| mimi8674 | 04.09.2013 20:15 |
erledigt..... Code:
# AdwCleaner v3.002 - Bericht erstellt am 04/09/2013 um 20:59:21
# Updated 01/09/2013 von Xplode
# Betriebssystem : Windows 7 Starter Service Pack 1 (32 bits)
# Benutzername : Michael - MICHAEL-NETBOOK
# Gestartet von : C:\Users\Michael\Desktop\adware tools\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\AlawarWrapper
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Ordner Gelöscht : C:\Users\Michael\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Michael\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Michael\AppData\Local\AlawarWrapper
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\Media Finder
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Michael\AppData\Roaming\Systweak
Datei Gelöscht : C:\Windows\system32\roboot.exe
Datei Gelöscht : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\\invalidprefs.js
Datei Gelöscht : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\searchplugins\ask-search.xml
Datei Gelöscht : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\user.js
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\System32\Tasks\DSite
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{750C6296-EC2D-482A-A1F7-0C9CFE826240}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{750C6296-EC2D-482A-A1F7-0C9CFE826240}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\955d7dcb269ba44
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MediaFinder
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyrixeeker
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16660
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "140e7c98acd624852ca8d2f78eefa7f0");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "4");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "83BF39334AD08F76B9696FD1E2DC6985");
Zeile gelöscht : user_pref("extensions.delta.id", "bc956ef500000000000074f06d0fb3f4");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15952");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.24.68:26:31");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.sg", "azb");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.24.68:26:31");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.24.6");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=120695&tsp=4995");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
*************************
AdwCleaner[R0].txt - [8594 octets] - [04/09/2013 20:57:48]
AdwCleaner[S0].txt - [8371 octets] - [04/09/2013 20:59:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8431 octets] ##########
FRST Scan
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-09-2013 03
Ran by Michael at 2013-09-04 21:10:27
Running from C:\Users\Michael\Desktop\adware tools
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 9.20
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Any DWG to Image Converter 2010
ASUSUpdate for Eee PC (Version: 1.06.02)
AsusVibe2.0 (Version: 2.0.9.157)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.29)
Avira Free Antivirus (Version: 13.0.0.4052)
Benutzerhandbuch - Grundlagen EPSON XP-302 303 305 306 Series
Benutzerhandbuch EPSON XP-302 303 305 306 Series
Brother P-touch Editor 5.0 (Version: 5.0.2300)
Canon CanoScan Toolbox 4.1
CapsHook (Version: 1.0.0.7)
CDBurnerXP (Version: 4.4.2.3442)
DHTML Editing Component (Version: 6.02.0001)
DraftSight (Version: 9.1.173)
Dropbox (HKCU Version: 2.0.22)
Druckerdeinstallation für EPSON XP-302 303 305 306 Series
Easy Poster Printer (Version: 6.0.0)
E-Cam (Version: 2.0.2.5)
Eee Docking 3.8.3 (Version: 3.8.3)
Epson Connect Printer Setup (Version: 1.1.1)
Epson Easy Photo Print 2 (Version: 2.3.2.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 3.01.0000)
Epson E-Web Print (Version: 1.17.0000)
EPSON Printer Finder (Version: 1.0.0)
EPSON Scan
EpsonNet Print (Version: 2.5.00)
ETDWare PS/2-x86 7.0.5.13_WHQL (Version: 7.0.5.13)
Firebird SQL Server - MAGIX Edition (Version: 2.1.27.0)
FM PDF To JPG Converter Free 3.0 (Version: 3.0)
FormatFactory 3.0.1 (Version: 3.0.1)
Free DVD Video Converter version 2.0.13.128 (Version: 2.0.13.128)
Free Video to MP3 Converter version 5.0.17.903 (Version: 5.0.17.903)
Free YouTube Download version 3.2.0.128 (Version: 3.2.0.128)
Free YouTube to MP3 Converter version 3.12.9.725 (Version: 3.12.9.725)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (Version: 1)
Hotkey Service (Version: 1.32)
IcoFX 1.6.4
Intel(R) Graphics Media Accelerator Driver (Version: 8.14.10.2230)
IrfanView (remove only) (Version: 4.32)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
LibreOffice 4.0 Help Pack (German) (Version: 4.0.2.2)
LibreOffice 4.0.2.2 (Version: 4.0.2.2)
LiveUpdate (Version: 1.29)
MAGIX Foto Designer 7 (Version: 7.0.1.1)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed burnR (Version: 6.0.1.4)
MAGIX Video deluxe 16 9.0.1.60 (D) (Version: 9.0.1.60)
MEDION NAS TOOL
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219)
Microsoft Office 97, Professional Edition
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 DEU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Visual Basic 2010 Express - DEU (Version: 10.0.40219)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (Version: 10.0.40303)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Mozilla Thunderbird 15.0.1 (x86 de) (Version: 15.0.1)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyKeyFinder (Version: 2013)
MyTomTom 3.2.0.1116 (Version: 3.2.0.1116)
Netzwerkhandbuch EPSON XP-302 303 305 306 Series
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Paragon Backup & Recovery™ 2012 Free (Version: 90.00.0003)
PC Connectivity Solution (Version: 12.0.48.0)
PC Inspector smart recovery (Version: 4.50)
PCConfigurator 1.10
PDF Creator
PDF24 Creator 5.7.0
