exe
========== Modules (No Company Name) ==========
MOD - [2013.07.25 02:49:46 | 000,396,240 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013.07.25 02:49:44 | 004,052,944 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013.07.25 02:48:54 | 000,601,552 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013.07.25 02:48:53 | 000,123,344 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013.07.25 02:48:51 | 001,597,392 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2010.05.24 11:10:38 | 000,098,720 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2010.05.24 11:10:32 | 064,661,408 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\skin.dll
MOD - [2010.05.24 11:10:30 | 000,078,240 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2010.05.24 11:10:28 | 000,111,008 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2009.09.30 05:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\System32\AsIO.dll
MOD - [2009.07.31 21:39:08 | 000,503,202 | ---- | M] () -- C:\Programme\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2009.03.25 16:53:14 | 000,053,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009.03.19 22:35:52 | 000,208,896 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009.03.19 22:35:50 | 000,008,704 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009.01.15 14:55:10 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\pngio.dll
MOD - [2003.04.17 08:54:16 | 000,012,288 | ---- | M] () -- D:\Programme\Winamp\winampa.exe
========== Services (SafeList) ==========
SRV - [2013.06.27 13:40:35 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.06.27 13:39:54 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.27 00:28:25 | 004,467,488 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.02.07 09:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2011.01.16 16:13:52 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.03.05 10:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Programme\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2007.03.28 19:42:42 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\system32\XDva403.sys -- (XDva403)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva402.sys -- (XDva402)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva401.sys -- (XDva401)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\vtany.sys -- (vtany)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2013.06.13 14:41:27 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf003.sys -- (apf003)
DRV - [2013.04.20 15:38:44 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.20 15:38:44 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.20 15:38:44 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.04.20 15:38:44 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.02.18 09:22:18 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011.05.13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.05.13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.05.13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.05.13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.05.13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.05.15 13:11:42 | 001,150,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010.01.22 12:21:48 | 000,139,648 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010.01.22 12:21:46 | 000,059,904 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009.08.24 00:55:32 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009.08.04 04:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.16 05:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fde.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA 43 1C E0 BB 3D CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Programme\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=5CB7BCAEC5DEDEBC
IE - HKCU\..\SearchScopes\{7C6607F5-8B33-4aaa-A490-5DF91FFE8B58}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
IE - HKCU\..\SearchScopes\{D55190B2-D813-4b69-B994-68835272AACF}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.3.3.15
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.11
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013.07.17 14:27:30 | 000,000,000 | ---D | M]
[2013.04.20 14:22:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\Extensions
[2013.08.03 22:21:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\Firefox\Profiles\dps4hh4h.default\extensions
[2013.07.31 11:14:55 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.08.03 22:21:40 | 000,275,449 | ---- | M] () (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.05.31 12:39:43 | 000,006,473 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\babylon.xml
[2013.05.31 12:39:43 | 000,006,473 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\BrowserProtect.xml
[2013.04.21 19:05:04 | 000,001,294 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\delta.xml
[2013.07.17 14:27:30 | 000,000,000 | ---D | M] ("DVDVideoSoft YouTube MP3 and Video Download") -- C:\PROGRAM FILES\COMMON FILES\DVDVIDEOSOFT\PLUGINS\FF
[2013.04.21 19:04:58 | 000,006,470 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DealPlyLive Update (Enabled) = C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - Extension: Google Docs = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [WinampAgent] D:\Programme\Winamp\Winampa.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\tim\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F84B3D99-2ABE-49C4-B79D-E08C1ADA95D3}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.08.05 22:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.08.05 22:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.08.05 15:46:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.07.31 21:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
[2013.07.30 21:08:53 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX_MusicEditor
[2013.07.30 21:08:50 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Xara
[2013.07.30 21:08:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX
[2013.07.30 21:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2013.07.30 21:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\Video deluxe 2013
[2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX Downloads