Picasa 3 (Version: 3.8)
Realtek High Definition Audio Driver (Version: 6.0.1.6373)
REALTEK Wireless LAN Driver (Version: 1.00.0159)
Samsung PC Studio 3 (Version: 3.0.0.80601)
Service Pack 1 für SQL Server 2008 (KB 968369) (Version: 10.1.2531.0)
Softwareprofi Database Engine 1.02 (Version: 1.02)
Spybot - Search & Destroy (Version: 2.1.19)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Steganos Password Manager 12 (Version: 12.0.2)
Super Hybrid Engine (Version: 2.19)
Surf & E-Mail-Stick (Version: 11.301.08.00.35)
Telescope Driver (Version: 10.30.09)
The Island: Castaway
TightVNC (Version: 2.7.7.0)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Turbo Lister 2 (Version: 2.00.0000)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (Version: 10.1.2731.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for PDF Creator
Verein70
VirtualCloneDrive
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (Version: 4.0.8080.0)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.0.7 (Version: 2.0.7)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
WinPcap 4.1.2 (Version: 4.1.0.2001)
Wireshark 1.8.6 (32-bit) (Version: 1.8.6)
==================== Restore Points =========================
13-07-2013 10:46:13 Windows Update
18-07-2013 15:08:02 Installed Easy Poster Printer
18-07-2013 15:12:17 Installed Easy Poster Printer
28-07-2013 10:26:57 Windows Update
04-08-2013 14:22:58 Geplanter Prüfpunkt
16-08-2013 06:09:40 Windows Update
04-09-2013 14:11:23 Geplanter Prüfpunkt
04-09-2013 18:50:49 Removed Software Updater
==================== Hosts content: ==========================
2009-07-14 04:04 - 2013-09-03 13:30 - 00449438 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => start w32time task_started
Task: {2A720BC6-FC78-4F59-BE70-F99AF7474CD4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe No File
Task: {4028D533-E96F-49E9-97B7-8D4908950A37} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe No File
Task: {460C22A4-C268-4920-B568-6CFB137CECFF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-02] (Adobe Systems Incorporated)
Task: {8115B62B-33D0-428D-8889-E7C51D9C3542} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe No File
Task: {8690E783-DB65-41C6-9E98-7A2B758C2FBE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-409867911-234185126-4047664584-1000
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2010-04-13 15:34 - 2012-10-05 09:26 - 00334216 _____ (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDApix.dll
2013-01-03 19:20 - 1997-09-04 00:00 - 00022016 _____ () C:\Windows\system32\docobj.dll
2012-11-21 18:41 - 2011-01-26 19:59 - 00319488 _____ (SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
2009-07-14 01:53 - 2009-07-14 03:16 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\NetworkItemFactory.dll
2009-07-14 01:53 - 2009-07-14 03:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\dtsh.dll
2009-07-14 01:53 - 2009-07-14 03:15 - 00081920 _____ (Microsoft Corporation) C:\Windows\System32\fdwcn.dll
2009-07-14 01:53 - 2009-07-14 03:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\wcnapi.dll
2009-07-14 01:22 - 2009-07-14 03:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
2009-07-14 01:37 - 2009-07-14 03:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\dfscli.dll
2012-11-21 20:10 - 2009-12-14 19:31 - 00101544 _____ (Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll
2009-11-25 19:14 - 2009-11-25 19:14 - 00480520 _____ (ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Integration\SprintIntegration.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 04422992 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP100.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00064336 _____ (Microsoft Corporation) C:\Windows\system32\MFC100DEU.DLL
2013-05-25 12:30 - 2012-08-23 10:45 - 02169224 _____ (Embarcadero Technologies, Inc.) C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl
2013-05-25 12:30 - 2012-08-23 10:45 - 02477736 _____ (Embarcadero Technologies, Inc.) C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl
2013-05-25 12:31 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-05-25 12:30 - 2013-05-16 10:55 - 03643800 _____ (Project JEDI) C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl
2013-05-25 12:31 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2010-11-18 18:08 - 2010-11-18 18:08 - 00055808 _____ (Igor Pavlov) C:\Programme\7-Zip\7-zip.dll
2012-10-04 13:48 - 2010-11-15 12:27 - 00208792 _____ (ASUS) C:\Program Files\ASUS\CapsHook\Hook.dll
2010-02-03 14:08 - 2012-10-05 09:26 - 00291720 _____ (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDFavorite.dll
2010-06-11 17:43 - 2012-10-05 09:26 - 00261000 _____ (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCmds.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 00291328 _____ (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\LcMgr.dll
2011-04-14 10:16 - 2011-04-14 10:16 - 00136704 _____ (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\ScanEngine30.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 00055808 _____ (SEIKO EPSON CORP.) C:\Program Files\EPSON Software\Event Manager\ScnMgr10.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 00206336 _____ (SEIKO EPSON CORP.) C:\Program Files\EPSON Software\Event Manager\ScnCom10.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 00082944 _____ (SEIKO EPSON CORP.) C:\Program Files\EPSON Software\Event Manager\ScnEps25.dll
2013-05-15 16:42 - 2013-04-13 06:45 - 00474624 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcSpecfc.DLL
2011-11-25 18:47 - 2011-11-25 18:47 - 00110080 _____ (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\epnsm.dll
2005-01-13 11:47 - 2005-01-13 11:47 - 00049152 _____ (SEIKO EPSON CORP.) C:\Program Files\EPSON Software\Event Manager\ESPSUTL.dll
2011-03-07 02:52 - 2011-03-07 02:52 - 00134512 _____ (Elaborate Bytes AG) C:\Windows\system32\ElbyVCD.dll
2011-03-07 04:08 - 2011-03-07 04:08 - 00093552 _____ (Elaborate Bytes AG) C:\Windows\system32\ElbyCDIO.dll
2012-09-25 19:40 - 2010-10-25 04:53 - 00094208 _____ (Intel Corporation) C:\Windows\System32\hccutils.DLL
2012-09-25 19:41 - 2010-10-25 04:53 - 00051712 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2010-10-25 04:56 - 2010-10-25 04:56 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-09-25 19:41 - 2010-10-25 04:53 - 05702656 _____ (Intel Corporation) C:\Windows\System32\igfxress.dll
2013-05-25 12:31 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-05-25 12:30 - 2012-08-23 10:45 - 00243112 _____ (Embarcadero Technologies, Inc.) C:\Program Files\Spybot - Search & Destroy 2\vclx150.bpl
2013-05-25 12:30 - 2012-08-23 10:45 - 00329120 _____ (Embarcadero Technologies, Inc.) C:\Program Files\Spybot - Search & Destroy 2\vclimg150.bpl
2013-08-16 08:12 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2009-07-14 01:23 - 2009-07-14 03:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\SrClient.dll
2012-09-27 21:14 - 2010-11-20 14:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\SPP.dll
2009-07-14 01:23 - 2009-07-14 03:16 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\VssTrace.DLL
2012-09-25 19:40 - 2010-10-25 04:53 - 00218112 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2012-11-07 20:50 - 2013-07-22 11:09 - 00057384 _____ (Geek Software GmbH) C:\Program Files\PDF24\Settings.dll
2012-11-07 20:50 - 2013-07-22 11:09 - 00395304 _____ (Geek Software GmbH) C:\Program Files\PDF24\NotifyIcon.dll
2012-11-07 20:50 - 2013-07-22 11:09 - 00047144 _____ (Geek Software GmbH) C:\Program Files\PDF24\Language.dll
2012-11-07 20:50 - 2013-07-22 11:09 - 00383016 _____ (Geek Software GmbH) C:\Program Files\PDF24\About.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00026040 _____ () C:\Program Files\MyTomTom 3\DeviceDetection.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00087992 _____ (TomTom) C:\Program Files\MyTomTom 3\DeviceNavManager.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00074680 _____ () C:\Program Files\MyTomTom 3\TomTomSupporterBase.dll
2012-12-07 11:50 - 2012-12-07 11:50 - 02555392 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\MyTomTom 3\QtCore4.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00135096 _____ (TomTom) C:\Program Files\MyTomTom 3\DeviceController.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00279480 _____ () C:\Program Files\MyTomTom 3\TomTomSupporterProxy.dll
2012-12-07 11:52 - 2012-12-07 11:52 - 01028096 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\MyTomTom 3\QtNetwork4.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00321976 _____ (TomTom) C:\Program Files\MyTomTom 3\TomTomSupporterCore.dll
2012-12-07 11:50 - 2012-12-07 11:50 - 00355840 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\MyTomTom 3\QtXml4.dll
2012-12-07 12:08 - 2012-12-07 12:08 - 08090112 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files\MyTomTom 3\QtGui4.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00114616 _____ (TomTom) C:\Program Files\MyTomTom 3\plugins\DeviceNavEthernetManager.dll
2013-04-16 19:00 - 2011-04-14 01:00 - 00105472 _____ (SEIKO EPSON Corporation) C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FAUDIKE.DLL
2013-04-16 19:00 - 2012-07-02 05:00 - 00178688 _____ (SEIKO EPSON Corporation) C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FMAIIKE.DLL
2013-04-16 19:00 - 2012-07-23 06:00 - 01526784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FUICIKE.DLL
2012-09-27 21:13 - 2010-11-20 14:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2009-07-14 01:33 - 2009-07-14 03:09 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\security.dll
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Michael\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Michael\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Michael\AppData\Roaming\Dropbox\bin\icudt.dll
2013-04-21 12:10 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_43.dll
2013-04-21 12:10 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_43.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/04/2013 08:55:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 23.0.1.4974, Zeitstempel: 0x520bc252
Name des fehlerhaften Moduls: xul.dll, Version: 23.0.1.4974, Zeitstempel: 0x520bc166
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017af08
ID des fehlerhaften Prozesses: 0x9bc
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (09/04/2013 08:34:43 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00011380
ID des fehlerhaften Prozesses: 0xed8
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3
Error: (09/04/2013 04:18:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/04/2013 04:08:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/03/2013 01:17:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 23.0.1.4974, Zeitstempel: 0x520bc252
Name des fehlerhaften Moduls: xul.dll, Version: 23.0.1.4974, Zeitstempel: 0x520bc166
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017af08
ID des fehlerhaften Prozesses: 0x1160
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (09/03/2013 11:13:46 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 23.0.1.4974 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1248
Startzeit: 01cea8855e91138d
Endzeit: 41
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 1f1391d5-1479-11e3-b6ce-f46d041965c9
Error: (09/03/2013 10:53:20 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_enhancedNT.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc637
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00039342
ID des fehlerhaften Prozesses: 0x19c
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_enhancedNT.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_enhancedNT.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_enhancedNT.dll2
Berichtskennung: rundll32.exe_enhancedNT.dll3
Error: (09/03/2013 09:51:33 AM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 23.0.1.4974 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1350
Startzeit: 01cea8796746b925
Endzeit: 115
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: a281f601-146d-11e3-b6ce-f46d041965c9
Error: (09/03/2013 09:16:24 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x050f0fef
ID des fehlerhaften Prozesses: 0x9ec
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (08/12/2013 06:46:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b
Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00173668
ID des fehlerhaften Prozesses: 0x1e78
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
System errors:
=============
Error: (09/04/2013 07:46:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (09/04/2013 07:45:28 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (09/04/2013 07:44:58 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (09/04/2013 07:44:20 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (09/04/2013 05:35:04 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (09/04/2013 04:37:41 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{669ef2ad-0732-11e2-b194-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{B8022B1E-0921-4388-AA5D-6FFCB35FB5BF}
Error: (09/04/2013 03:19:11 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (09/04/2013 03:17:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (09/04/2013 03:17:20 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (09/04/2013 02:36:01 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Microsoft Office Sessions:
=========================
Error: (09/04/2013 08:55:51 PM) (Source: Application Error)(User: )
Description: firefox.exe23.0.1.4974520bc252xul.dll23.0.1.4974520bc166c00000050017af089bc01cea99fe296d9fbC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll9e2878ad-1593-11e3-83b2-f46d041965c9
Error: (09/04/2013 08:34:43 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c000000500011380ed801cea99d5a82ecb2C:\Program Files\Avira\AntiVir Desktop\avnotify.exeC:\Program Files\Avira\AntiVir Desktop\avnotify.exeaa4e01f7-1590-11e3-83b2-f46d041965c9
Error: (09/04/2013 04:18:55 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\Program Files\Microsoft Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe
Error: (09/04/2013 04:08:23 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\EPSON Software\Download Navigator\EPSDNLMW64.EXE
Error: (09/03/2013 01:17:35 PM) (Source: Application Error)(User: )
Description: firefox.exe23.0.1.4974520bc252xul.dll23.0.1.4974520bc166c00000050017af08116001cea8932d13b287C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll6ee0c7b1-148a-11e3-b6ce-f46d041965c9
Error: (09/03/2013 11:13:46 AM) (Source: Application Hang)(User: )
Description: firefox.exe23.0.1.4974124801cea8855e91138d41C:\Program Files\Mozilla Firefox\firefox.exe1f1391d5-1479-11e3-b6ce-f46d041965c9
Error: (09/03/2013 10:53:20 AM) (Source: Application Error)(User: )
Description: rundll32.exe_enhancedNT.dll6.1.7600.163854a5bc637ole32.dll6.1.7601.175144ce7b96fc00000050003934219c01cea878cc5b78f0C:\Windows\system32\rundll32.exeC:\Windows\system32\ole32.dll47ef613e-1476-11e3-b6ce-f46d041965c9
Error: (09/03/2013 09:51:33 AM) (Source: Application Hang)(User: )
Description: firefox.exe23.0.1.4974135001cea8796746b925115C:\Program Files\Mozilla Firefox\firefox.exea281f601-146d-11e3-b6ce-f46d041965c9
Error: (09/03/2013 09:16:24 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d6727a7unknown0.0.0.000000000c0000005050f0fef9ec01cea7f3b7a053f9C:\Windows\Explorer.EXEunknownbd43b0b9-1468-11e3-b6ce-f46d041965c9
Error: (08/12/2013 06:46:57 PM) (Source: Application Error)(User: )
Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc0000005001736681e7801ce977642396313C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dllcc925d11-036e-11e3-9f44-f46d041965c9
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 2038.18 MB
Available physical RAM: 1064.8 MB
Total Pagefile: 4076.36 MB
Available Pagefile: 2713.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:401.08 GB) NTFS
Drive i: () (Removable) (Total:7.41 GB) (Free:6.56 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AA635E08)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
==================== End Of Log ============================
FRST.txt
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2013 03
Ran by Michael (administrator) on MICHAEL-NETBOOK on 04-09-2013 21:07:55
Running from C:\Users\Michael\Desktop\adware tools
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\AsusService.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\CapsHook\CapsHook.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(TomTom) C:\Program Files\MyTomTom 3\MyTomTomSA.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIKE.EXE
(Dropbox, Inc.) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [LiveUpdate] - C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [CapsHook] - C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUS)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [548744 2012-10-05] (ELAN Microelectronic Corp.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [HotkeyMon] - C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [95744 2010-09-02] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] - C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1245104 2010-09-03] (ASUSTeK Computer Inc.)
HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2013-05-17] (Realtek Semiconductor)
HKLM\...\Run: [Eee Docking] - C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [414384 2011-01-06] (ASUSTek Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] - C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [425400 2011-08-01] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM\...\Run: [TrayServer] - Z:\Magix Video\TrayServer.exe [x]
HKLM\...\Run: [tvncontrol] - C:\Program Files\TightVNC\tvnserver.exe [1612784 2013-06-06] (GlavSoft LLC.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [MyTomTomSA.exe] - C:\Program Files\MyTomTom 3\MyTomTomSA.exe [455608 2013-05-23] (TomTom)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIKE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKCU\...\Policies\Explorer: [NoDriveAutorun] 0
MountPoints2: {0553c173-55d2-11e2-afce-f46d041965c9} - E:\AutoRun.exe
MountPoints2: {0553c17a-55d2-11e2-afce-f46d041965c9} - E:\AutoRun.exe
MountPoints2: {631516c2-3ce7-11db-acfe-806d6172696f} - D:\AUTORUN\AUTORUN.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files\Steganos Password Manager 12\SPMIEToolbar.dll (Steganos GmbH)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com.tw/common/asusTek_sys_ctrl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxp://www.google.de/ig
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Visualisateur 3D de 20-20 - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: toolbar - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\Extensions\toolbar@gmx.net.xpi
FF Extension: No Name - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
FF Extension: No Name - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\a686f84p.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKLM\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] C:\Program Files\Steganos Password Manager 12\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files\Steganos Password Manager 12\spmplugin3
FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AsusService; C:\Windows\System32\AsusService.exe [224680 2011-07-13] ()
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [78336 2012-07-07] (Dassault Systèmes)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1612784 2013-06-06] (GlavSoft LLC.)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11456 2012-09-25] ()
R1 AsUpIO; C:\Windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-30] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [102912 2012-10-05] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2013-05-06] ( )
S3 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458752 2007-11-08] (PixArt Imaging Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2006-07-24] ()
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [45240 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [441608 2011-11-17] (Paragon)
R1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [277576 2011-11-17] (Paragon)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-04 20:57 - 2013-09-04 20:59 - 00000000 ____D C:\AdwCleaner
2013-09-04 18:00 - 2013-09-04 21:07 - 00000000 ____D C:\Users\Michael\Desktop\adware tools
2013-09-04 15:16 - 2013-09-04 15:17 - 00000919 _____ C:\Users\Michael\Desktop\Neues Textdokument (2).txt
2013-09-04 15:09 - 2013-09-04 15:09 - 00377856 _____ C:\Users\Michael\Downloads\gmer_2.1.19163.exe
2013-09-04 15:07 - 2013-09-04 15:08 - 00000476 _____ C:\Users\Michael\Downloads\defogger_disable.log
2013-09-04 15:07 - 2013-09-04 15:07 - 00000000 _____ C:\Users\Michael\defogger_reenable
2013-09-04 15:06 - 2013-09-04 15:06 - 00050477 _____ C:\Users\Michael\Downloads\Defogger.exe
2013-09-04 15:00 - 2013-09-04 15:02 - 00036767 _____ C:\Users\Michael\Downloads\FRST.txt
2013-09-04 14:52 - 2013-09-04 14:56 - 00048168 _____ C:\Users\Michael\Downloads\Addition.txt
2013-09-04 14:48 - 2013-09-04 14:48 - 00000000 ____D C:\FRST
2013-09-04 14:47 - 2013-09-04 14:48 - 01084575 _____ (Farbar) C:\Users\Michael\Downloads\FRST.exe
2013-09-04 08:27 - 2013-09-04 08:27 - 00001478 _____ C:\Users\Michael\Desktop\FM PDF To JPG Free.lnk
2013-09-04 08:26 - 2013-09-04 09:06 - 00000000 ____D C:\Program Files\FM Software Studio
2013-09-04 08:20 - 2013-09-04 08:20 - 00751851 _____ ( ) C:\Users\Michael\Downloads\FMPDFJPG2.32.exe
2013-09-03 13:30 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130903-133023.backup
2013-09-03 13:29 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130903-132909.backup
2013-09-03 13:26 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130903-132609.backup
2013-09-03 13:24 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130903-132458.backup
2013-09-03 13:24 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130903-132409.backup
2013-09-03 13:23 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20130903-132300.backup
2013-09-03 10:50 - 2013-09-03 10:50 - 00000056 _____ C:\Users\Michael\AppData\Roaming\WB.CFG
2013-09-03 10:50 - 2013-09-03 10:50 - 00000005 _____ C:\Users\Michael\AppData\Roaming\WBPU-TTL.DAT
2013-09-03 09:54 - 2013-09-03 09:55 - 00000000 ____D C:\Users\Michael\AppData\Local\CUSTPDF Writer
2013-09-03 09:39 - 2013-09-03 09:39 - 00000000 ____D C:\Program Files\PDFCreator
2013-09-03 09:39 - 2013-09-03 09:39 - 00000000 ____D C:\Program Files\GPLGS
2013-09-03 09:39 - 2011-10-04 22:42 - 00086016 _____ C:\Windows\system32\custmon32i.dll
2013-09-03 09:32 - 2013-09-03 09:32 - 01245680 _____ C:\Users\Michael\Downloads\PDFCreatorSetup.exe
2013-09-03 09:26 - 2013-09-03 09:26 - 00444400 _____ C:\Users\Michael\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-08-23 14:56 - 2013-08-23 14:59 - 00000000 ____D C:\Users\Michael\AppData\Local\Microsoft Games
2013-08-23 13:52 - 2013-08-23 13:52 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-08-22 20:39 - 2013-08-22 20:39 - 00028289 _____ C:\Users\Michael\Documents\Schwerpunktwaage T1.dwg
2013-08-22 20:15 - 2013-08-22 20:15 - 00000000 ____D C:\Users\Michael\AppData\Local\Dassault Systemes
2013-08-17 19:16 - 2013-08-17 19:16 - 00000000 ____D C:\Users\Michael\Downloads\Zepp-Nt-eF
2013-08-17 19:16 - 2013-08-17 19:16 - 00000000 ____D C:\Users\Michael\Downloads\TURBOR~1
2013-08-17 19:16 - 2013-08-17 19:16 - 00000000 ____D C:\Users\Michael\Downloads\OSPREY
2013-08-17 19:15 - 2013-08-17 19:15 - 00366265 _____ C:\Users\Michael\Downloads\Zepp-Nt-eF.zip
2013-08-17 19:13 - 2013-08-17 19:13 - 00707768 _____ C:\Users\Michael\Downloads\OSPREY.ZIP
2013-08-17 19:12 - 2013-08-17 19:12 - 00708381 _____ C:\Users\Michael\Downloads\TURBOR~1.ZIP
2013-08-17 19:08 - 2013-08-17 19:08 - 00543476 _____ C:\Users\Michael\Downloads\JP47.ZIP
2013-08-17 19:08 - 2013-08-17 19:08 - 00000000 ____D C:\Users\Michael\Downloads\JP47
2013-08-17 16:51 - 2013-09-03 09:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-16 21:46 - 2013-08-16 21:49 - 00000000 ____D C:\Users\Michael\AppData\Roaming\IcoFX
2013-08-16 21:46 - 2013-08-16 21:46 - 00000901 _____ C:\Users\Michael\Desktop\IcoFX.lnk
2013-08-16 21:46 - 2013-08-16 21:46 - 00000000 ____D C:\Program Files\IcoFX 1.6
2013-08-16 21:45 - 2013-08-16 21:45 - 01541684 _____ ( ) C:\Users\Michael\Downloads\icofxsetup164.exe
2013-08-16 21:31 - 2013-08-16 21:48 - 00000179 _____ C:\Users\Michael\Desktop\Fritz Box.url
2013-08-16 08:12 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 08:12 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 08:12 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 08:12 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 08:12 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 08:12 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 08:12 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 08:12 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 08:12 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 08:12 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 08:12 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 08:12 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 08:12 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 08:12 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 08:12 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 08:12 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 13:59 - 2013-08-16 08:26 - 00009797 _____ C:\Users\Michael\Documents\sophie.odt
2013-08-15 13:38 - 2013-08-15 13:59 - 00027744 _____ C:\Users\Michael\Documents\kameraträger Max.dwg
2013-08-15 13:38 - 2013-08-15 13:44 - 00027616 _____ C:\Users\Michael\Documents\kameraträger Max.bak
2013-08-15 08:58 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 08:58 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 08:58 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 08:57 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 08:57 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 08:57 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 08:57 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 08:57 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 08:57 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 08:57 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 08:57 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 08:57 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 08:41 - 2013-08-15 08:41 - 00001814 _____ C:\Users\Public\Desktop\PDF24 Editor.lnk
2013-08-15 08:41 - 2013-08-15 08:41 - 00001799 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2013-08-14 13:19 - 2013-08-16 17:28 - 00000000 ____D C:\Users\Michael\Documents\Transporter 3
==================== One Month Modified Files and Folders =======
2013-09-04 21:07 - 2013-09-04 18:00 - 00000000 ____D C:\Users\Michael\Desktop\adware tools
2013-09-04 21:07 - 2012-09-25 19:03 - 01566703 _____ C:\Windows\WindowsUpdate.log
2013-09-04 21:03 - 2013-02-11 16:21 - 00000000 ___RD C:\Users\Michael\Dropbox
2013-09-04 21:03 - 2013-02-11 16:18 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Dropbox
2013-09-04 21:01 - 2012-09-27 18:29 - 00198102 _____ C:\Windows\PFRO.log
2013-09-04 21:01 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-04 21:01 - 2009-07-14 06:39 - 00043532 _____ C:\Windows\setupact.log
2013-09-04 20:59 - 2013-09-04 20:57 - 00000000 ____D C:\AdwCleaner
2013-09-04 20:51 - 2012-11-21 18:33 - 00000000 ____D C:\Program Files\EPSON Software
2013-09-04 20:49 - 2012-10-11 17:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-04 17:46 - 2009-07-14 06:34 - 00011536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-04 17:46 - 2009-07-14 06:34 - 00011536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-04 16:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-04 15:17 - 2013-09-04 15:16 - 00000919 _____ C:\Users\Michael\Desktop\Neues Textdokument (2).txt
2013-09-04 15:09 - 2013-09-04 15:09 - 00377856 _____ C:\Users\Michael\Downloads\gmer_2.1.19163.exe
2013-09-04 15:08 - 2013-09-04 15:07 - 00000476 _____ C:\Users\Michael\Downloads\defogger_disable.log
2013-09-04 15:07 - 2013-09-04 15:07 - 00000000 _____ C:\Users\Michael\defogger_reenable
2013-09-04 15:07 - 2012-09-25 19:11 - 00000000 ____D C:\Users\Michael
2013-09-04 15:06 - 2013-09-04 15:06 - 00050477 _____ C:\Users\Michael\Downloads\Defogger.exe
2013-09-04 15:02 - 2013-09-04 15:00 - 00036767 _____ C:\Users\Michael\Downloads\FRST.txt
2013-09-04 14:56 - 2013-09-04 14:52 - 00048168 _____ C:\Users\Michael\Downloads\Addition.txt
2013-09-04 14:48 - 2013-09-04 14:48 - 00000000 ____D C:\FRST
2013-09-04 14:48 - 2013-09-04 14:47 - 01084575 _____ (Farbar) C:\Users\Michael\Downloads\FRST.exe
2013-09-04 14:40 - 2013-05-07 19:32 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-04 14:40 - 2012-11-15 13:59 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-04 14:40 - 2012-11-15 13:59 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-04 09:06 - 2013-09-04 08:26 - 00000000 ____D C:\Program Files\FM Software Studio
2013-09-04 09:02 - 2012-11-01 10:22 - 00000000 ____D C:\Users\Michael\Documents\Feuerwehr
2013-09-04 08:27 - 2013-09-04 08:27 - 00001478 _____ C:\Users\Michael\Desktop\FM PDF To JPG Free.lnk
2013-09-04 08:20 - 2013-09-04 08:20 - 00751851 _____ ( ) C:\Users\Michael\Downloads\FMPDFJPG2.32.exe
2013-09-03 10:50 - 2013-09-03 10:50 - 00000056 _____ C:\Users\Michael\AppData\Roaming\WB.CFG
2013-09-03 10:50 - 2013-09-03 10:50 - 00000005 _____ C:\Users\Michael\AppData\Roaming\WBPU-TTL.DAT
2013-09-03 09:55 - 2013-09-03 09:54 - 00000000 ____D C:\Users\Michael\AppData\Local\CUSTPDF Writer
2013-09-03 09:40 - 2013-08-17 16:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-03 09:39 - 2013-09-03 09:39 - 00000000 ____D C:\Program Files\PDFCreator
2013-09-03 09:39 - 2013-09-03 09:39 - 00000000 ____D C:\Program Files\GPLGS
2013-09-03 09:32 - 2013-09-03 09:32 - 01245680 _____ C:\Users\Michael\Downloads\PDFCreatorSetup.exe
2013-09-03 09:26 - 2013-09-03 09:26 - 00444400 _____ C:\Users\Michael\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-09-03 09:09 - 2013-05-11 17:42 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc
2013-09-02 18:49 - 2012-09-26 18:44 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-02 18:49 - 2012-09-26 18:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-02 17:52 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-08-24 11:54 - 2012-09-25 20:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-23 14:59 - 2013-08-23 14:56 - 00000000 ____D C:\Users\Michael\AppData\Local\Microsoft Games
2013-08-23 13:52 - 2013-08-23 13:52 - 00000000 ____D C:\Users\Public\Documents\AlawarWrapper
2013-08-22 20:39 - 2013-08-22 20:39 - 00028289 _____ C:\Users\Michael\Documents\Schwerpunktwaage T1.dwg
2013-08-22 20:15 - 2013-08-22 20:15 - 00000000 ____D C:\Users\Michael\AppData\Local\Dassault Systemes
2013-08-17 19:16 - 2013-08-17 19:16 - 00000000 ____D C:\Users\Michael\Downloads\Zepp-Nt-eF
2013-08-17 19:16 - 2013-08-17 19:16 - 00000000 ____D C:\Users\Michael\Downloads\TURBOR~1
2013-08-17 19:16 - 2013-08-17 19:16 - 00000000 ____D C:\Users\Michael\Downloads\OSPREY
2013-08-17 19:15 - 2013-08-17 19:15 - 00366265 _____ C:\Users\Michael\Downloads\Zepp-Nt-eF.zip
2013-08-17 19:13 - 2013-08-17 19:13 - 00707768 _____ C:\Users\Michael\Downloads\OSPREY.ZIP
2013-08-17 19:12 - 2013-08-17 19:12 - 00708381 _____ C:\Users\Michael\Downloads\TURBOR~1.ZIP
2013-08-17 19:08 - 2013-08-17 19:08 - 00543476 _____ C:\Users\Michael\Downloads\JP47.ZIP
2013-08-17 19:08 - 2013-08-17 19:08 - 00000000 ____D C:\Users\Michael\Downloads\JP47
2013-08-17 16:36 - 2012-09-25 19:14 - 01795754 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-16 21:49 - 2013-08-16 21:46 - 00000000 ____D C:\Users\Michael\AppData\Roaming\IcoFX
2013-08-16 21:48 - 2013-08-16 21:31 - 00000179 _____ C:\Users\Michael\Desktop\Fritz Box.url
2013-08-16 21:46 - 2013-08-16 21:46 - 00000901 _____ C:\Users\Michael\Desktop\IcoFX.lnk
2013-08-16 21:46 - 2013-08-16 21:46 - 00000000 ____D C:\Program Files\IcoFX 1.6
2013-08-16 21:45 - 2013-08-16 21:45 - 01541684 _____ ( ) C:\Users\Michael\Downloads\icofxsetup164.exe
2013-08-16 17:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 17:28 - 2013-08-14 13:19 - 00000000 ____D C:\Users\Michael\Documents\Transporter 3
2013-08-16 11:50 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-16 08:40 - 2013-07-28 12:35 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 08:29 - 2012-09-25 22:31 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-16 08:26 - 2013-08-15 13:59 - 00009797 _____ C:\Users\Michael\Documents\sophie.odt
2013-08-15 13:59 - 2013-08-15 13:38 - 00027744 _____ C:\Users\Michael\Documents\kameraträger Max.dwg
2013-08-15 13:44 - 2013-08-15 13:38 - 00027616 _____ C:\Users\Michael\Documents\kameraträger Max.bak
2013-08-15 08:41 - 2013-08-15 08:41 - 00001814 _____ C:\Users\Public\Desktop\PDF24 Editor.lnk
2013-08-15 08:41 - 2013-08-15 08:41 - 00001799 _____ C:\Users\Public\Desktop\PDF24 Fax.lnk
2013-08-15 08:41 - 2012-11-07 20:50 - 00000000 ____D C:\Program Files\PDF24
Files to move or delete:
====================
C:\Users\Michael\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Michael\AppData\Local\Temp\Quarantine.exe
C:\Users\Michael\AppData\Local\Temp\ResetDevice.exe
C:\Users\Michael\AppData\Local\Temp\uninst1.exe
C:\Users\Michael\AppData\Local\Temp\UpdUninstall.exe
C:\Users\Michael\AppData\Local\Temp\IDC2.tmp\FP_AX_CAB_INSTALLER64.exe
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\BabMaint.exe
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\BExternal.dll
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\BUSolForMontiera.dll
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\BUSolution.dll
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\ccp.exe
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\ChromeToolbarSetup.dll
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\CrxInstaller.dll
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\enhancedNT.dll
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\GUninstaller.exe
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\IEHelper.dll
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\MntrDLLInstall.dll
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\MyDeltaTB.exe
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\Setup.exe
C:\Users\Michael\AppData\Local\Temp\97020592-BAB0-7891-897C-2ECA0A4D122C\Latest\sqlite3.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-04 16:04
==================== End Of Log ============================
--- --- ---
--- --- --- |
AdwCleaner auf deinen Desktop.
Aktualität von System und Software