[2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX
[2013.07.30 20:54:28 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\MAGIX
[2013.07.30 20:49:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared
[2013.07.30 20:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013.07.30 20:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2013.07.30 20:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013.07.30 20:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2013.07.30 12:03:48 | 000,000,000 | ---D | C] -- C:\Users\tim\Desktop\tante anna
[2013.07.29 17:33:04 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\OpenOffice
[2013.07.29 17:32:41 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
[2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\redist
[2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\readmes
[2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\licenses
[2013.07.25 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\My Cheat Tables
[2013.07.25 19:15:11 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\DealPlyLive
[2013.07.25 19:15:09 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Google
[2013.07.25 19:15:09 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
[2013.07.24 18:11:17 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Dragons-Empire
[2013.07.21 22:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL
[2013.07.21 22:05:48 | 000,000,000 | ---D | C] -- C:\Stormblade
[2013.07.19 19:10:25 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\PunkBuster
[2013.07.19 18:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[2013.07.19 18:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Solid State Networks
[2013.07.18 08:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2013.07.18 07:56:17 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Riot Games
[2013.07.17 22:22:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013.07.17 20:56:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Just Aion Launcher
[2013.07.17 20:41:54 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Chromium
[2013.07.17 15:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge
[2013.07.17 15:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge
[2013.07.17 14:41:14 | 000,000,000 | ---D | C] -- C:\Users\tim\Desktop\rap
[2013.07.17 14:27:38 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.07.17 14:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\OpenCandy
[2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\DVDVideoSoft
[2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013.07.16 17:12:52 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\SWTORPerf
[2013.07.16 17:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2013.07.16 15:32:52 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Ubisoft
[2013.07.16 15:32:50 | 000,000,000 | -HSD | C] -- C:\Users\tim\wc
[2013.07.16 15:32:49 | 000,000,000 | -HSD | C] -- C:\Users\tim\AppData\Roaming\wyUpdate AU
[2013.07.14 20:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJ
[2013.07.14 20:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2013.07.14 20:10:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX
[2013.07.14 20:10:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2013.07.14 20:10:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2013.07.14 20:10:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2013.07.14 20:09:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2013.07.14 20:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Benutzerregistrierung
[2013.07.14 20:07:39 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Canon
[2013.07.14 20:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series
[2013.07.14 20:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2013.07.14 20:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2013.07.14 20:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013.07.14 20:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual
[2013.07.14 20:02:10 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2013.07.14 20:02:00 | 000,035,328 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPUI.DLL
[2013.07.14 20:02:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING
[2013.07.14 20:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2013.07.11 22:06:13 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.07.11 22:06:12 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.07.11 22:06:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.07.11 22:06:12 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.07.11 22:06:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.07.11 22:06:11 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.07.11 22:06:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.07.11 22:06:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.07.11 22:06:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.07.11 22:06:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.07.11 16:59:34 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.07.11 16:59:33 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013.07.11 16:59:31 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.07.11 16:59:30 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013.07.09 17:45:43 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Paint.NET
========== Files - Modified Within 30 Days ==========
[2013.08.06 16:21:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.08.06 16:20:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job
[2013.08.06 16:15:00 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\Dealply.job
[2013.08.06 16:05:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.06 15:49:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.08.06 13:20:36 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.08.06 13:20:36 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.08.06 13:15:34 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.06 13:15:21 | 2615,808,000 | -HS- | M] () -- C:\hiberfil.sys
[2013.08.05 23:31:24 | 000,000,928 | ---- | M] () -- C:\Users\tim\Desktop\Royalsstar.lnk
[2013.08.05 22:01:45 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.08.05 15:46:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.08.04 11:24:32 | 000,000,983 | ---- | M] () -- C:\Users\tim\Desktop\Akimura2.lnk
[2013.08.02 17:15:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2013.07.31 21:22:47 | 000,000,790 | ---- | M] () -- C:\Users\tim\Desktop\CrossFire.lnk
[2013.07.31 09:29:26 | 000,544,648 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.07.30 21:08:49 | 000,120,200 | ---- | M] () -- C:\Windows\System32\DLLDEV32i.dll
[2013.07.30 21:08:46 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Premium.lnk
[2013.07.30 20:07:23 | 000,000,551 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013.07.30 19:50:21 | 000,004,509 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamStudio.cfg
[2013.07.30 19:50:21 | 000,000,408 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamShapes.ini
[2013.07.30 19:50:21 | 000,000,408 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamLayout.ini
[2013.07.30 19:50:21 | 000,000,096 | ---- | M] () -- C:\Users\tim\AppData\Roaming\Camdata.ini
[2013.07.30 13:33:40 | 000,696,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.07.30 13:33:40 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.30 13:33:40 | 000,147,916 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.07.30 13:33:40 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.07.30 11:08:37 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.07.30 11:08:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.07.29 18:02:04 | 000,016,727 | ---- | M] () -- C:\Users\tim\Desktop\Unbenannt 1.odt
[2013.07.29 17:32:41 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2013.07.21 22:05:54 | 000,000,232 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2013.07.19 20:01:33 | 000,139,424 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013.07.19 20:01:25 | 000,282,104 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2013.07.19 20:01:17 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2013.07.19 19:06:18 | 000,138,056 | ---- | M] () -- C:\Users\tim\AppData\Roaming\PnkBstrK.sys
[2013.07.18 08:49:31 | 000,001,497 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013.07.17 14:27:32 | 000,000,956 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2013.07.16 15:42:32 | 152,126,245 | ---- | M] () -- C:\Users\tim\openoffice1.cab
[2013.07.16 15:40:58 | 002,269,184 | ---- | M] () -- C:\Users\tim\openoffice400.msi
[2013.07.16 15:40:58 | 000,475,136 | ---- | M] () -- C:\Users\tim\setup.exe
[2013.07.16 15:40:58 | 000,000,279 | ---- | M] () -- C:\Users\tim\setup.ini
[2013.07.14 20:07:23 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2013.07.09 17:59:32 | 000,024,239 | ---- | M] () -- C:\Users\tim\Desktop\Diamond.jpg
========== Files Created - No Company Name ==========
[2013.08.05 23:31:24 | 000,000,928 | ---- | C] () -- C:\Users\tim\Desktop\Royalsstar.lnk
[2013.08.05 22:01:45 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.08.05 22:00:54 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.05 22:00:52 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.05 15:46:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.08.03 18:43:43 | 000,000,983 | ---- | C] () -- C:\Users\tim\Desktop\Akimura2.lnk
[2013.07.31 21:22:47 | 000,000,790 | ---- | C] () -- C:\Users\tim\Desktop\CrossFire.lnk
[2013.07.30 21:08:46 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Premium.lnk
[2013.07.30 20:07:23 | 000,000,551 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013.07.30 01:01:46 | 000,000,408 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamShapes.ini
[2013.07.30 01:01:46 | 000,000,408 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamLayout.ini
[2013.07.30 01:01:46 | 000,000,096 | ---- | C] () -- C:\Users\tim\AppData\Roaming\Camdata.ini
[2013.07.29 20:20:15 | 000,004,509 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamStudio.cfg
[2013.07.29 18:02:02 | 000,016,727 | ---- | C] () -- C:\Users\tim\Desktop\Unbenannt 1.odt
[2013.07.29 17:32:41 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2013.07.25 19:15:19 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job
[2013.07.25 19:15:09 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\Dealply.job
[2013.07.21 22:05:54 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013.07.19 19:11:34 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2013.07.19 19:06:18 | 000,139,424 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2013.07.19 19:06:17 | 000,138,056 | ---- | C] () -- C:\Users\tim\AppData\Roaming\PnkBstrK.sys
[2013.07.19 19:05:54 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2013.07.19 19:05:54 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0
[2013.07.19 19:05:51 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013.07.18 08:49:31 | 000,001,497 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013.07.17 14:27:32 | 000,000,956 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2013.07.16 15:42:32 | 152,126,245 | ---- | C] () -- C:\Users\tim\openoffice1.cab
[2013.07.16 15:40:58 | 002,269,184 | ---- | C] () -- C:\Users\tim\openoffice400.msi
[2013.07.16 15:40:58 | 000,475,136 | ---- | C] () -- C:\Users\tim\setup.exe
[2013.07.16 15:40:58 | 000,000,279 | ---- | C] () -- C:\Users\tim\setup.ini
[2013.07.14 20:04:51 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2013.07.09 17:59:26 | 000,024,239 | ---- | C] () -- C:\Users\tim\Desktop\Diamond.jpg
[2013.06.13 14:41:27 | 000,016,304 | ---- | C] () -- C:\Windows\System32\apl003.sys
[2013.06.13 14:41:27 | 000,013,232 | ---- | C] () -- C:\Windows\System32\apf003.sys
[2013.04.23 18:08:28 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2013.04.21 20:54:23 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013.04.21 19:02:04 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini
[2013.04.20 13:57:41 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2013.04.20 13:57:41 | 000,011,296 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2013.04.20 13:57:39 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2013.04.20 13:57:39 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2013.04.20 13:52:12 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.04.20 13:52:08 | 000,032,040 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
--- --- --- |
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
SecurityCheck und:
