Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   APPL/Downloader.Gen6 [program] & ADWARE/InstallCore.DA.19 [adware] Infektion (https://www.trojaner-board.de/138167-appl-downloader-gen6-program-adware-installcore-19-adware-infektion.html)

hundkatze 13.07.2013 18:43
APPL/Downloader.Gen6 [program] & ADWARE/InstallCore.DA.19 [adware] Infektion
 
Hallo,

Hatte vor 2 Wochen schon einmal ein Problem mit APPL/Downloader.Gen und ADWARE/InstallCore.E. Konnte jedoch gelöst werden dachte ich zumindest.
5 Tage lang hatte ich Ruhe doch dann kam wieder diese nervige Werbung.
Gestern hat mir dann Avira Free Antivirus leider wieder 3 Funde gemeldet :/.
Hoffe hier kann mir jemand bei meinem Problem helfen.

Code:
OTL logfile created on: 13.07.2013 19:31:10 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Alex\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 48,53% Memory free
7,35 Gb Paging File | 4,95 Gb Available in Paging File | 67,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,66 Gb Total Space | 301,43 Gb Free Space | 66,89% Space Free | Partition Type: NTFS
 
Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Users\Alex\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Windows\PLFSetI.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\PepperFlash\11.8.800.97\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Windows\PLFSetI.exe ()
 
 
========== Services (SafeList) ==========
 
SRV - (HOSTS Anti-PUPs) -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{49852460-DD75-4225-9585-51E74DAFF487}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{68F097BE-5436-4587-8F38-A53ED4ED02B0}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{8872E3C6-829F-44F4-8EC5-AB65D8E42371}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{AAA93870-1552-418F-A6BA-58FADD6F1F8C}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{C4150A23-7E4A-44ED-B728-D486940C1F09}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{C8FDAD71-AD7D-4B94-8E9E-2987CF4C180A}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.02 15:34:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\blyrics@be-lyrics.net: C:\Program Files (x86)\bLyrics\120.xpi [2013.07.10 18:40:35 | 000,004,629 | ---- | M] ()
 
[2013.07.02 15:35:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions
[2013.06.05 14:48:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013.02.25 19:31:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\extensions\searchplugins
[2012.12.13 22:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.07.02 15:34:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: B Lyrics = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfnojfflanlgcbpghbmempckngnlaabl\1.120_0\
CHR - Extension: Google Mail = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.07.03 19:05:53 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121018165358.dll File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (B Lyrics) - {4CE9C24E-7AFE-4486-A923-138D2C3F0B1E} - C:\Program Files (x86)\bLyrics\120.dll (Be-Lyrics)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121018165359.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Alex\AppData\Roaming\OCS\SM\SearchAnonymizer.exe File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2013.07.05 20:57:13 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2013.07.05 20:57:13 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2013.07.05 20:57:13 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2013.07.05 20:57:13 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2013.07.05 20:57:13 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2013.07.05 20:57:13 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2013.07.05 20:57:13 | 000,000,000 | ---D | M]
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CBE3505-D0E8-4227-A72A-F202354B7809}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CB6D198-E9CF-49AA-9B59-55272448DACD}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.10 18:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bLyrics
[2013.07.06 21:09:46 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\nils musik
[2013.07.05 20:57:45 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Full VA - UKF Drum And Bass (2012) - Ukf009cd (201
[2013.07.05 20:57:14 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\DnB
[2013.07.05 20:57:12 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\1
[2013.07.05 20:57:01 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Ukf Drum & Bass 2012
[2013.07.05 20:56:37 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\UKF D&B 011 VA - Drum & Bass (2011) 01
[2013.07.05 20:56:10 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\techpro
[2013.07.05 20:55:52 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Project-X-(OST)-The-REAL-Soundtrack-2012-iND
[2013.07.05 20:55:48 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Man On The Moon II The Legend Of Mr. Ra
[2013.07.05 20:55:38 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Man On The Moon
[2013.07.05 20:54:51 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Kontor Top of the Clubs 2013. 02 2013 256_kbps 96
[2013.07.02 15:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.07.02 15:35:02 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Mozilla
[2013.07.02 15:34:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.07.02 15:34:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.07.02 15:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.06.30 16:16:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.06.30 15:18:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.30 15:02:40 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
[2013.06.30 15:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.30 15:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.30 15:02:25 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.06.30 15:02:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.06.30 15:01:52 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Programs
[2013.06.30 15:01:44 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Alex\Desktop\mbam-setup-1.75.0.1300.exe
[2013.06.30 09:31:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.06.30 09:31:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.06.30 09:31:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.06.30 09:31:11 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.06.30 09:31:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.06.30 09:30:48 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.06.30 09:30:29 | 005,084,379 | R--- | C] (Swearware) -- C:\Users\Alex\Desktop\ComboFix.exe
[2013.06.29 22:58:46 | 000,000,000 | ---D | C] -- C:\FRST
[2013.06.29 21:05:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
[2013.06.29 18:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2013.06.24 18:22:37 | 001,654,784 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE
[2013.06.24 18:22:27 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\InstallShield
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.13 19:33:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.13 19:17:34 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.13 19:17:32 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2013.07.13 18:30:05 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\B Lyrics Update.job
[2013.07.13 17:35:50 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.13 03:39:50 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.13 03:39:50 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.13 03:32:25 | 000,000,433 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013.07.13 03:32:22 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.07.13 03:31:44 | 000,282,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.13 03:31:10 | 2960,805,888 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.13 03:12:09 | 001,519,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.13 03:12:09 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.13 03:12:09 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.13 03:12:09 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.13 03:12:09 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.11 17:34:13 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.07.03 19:05:53 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.07.02 15:34:55 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.30 15:02:26 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.06.30 15:00:52 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Alex\Desktop\mbam-setup-1.75.0.1300.exe
[2013.06.30 09:30:22 | 005,084,379 | R--- | M] (Swearware) -- C:\Users\Alex\Desktop\ComboFix.exe
[2013.06.29 21:05:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Desktop\OTL.exe
[2013.06.29 18:29:03 | 000,890,988 | ---- | M] () -- C:\Users\Alex\Desktop\SecurityCheck (2).exe
[2013.06.29 12:59:35 | 000,648,201 | ---- | M] () -- C:\Users\Alex\Desktop\AdwCleaner (1).exe
[2013.06.26 12:52:18 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.14 00:12:26 | 029,725,628 | ---- | M] () -- C:\Users\Alex\Desktop\Busta Rhymes - Break Ya Neck (HD) Best Quality!_youtube_original.flv
 
========== Files Created - No Company Name ==========
 
[2013.07.02 15:37:21 | 000,002,187 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.07.02 15:36:17 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.02 15:36:15 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.02 15:34:55 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.07.02 15:34:55 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.30 15:02:26 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.06.30 09:31:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.06.30 09:31:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.06.30 09:31:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.06.30 09:31:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.06.30 09:31:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.06.29 18:30:52 | 000,648,201 | ---- | C] () -- C:\Users\Alex\Desktop\AdwCleaner (1).exe
[2013.06.29 18:29:40 | 000,890,988 | ---- | C] () -- C:\Users\Alex\Desktop\SecurityCheck (2).exe
[2013.06.28 12:55:33 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\B Lyrics Update.job
[2013.06.24 18:22:37 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2013.06.24 18:22:37 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2013.06.24 18:22:37 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2013.06.24 18:22:37 | 000,008,362 | ---- | C] () -- C:\Windows\Suyin.reg
[2013.06.24 18:22:37 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2013.06.14 00:09:45 | 029,725,628 | ---- | C] () -- C:\Users\Alex\Desktop\Busta Rhymes - Break Ya Neck (HD) Best Quality!_youtube_original.flv
[2012.12.01 19:15:17 | 000,007,599 | ---- | C] () -- C:\Users\Alex\AppData\Local\Resmon.ResmonCfg
[2012.03.20 17:09:26 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012.03.20 17:07:39 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012.03.20 17:07:38 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012.03.20 17:07:33 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012.03.20 17:07:32 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.06 17:18:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Canneverbe Limited
[2012.10.18 19:18:38 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoft
[2013.02.25 19:31:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Opera
[2013.06.28 13:11:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 

< End of report >

Danke schon mal im Voraus :)

schrauber 13.07.2013 18:43
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


hundkatze 13.07.2013 19:54
hi schrauber,
erstmal danke für die schnelle Antwort.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2013 01
Ran by Alex (administrator) on 13-07-2013 20:52:01
Running from C:\Users\Alex\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Windows\PLFSetI.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-28] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [Ocs_SM] - C:\Users\Alex\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe" [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKLM-x32\...\Run: [SuiteTray] - "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2013-06-29] ()
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-07-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKCU - {49852460-DD75-4225-9585-51E74DAFF487} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {68F097BE-5436-4587-8F38-A53ED4ED02B0} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {8872E3C6-829F-44F4-8EC5-AB65D8E42371} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {AAA93870-1552-418F-A6BA-58FADD6F1F8C} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C4150A23-7E4A-44ED-B728-D486940C1F09} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C8FDAD71-AD7D-4B94-8E9E-2987CF4C180A} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121018165358.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: B Lyrics - {4CE9C24E-7AFE-4486-A923-138D2C3F0B1E} - C:\Program Files (x86)\bLyrics\120.dll (Be-Lyrics)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121018165359.dll No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\8tw6mhjg.default
FF user.js: detected! => C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\8tw6mhjg.default\user.js
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: movie2kdownloader - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js.orig
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [blyrics@be-lyrics.net] C:\Program Files (x86)\bLyrics\120.xpi
FF Extension: No Name - C:\Program Files (x86)\bLyrics\120.xpi

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (B Lyrics) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfnojfflanlgcbpghbmempckngnlaabl\1.120_0
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [285795 2013-06-29] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-13 20:51 - 2013-07-13 20:51 - 01777829 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2013-07-13 19:39 - 2013-07-13 19:39 - 00075840 _____ C:\Users\Alex\Desktop\OTL.Txt
2013-07-13 03:06 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-13 03:06 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-13 03:06 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-13 03:06 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-13 03:06 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-13 03:06 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-13 03:06 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-13 03:06 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-13 03:06 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-13 03:06 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-13 03:06 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-13 03:06 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-13 03:06 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-13 03:06 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-13 03:06 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-13 03:06 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-13 03:06 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 03:06 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 03:06 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 03:06 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-13 03:06 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 03:06 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 03:06 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-13 03:06 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 03:06 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-13 03:06 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-13 03:06 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 03:06 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 03:06 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-13 03:06 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 03:06 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-13 03:06 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 22:25 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 22:25 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 22:25 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 22:25 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 22:24 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 22:24 - 2013-04-10 07:45 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 22:24 - 2013-04-10 07:02 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 18:40 - 2013-07-10 18:40 - 00000000 ____D C:\Program Files (x86)\bLyrics
2013-07-06 21:09 - 2013-07-06 21:13 - 00000000 ____D C:\Users\Alex\Desktop\nils musik
2013-07-05 20:57 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\Ukf Drum & Bass 2012
2013-07-05 20:57 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\Full VA - UKF Drum And Bass (2012) - Ukf009cd (201
2013-07-05 20:57 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\DnB
2013-07-05 20:57 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\1
2013-07-05 20:56 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\UKF D&B 011 VA - Drum & Bass (2011) 01
2013-07-05 20:56 - 2013-07-05 20:56 - 00000000 ____D C:\Users\Alex\Desktop\techpro
2013-07-05 20:55 - 2013-07-05 20:56 - 00000000 ____D C:\Users\Alex\Desktop\Project-X-(OST)-The-REAL-Soundtrack-2012-iND
2013-07-05 20:55 - 2013-07-05 20:55 - 00000000 ____D C:\Users\Alex\Desktop\Man On The Moon II The Legend Of Mr. Ra
2013-07-05 20:55 - 2013-07-05 20:55 - 00000000 ____D C:\Users\Alex\Desktop\Man On The Moon
2013-07-05 20:54 - 2013-07-05 20:55 - 00000000 ____D C:\Users\Alex\Desktop\Kontor Top of the Clubs 2013. 02 2013 256_kbps 96
2013-07-02 15:37 - 2013-07-11 17:34 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-02 15:36 - 2013-07-13 20:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-02 15:36 - 2013-07-13 17:35 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-02 15:36 - 2013-07-13 00:41 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-02 15:36 - 2013-07-13 00:41 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-02 15:35 - 2013-07-02 15:35 - 00000000 ____D C:\Users\Alex\AppData\Local\Mozilla
2013-07-02 15:34 - 2013-07-02 15:34 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 16:16 - 2013-06-30 21:34 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-30 15:25 - 2013-06-30 15:25 - 00000624 _____ C:\Users\Alex\Desktop\JRT.txt
2013-06-30 15:15 - 2013-06-30 15:16 - 00001249 _____ C:\AdwCleaner[S4].txt
2013-06-30 15:02 - 2013-06-30 21:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-30 15:02 - 2013-06-30 21:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-30 15:02 - 2013-06-30 15:02 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-30 15:02 - 2013-06-30 15:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Malwarebytes
2013-06-30 15:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-06-30 15:01 - 2013-06-30 15:00 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Alex\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-30 09:39 - 2013-06-30 09:39 - 00016491 _____ C:\ComboFix.txt
2013-06-30 09:31 - 2013-06-30 21:33 - 00000000 ____D C:\Qoobox
2013-06-30 09:31 - 2013-06-30 09:39 - 00000000 ____D C:\ComboFix
2013-06-30 09:31 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-06-30 09:31 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-06-30 09:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-06-30 09:30 - 2013-06-30 21:34 - 00000000 ____D C:\Windows\erdnt
2013-06-30 09:30 - 2013-06-30 09:30 - 05084379 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2013-06-29 22:58 - 2013-06-29 22:58 - 01933592 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2013-06-29 22:58 - 2013-06-29 22:58 - 00000000 ____D C:\FRST
2013-06-29 21:05 - 2013-06-29 21:05 - 00602112 _____ (OldTimer Tools) C:\Users\Alex\Desktop\OTL.exe
2013-06-29 20:57 - 2013-06-29 20:57 - 00008480 _____ C:\Users\Alex\Documents\Ereignisse.txt
2013-06-29 18:34 - 2013-06-29 18:34 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2013-06-29 18:31 - 2013-06-29 18:31 - 00001144 _____ C:\AdwCleaner[S3].txt
2013-06-29 18:31 - 2013-06-29 18:31 - 00001081 _____ C:\AdwCleaner[R3].txt
2013-06-29 18:30 - 2013-06-29 12:59 - 00648201 _____ C:\Users\Alex\Desktop\AdwCleaner (1).exe
2013-06-29 18:29 - 2013-06-29 18:29 - 00890988 _____ C:\Users\Alex\Desktop\SecurityCheck (2).exe
2013-06-29 13:01 - 2013-06-29 13:01 - 00001024 _____ C:\AdwCleaner[S2].txt
2013-06-29 13:01 - 2013-06-29 13:01 - 00000963 _____ C:\AdwCleaner[R2].txt
2013-06-29 12:59 - 2013-06-29 13:00 - 00000904 _____ C:\AdwCleaner[R1].txt
2013-06-28 12:55 - 2013-07-13 18:30 - 00000366 _____ C:\Windows\Tasks\B Lyrics Update.job
2013-06-28 12:55 - 2013-07-10 18:40 - 00003012 _____ C:\Windows\System32\Tasks\B Lyrics Update
2013-06-24 18:22 - 2013-06-24 18:22 - 00000000 ____D C:\Users\Alex\AppData\Roaming\InstallShield
2013-06-24 18:22 - 2009-05-27 10:54 - 01654784 _____ (SuYin) C:\Windows\Acer Crystal Eye webcam.EXE
2013-06-24 18:22 - 2009-05-27 10:48 - 00008362 _____ C:\Windows\Suyin.reg
2013-06-24 18:22 - 2009-05-11 17:39 - 00000323 _____ C:\Windows\PidList.ini
2013-06-24 18:22 - 2008-12-30 13:42 - 00626688 _____ C:\Windows\Image.dll
2013-06-24 18:22 - 2008-07-29 19:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2013-06-24 18:22 - 2008-06-25 14:22 - 00020480 _____ C:\Windows\USB_VIDEO_REG.exe
2013-06-14 00:09 - 2013-06-14 00:12 - 29725628 _____ C:\Users\Alex\Desktop\Busta Rhymes - Break Ya Neck (HD) Best Quality!_youtube_original.flv

==================== One Month Modified Files and Folders =======

2013-07-13 20:51 - 2013-07-13 20:51 - 01777829 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2013-07-13 20:46 - 2013-07-02 15:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-13 20:33 - 2012-03-20 17:22 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-13 20:33 - 2012-03-20 17:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-13 19:39 - 2013-07-13 19:39 - 00075840 _____ C:\Users\Alex\Desktop\OTL.Txt
2013-07-13 19:19 - 2012-04-18 14:37 - 02024042 _____ C:\Windows\WindowsUpdate.log
2013-07-13 19:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-07-13 18:30 - 2013-06-28 12:55 - 00000366 _____ C:\Windows\Tasks\B Lyrics Update.job
2013-07-13 17:35 - 2013-07-02 15:36 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-13 03:39 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-13 03:39 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-13 03:32 - 2012-12-01 21:12 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-07-13 03:32 - 2012-12-01 17:53 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-07-13 03:31 - 2010-11-21 05:47 - 00872992 _____ C:\Windows\PFRO.log
2013-07-13 03:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-13 03:31 - 2009-07-14 06:51 - 00064640 _____ C:\Windows\setupact.log
2013-07-13 03:31 - 2009-07-14 06:45 - 00282568 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-13 03:29 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 03:29 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-13 03:29 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 03:12 - 2012-04-19 00:25 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-07-13 03:12 - 2012-04-19 00:25 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-07-13 03:12 - 2009-07-14 07:13 - 01519874 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-13 03:08 - 2012-12-22 15:52 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-13 00:41 - 2013-07-02 15:36 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 00:41 - 2013-07-02 15:36 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 17:34 - 2013-07-02 15:37 - 00002187 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-10 18:40 - 2013-07-10 18:40 - 00000000 ____D C:\Program Files (x86)\bLyrics
2013-07-10 18:40 - 2013-06-28 12:55 - 00003012 _____ C:\Windows\System32\Tasks\B Lyrics Update
2013-07-08 13:04 - 2012-12-19 22:05 - 00000000 ____D C:\Users\Alex\AppData\Local\Paint.NET
2013-07-06 21:13 - 2013-07-06 21:09 - 00000000 ____D C:\Users\Alex\Desktop\nils musik
2013-07-06 01:43 - 2012-11-01 01:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2013-07-05 20:57 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\Ukf Drum & Bass 2012
2013-07-05 20:57 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\Full VA - UKF Drum And Bass (2012) - Ukf009cd (201
2013-07-05 20:57 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\DnB
2013-07-05 20:57 - 2013-07-05 20:57 - 00000000 ____D C:\Users\Alex\Desktop\1
2013-07-05 20:57 - 2013-07-05 20:56 - 00000000 ____D C:\Users\Alex\Desktop\UKF D&B 011 VA - Drum & Bass (2011) 01
2013-07-05 20:56 - 2013-07-05 20:56 - 00000000 ____D C:\Users\Alex\Desktop\techpro
2013-07-05 20:56 - 2013-07-05 20:55 - 00000000 ____D C:\Users\Alex\Desktop\Project-X-(OST)-The-REAL-Soundtrack-2012-iND
2013-07-05 20:55 - 2013-07-05 20:55 - 00000000 ____D C:\Users\Alex\Desktop\Man On The Moon II The Legend Of Mr. Ra
2013-07-05 20:55 - 2013-07-05 20:55 - 00000000 ____D C:\Users\Alex\Desktop\Man On The Moon
2013-07-05 20:55 - 2013-07-05 20:54 - 00000000 ____D C:\Users\Alex\Desktop\Kontor Top of the Clubs 2013. 02 2013 256_kbps 96
2013-07-02 15:37 - 2012-10-18 14:35 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-02 15:35 - 2013-07-02 15:35 - 00000000 ____D C:\Users\Alex\AppData\Local\Mozilla
2013-07-02 15:35 - 2013-01-03 01:03 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Mozilla
2013-07-02 15:34 - 2013-07-02 15:34 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 21:48 - 2012-10-18 14:26 - 00000000 ____D C:\Users\Alex
2013-06-30 21:34 - 2013-06-30 16:16 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-30 21:34 - 2013-06-30 15:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-30 21:34 - 2013-06-30 09:30 - 00000000 ____D C:\Windows\erdnt
2013-06-30 21:34 - 2013-06-11 16:40 - 00000000 ____D C:\Windows\ERUNT
2013-06-30 21:34 - 2012-10-18 15:52 - 00000000 ____D C:\Users\Alex\AppData\Local\Akamai
2013-06-30 21:34 - 2012-03-20 17:19 - 00000000 ____D C:\ProgramData\BackupManager
2013-06-30 21:33 - 2013-06-30 15:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-30 21:33 - 2013-06-30 09:31 - 00000000 ____D C:\Qoobox
2013-06-30 21:33 - 2013-06-11 16:39 - 00000000 ____D C:\JRT
2013-06-30 21:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-30 21:27 - 2012-12-30 16:51 - 00000000 ____D C:\Users\hedev
2013-06-30 21:04 - 2013-03-13 22:07 - 00000000 ____D C:\Users\Alex\Desktop\BigBang -- HIMUM
2013-06-30 15:25 - 2013-06-30 15:25 - 00000624 _____ C:\Users\Alex\Desktop\JRT.txt
2013-06-30 15:16 - 2013-06-30 15:15 - 00001249 _____ C:\AdwCleaner[S4].txt
2013-06-30 15:02 - 2013-06-30 15:02 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-30 15:02 - 2013-06-30 15:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Malwarebytes
2013-06-30 15:00 - 2013-06-30 15:01 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Alex\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-30 09:39 - 2013-06-30 09:39 - 00016491 _____ C:\ComboFix.txt
2013-06-30 09:39 - 2013-06-30 09:31 - 00000000 ____D C:\ComboFix
2013-06-30 09:39 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-06-30 09:37 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-06-30 09:30 - 2013-06-30 09:30 - 05084379 ____R (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2013-06-29 22:58 - 2013-06-29 22:58 - 01933592 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2013-06-29 22:58 - 2013-06-29 22:58 - 00000000 ____D C:\FRST
2013-06-29 21:05 - 2013-06-29 21:05 - 00602112 _____ (OldTimer Tools) C:\Users\Alex\Desktop\OTL.exe
2013-06-29 20:57 - 2013-06-29 20:57 - 00008480 _____ C:\Users\Alex\Documents\Ereignisse.txt
2013-06-29 18:34 - 2013-06-29 18:34 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2013-06-29 18:31 - 2013-06-29 18:31 - 00001144 _____ C:\AdwCleaner[S3].txt
2013-06-29 18:31 - 2013-06-29 18:31 - 00001081 _____ C:\AdwCleaner[R3].txt
2013-06-29 18:29 - 2013-06-29 18:29 - 00890988 _____ C:\Users\Alex\Desktop\SecurityCheck (2).exe
2013-06-29 13:01 - 2013-06-29 13:01 - 00001024 _____ C:\AdwCleaner[S2].txt
2013-06-29 13:01 - 2013-06-29 13:01 - 00000963 _____ C:\AdwCleaner[R2].txt
2013-06-29 13:00 - 2013-06-29 12:59 - 00000904 _____ C:\AdwCleaner[R1].txt
2013-06-29 12:59 - 2013-06-29 18:30 - 00648201 _____ C:\Users\Alex\Desktop\AdwCleaner (1).exe
2013-06-28 13:11 - 2013-01-18 20:18 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TS3Client
2013-06-28 12:55 - 2013-04-23 14:58 - 00000000 ____D C:\Program Files (x86)\LyricsMonkey
2013-06-26 12:52 - 2013-05-14 14:54 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-06-24 18:35 - 2012-12-19 22:06 - 00000000 ____D C:\Program Files\Paint.NET
2013-06-24 18:22 - 2013-06-24 18:22 - 00000000 ____D C:\Users\Alex\AppData\Roaming\InstallShield
2013-06-24 18:22 - 2012-03-20 16:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-14 19:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 00:12 - 2013-06-14 00:09 - 29725628 _____ C:\Users\Alex\Desktop\Busta Rhymes - Break Ya Neck (HD) Best Quality!_youtube_original.flv

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-13 04:01

==================== End Of Log ============================
--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2013 01
Ran by Alex at 2013-07-13 20:54:04
Running from C:\Users\Alex\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
Acer Backup Manager (x32 Version: 3.0.0.100)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904)
Acer Crystal Eye Webcam (x32 Version: 5.2.5.3)
Acer ePower Management (x32 Version: 6.00.3010)
Acer eRecovery Management (x32 Version: 5.00.3507)
Acer Games (x32 Version: 1.0.2.5)
Acer Registration (x32 Version: 1.04.3506)
Acer ScreenSaver (x32 Version: 1.1.0530.2011)
Acer Updater (x32 Version: 1.02.3501)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Reader X (10.1.0) MUI (x32 Version: 10.1.0)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Akamai NetSession Interface (HKCU)
Apple Application Support (x32 Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.2.43)
Avira Free Antivirus (x32 Version: 13.0.0.3737)
B Lyrics (x32)
Backup Manager V3 (x32 Version: 3.0.0.100)
be Flash Player 11 ActiveX 64-bit (Version: 11.2.202.222)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
CDBurnerXP (x32 Version: 4.5.1.4003)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
clear.fi Client (x32 Version: 1.00.3500)
D3DX10 (x32 Version: 15.4.2368.0902)
eBay Worldwide (x32 Version: 2.2.0409)
Evernote v. 4.5.2 (x32 Version: 4.5.2.5866)
FATE (x32 Version: 2.2.0.97)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Fooz Kids (x32 Version: 3.1.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Free YouTube to MP3 Converter version 3.11.34.1015 (x32 Version: 3.11.34.1015)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 28.0.1500.71)
Google Update Helper (x32 Version: 1.3.21.153)
Identity Card (x32 Version: 1.00.3501)
Insaniquarium Deluxe (x32 Version: 2.2.0.97)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2476)
iTunes (Version: 10.7.0.21)
Jewel Match 3 (x32 Version: 2.2.0.98)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Launch Manager (x32 Version: 5.1.7)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (x32 Version: 4.0.60310.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 20.0.1 (x86 de) (x32 Version: 20.0.1)
Mozilla Maintenance Service (x32 Version: 20.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (x32 Version: 4.0.14.27)
MyWinLocker Suite (x32 Version: 4.0.14.19)
newsXpresso (x32 Version: 1.0.0.40)
Paint.NET v3.5.10 (Version: 3.60.0)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Bowler (x32 Version: 2.2.0.97)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Project64 1.6 (x32 Version: 1.6)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6392)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30127)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Slingo Deluxe (x32 Version: 2.2.0.95)
Synaptics Pointing Device Driver (Version: 15.2.17.5)
Tales of Lagoona (x32 Version: 2.2.0.98)
TeamSpeak 3 Client (x32 Version: 3.0.10.1)
Torchlight (x32 Version: 2.2.0.98)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97)
VLC media player 2.0.5 (x32 Version: 2.0.5)
Wedding Dash (x32 Version: 2.2.0.95)
Welcome Center (x32 Version: 1.02.3507)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

30-06-2013 19:01:32 Removed Google Earth Plug-in.
30-06-2013 19:10:02 Wiederherstellungsvorgang
05-07-2013 14:57:48 Windows Update
09-07-2013 12:34:57 Windows Update
12-07-2013 12:47:56 Windows Update
13-07-2013 01:00:15 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-03 19:05 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0A6C3D89-A2F1-4018-837D-4A1996B4DB98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02] (Google Inc.)
Task: {2548A49F-112D-478B-AA24-8E37E9D384C1} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {69A61176-9374-4C75-BA61-76E3D3ECDFA6} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {6D074C00-4EFE-4D6C-9692-73284F1C05EA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {758145A5-C992-45ED-88AC-FA02242CC387} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-20] (Adobe Systems Incorporated)
Task: {8C67663A-8284-421D-A73E-E2B095E4E17D} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: {B0D7B6B1-39C6-4C73-BBA2-E5478D013A4E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {BD2E1225-3848-428C-B638-C2D4644F1E7E} - System32\Tasks\B Lyrics Update => C:\Program Files (x86)\bLyrics\bLyrics.exe [2013-07-08] (Be-Lyrics)
Task: {D133A45C-1F8B-46D6-9E2D-919B3D345BCF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02] (Google Inc.)
Task: {DB12592D-AFBA-488D-B617-BB023E35ABBD} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2012-01-19] (Acer)
Task: {FB377EA3-758A-49F4-83C6-60A5A474F769} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\B Lyrics Update.job => C:\Program Files (x86)\bLyrics\bLyrics.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2013 08:50:19 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/13/2013 07:29:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2013 07:29:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2013 07:29:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2013 07:21:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/13/2013 07:21:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/13/2013 07:21:39 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2013 07:21:39 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2013 07:21:38 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/13/2013 03:32:59 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/13/2013 07:17:32 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/13/2013 03:32:22 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HOSTS Anti-PUPs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/13/2013 03:32:22 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HOSTS Anti-PUPs erreicht.

Error: (07/12/2013 05:29:59 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/10/2013 10:47:10 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/10/2013 10:47:06 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/10/2013 06:40:20 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (07/10/2013 06:40:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HOSTS Anti-PUPs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/10/2013 06:40:06 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HOSTS Anti-PUPs erreicht.

Error: (07/10/2013 05:56:53 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}


Microsoft Office Sessions:
=========================
Error: (07/13/2013 08:50:19 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\$RECYCLE.BIN\S-1-5-21-3322117072-1391134596-3964613956-1000\$RI5F8ZI.exe

Error: (07/13/2013 07:29:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$RECYCLE.BIN\S-1-5-21-3322117072-1391134596-3964613956-1000\$RFGCLLX.exe

Error: (07/13/2013 07:29:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$RECYCLE.BIN\S-1-5-21-3322117072-1391134596-3964613956-1000\$RRUIAD8.exe

Error: (07/13/2013 07:29:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$RECYCLE.BIN\S-1-5-21-3322117072-1391134596-3964613956-1000\$RSFV1PF.exe

Error: (07/13/2013 07:21:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Alex\Downloads\SoftonicDownloader_fuer_auto-clicker.exe

Error: (07/13/2013 07:21:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Alex\Downloads\SoftonicDownloader_fuer_combofix.exe

Error: (07/13/2013 07:21:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alex\Downloads\esetsmartinstaller_enu (1).exe

Error: (07/13/2013 07:21:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alex\Downloads\esetsmartinstaller_enu (2).exe

Error: (07/13/2013 07:21:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Alex\Downloads\esetsmartinstaller_enu.exe

Error: (07/13/2013 03:32:59 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3764.86 MB
Available physical RAM: 1764.93 MB
Total Pagefile: 7527.9 MB
Available Pagefile: 5115.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:301.43 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BEAF818C)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 13.07.2013 20:59
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

hundkatze 13.07.2013 21:24
hi,
hier die Logfiles:

JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.0.9 (07.12.2013:2)
OS: Windows 7 Home Premium x64
Ran by Alex on 13.07.2013 at 22:16:34,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\BLYRICS.EXE-A87EABBE.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\lyricsmonkey"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.07.2013 at 22:21:41,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---


AdwCleaner Logfile:
Code:
# AdwCleaner v2.305 - Datei am 13/07/2013 um 22:07:28 erstellt
# Aktualisiert am 11/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Alex - ALEX-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Alex\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
Datei Gelöscht : C:\Windows\Tasks\B Lyrics Update.job
Ordner Gelöscht : C:\Program Files (x86)\bLyrics
Ordner Gelöscht : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfnojfflanlgcbpghbmempckngnlaabl

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\bLyrics
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4CE9C24E-7AFE-4486-A923-138D2C3F0B1E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mfnojfflanlgcbpghbmempckngnlaabl
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4CE9C24E-7AFE-4486-A923-138D2C3F0B1E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\blyrics@be-lyrics.net

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\8tw6mhjg.default\prefs.js

C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\8tw6mhjg.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.71

Datei : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [904 octets] - [29/06/2013 12:59:52]
AdwCleaner[R2].txt - [963 octets] - [29/06/2013 13:01:18]
AdwCleaner[R3].txt - [1081 octets] - [29/06/2013 18:31:00]
AdwCleaner[S1].txt - [21948 octets] - [11/06/2013 16:33:04]
AdwCleaner[S2].txt - [1024 octets] - [29/06/2013 13:01:32]
AdwCleaner[S3].txt - [1144 octets] - [29/06/2013 18:31:31]
AdwCleaner[S4].txt - [1249 octets] - [30/06/2013 15:15:56]
AdwCleaner[S5].txt - [2440 octets] - [13/07/2013 22:07:28]

########## EOF - C:\AdwCleaner[S5].txt - [2500 octets] ##########
--- --- ---

schrauber 14.07.2013 12:27

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. noch Probleme? :)

hundkatze 15.07.2013 15:43
hi schrauber,

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d7288e37a68fb942ba81ba493df53d28
# engine=14394
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-15 12:15:45
# local_time=2013-07-15 02:15:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 0 239270635 30626 0
# compatibility_mode=5893 16776573 100 94 0 125477195 0 0
# scanned=124504
# found=0
# cleaned=0
# scan_time=25902

Code:
Results of screen317's Security Check version 0.99.68 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
 Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Adobe Reader 10.1.0 Adobe Reader out of Date! 
 Mozilla Firefox 20.0.1 Firefox out of Date! 
 Google Chrome 28.0.1500.71 
 Google Chrome 28.0.1500.72 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01 (ATTENTION: FRST version is 16 days old)
Ran by Alex (administrator) on 15-07-2013 16:42:04
Running from C:\Users\Alex\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Windows\PLFSetI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2723624 2011-03-28] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [Ocs_SM] C:\Users\Alex\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [x]
HKLM\...\Run: [PLFSetI] C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe" [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2013-06-29] ()
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-07-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
SearchScopes: HKCU - {49852460-DD75-4225-9585-51E74DAFF487} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {68F097BE-5436-4587-8F38-A53ED4ED02B0} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {8872E3C6-829F-44F4-8EC5-AB65D8E42371} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {AAA93870-1552-418F-A6BA-58FADD6F1F8C} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C4150A23-7E4A-44ED-B728-D486940C1F09} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C8FDAD71-AD7D-4B94-8E9E-2987CF4C180A} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=6ab050d1-0ab2-455c-90e8-5bbb2884e72a&pid=freewarede&mode=bounce&k=0
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121018165358.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121018165359.dll No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\8tw6mhjg.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [blyrics@be-lyrics.net] C:\Program Files (x86)\bLyrics\120.xpi

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-26] (Avira Operations GmbH & Co. KG)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [285795 2013-06-29] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-14 19:02 - 2013-07-14 19:02 - 02347384 ____A (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_enu (1).exe
2013-07-14 19:02 - 2013-07-14 19:02 - 00033813 ____A C:\Users\Alex\Downloads\FRST.txt
2013-07-14 19:01 - 2013-07-14 19:01 - 01777839 ____A (Farbar) C:\Users\Alex\Downloads\FRST64 (1).exe
2013-07-14 19:00 - 2013-07-14 19:00 - 00891022 ____A C:\Users\Alex\Downloads\SecurityCheck.exe
2013-07-14 13:39 - 2013-07-14 13:39 - 02347384 ____A (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_enu.exe
2013-07-13 22:21 - 2013-07-13 22:21 - 00000976 ____A C:\Users\Alex\Desktop\JRT.txt
2013-07-13 22:15 - 2013-07-13 22:15 - 00559441 ____A (Oleg N. Scherbakov) C:\Users\Alex\Downloads\JRT.exe
2013-07-13 22:07 - 2013-07-13 22:08 - 00002569 ____A C:\AdwCleaner[S5].txt
2013-07-13 22:07 - 2013-07-13 22:07 - 00662345 ____A C:\Users\Alex\Downloads\adwcleaner.exe
2013-07-13 22:07 - 2013-07-13 22:07 - 00662345 ____A C:\Users\Alex\Desktop\adwcleaner.exe
2013-07-13 21:29 - 2013-07-13 21:30 - 00000000 ____D C:\Users\Alex\Desktop\Musik
2013-07-13 20:54 - 2013-07-13 20:54 - 00027489 ____A C:\Users\Alex\Downloads\Addition.txt
2013-07-13 20:51 - 2013-07-13 20:51 - 01777829 ____A (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2013-07-13 19:39 - 2013-07-13 19:39 - 00075840 ____A C:\Users\Alex\Desktop\OTL.Txt
2013-07-13 03:06 - 2013-05-29 08:15 - 17829376 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-13 03:06 - 2013-05-29 07:50 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-13 03:06 - 2013-05-29 07:43 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-13 03:06 - 2013-05-29 07:36 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-13 03:06 - 2013-05-29 07:35 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-13 03:06 - 2013-05-29 07:34 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-13 03:06 - 2013-05-29 07:33 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-13 03:06 - 2013-05-29 07:31 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-13 03:06 - 2013-05-29 07:29 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-13 03:06 - 2013-05-29 07:29 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-13 03:06 - 2013-05-29 07:29 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-13 03:06 - 2013-05-29 07:27 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-13 03:06 - 2013-05-29 07:27 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-13 03:06 - 2013-05-29 07:25 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-13 03:06 - 2013-05-29 07:25 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-13 03:06 - 2013-05-29 07:18 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-13 03:06 - 2013-05-29 03:56 - 12333568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-13 03:06 - 2013-05-29 03:50 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-13 03:06 - 2013-05-29 03:48 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-13 03:06 - 2013-05-29 03:41 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-13 03:06 - 2013-05-29 03:41 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-13 03:06 - 2013-05-29 03:41 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-13 03:06 - 2013-05-29 03:40 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-13 03:06 - 2013-05-29 03:38 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-13 03:06 - 2013-05-29 03:37 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-13 03:06 - 2013-05-29 03:36 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-13 03:06 - 2013-05-29 03:35 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-13 03:06 - 2013-05-29 03:35 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-13 03:06 - 2013-05-29 03:33 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-13 03:06 - 2013-05-29 03:33 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-13 03:06 - 2013-05-29 03:33 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-13 03:06 - 2013-05-29 03:29 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 22:25 - 2013-06-04 08:00 - 00624128 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-07-11 22:25 - 2013-06-04 06:53 - 00509440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 22:25 - 2013-05-06 08:03 - 01887744 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-07-11 22:25 - 2013-05-06 06:56 - 01620480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 22:24 - 2013-06-05 05:34 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-11 22:24 - 2013-04-10 07:45 - 01545728 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-11 22:24 - 2013-04-10 07:02 - 01077760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-02 15:37 - 2013-07-13 22:47 - 00002187 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-02 15:36 - 2013-07-15 15:53 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-02 15:36 - 2013-07-15 15:27 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-02 15:35 - 2013-07-02 15:35 - 00000000 ____D C:\Users\Alex\AppData\Local\Mozilla
2013-07-02 15:34 - 2013-07-02 15:34 - 00001155 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 16:16 - 2013-06-30 21:34 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-30 15:15 - 2013-06-30 15:16 - 00001249 ____A C:\AdwCleaner[S4].txt
2013-06-30 15:02 - 2013-06-30 21:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-30 15:02 - 2013-06-30 21:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-30 15:02 - 2013-06-30 15:02 - 00001117 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-30 15:02 - 2013-06-30 15:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Malwarebytes
2013-06-30 15:02 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-30 15:01 - 2013-06-30 15:00 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Alex\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-30 09:39 - 2013-06-30 09:39 - 00016491 ____A C:\ComboFix.txt
2013-06-30 09:31 - 2013-06-30 21:33 - 00000000 ____D C:\Qoobox
2013-06-30 09:31 - 2013-06-30 09:39 - 00000000 ____D C:\ComboFix
2013-06-30 09:31 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-30 09:31 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-30 09:31 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-30 09:31 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-30 09:30 - 2013-06-30 21:34 - 00000000 ____D C:\Windows\erdnt
2013-06-30 09:30 - 2013-06-30 09:30 - 05084379 ___RA (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2013-06-29 22:58 - 2013-06-29 22:58 - 01933592 ____A (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2013-06-29 22:58 - 2013-06-29 22:58 - 00000000 ____D C:\FRST
2013-06-29 21:05 - 2013-06-29 21:05 - 00602112 ____A (OldTimer Tools) C:\Users\Alex\Desktop\OTL.exe
2013-06-29 20:57 - 2013-06-29 20:57 - 00008480 ____A C:\Users\Alex\Documents\Ereignisse.txt
2013-06-29 18:34 - 2013-06-29 18:34 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2013-06-29 18:31 - 2013-06-29 18:31 - 00001144 ____A C:\AdwCleaner[S3].txt
2013-06-29 18:31 - 2013-06-29 18:31 - 00001081 ____A C:\AdwCleaner[R3].txt
2013-06-29 18:29 - 2013-06-29 18:29 - 00890988 ____A C:\Users\Alex\Desktop\SecurityCheck (2).exe
2013-06-29 13:01 - 2013-06-29 13:01 - 00001024 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:01 - 2013-06-29 13:01 - 00000963 ____A C:\AdwCleaner[R2].txt
2013-06-29 12:59 - 2013-06-29 13:00 - 00000904 ____A C:\AdwCleaner[R1].txt
2013-06-24 18:22 - 2013-06-24 18:22 - 00000000 ____D C:\Users\Alex\AppData\Roaming\InstallShield
2013-06-24 18:22 - 2009-05-27 10:54 - 01654784 ____A (SuYin) C:\Windows\Acer Crystal Eye webcam.EXE
2013-06-24 18:22 - 2009-05-27 10:48 - 00008362 ____A C:\Windows\Suyin.reg
2013-06-24 18:22 - 2009-05-11 17:39 - 00000323 ____A C:\Windows\PidList.ini
2013-06-24 18:22 - 2008-12-30 13:42 - 00626688 ____A C:\Windows\Image.dll
2013-06-24 18:22 - 2008-07-29 19:29 - 00200704 ____A () C:\Windows\PLFSetI.exe
2013-06-24 18:22 - 2008-06-25 14:22 - 00020480 ____A C:\Windows\USB_VIDEO_REG.exe

==================== One Month Modified Files and Folders =======

2013-07-15 16:33 - 2012-03-20 17:22 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-15 16:01 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-15 16:01 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-15 15:57 - 2012-04-18 14:37 - 02091866 ____A C:\Windows\WindowsUpdate.log
2013-07-15 15:53 - 2013-07-02 15:36 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-15 15:53 - 2012-12-01 21:12 - 00065536 _____ C:\Windows\System32\Ikeext.etl
2013-07-15 15:53 - 2012-12-01 17:53 - 00000433 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-07-15 15:53 - 2009-07-14 06:51 - 00064920 ____A C:\Windows\setupact.log
2013-07-15 15:52 - 2010-11-21 05:47 - 00873532 ____A C:\Windows\PFRO.log
2013-07-15 15:52 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-15 15:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-15 15:27 - 2013-07-02 15:36 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-15 02:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-07-14 19:02 - 2013-07-14 19:02 - 02347384 ____A (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_enu (1).exe
2013-07-14 19:02 - 2013-07-14 19:02 - 00033813 ____A C:\Users\Alex\Downloads\FRST.txt
2013-07-14 19:01 - 2013-07-14 19:01 - 01777839 ____A (Farbar) C:\Users\Alex\Downloads\FRST64 (1).exe
2013-07-14 19:00 - 2013-07-14 19:00 - 00891022 ____A C:\Users\Alex\Downloads\SecurityCheck.exe
2013-07-14 18:43 - 2013-01-18 20:18 - 00000000 ____D C:\Users\Alex\AppData\Roaming\TS3Client
2013-07-14 13:55 - 2012-10-18 19:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-14 13:53 - 2012-11-01 01:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2013-07-14 13:39 - 2013-07-14 13:39 - 02347384 ____A (ESET) C:\Users\Alex\Downloads\esetsmartinstaller_enu.exe
2013-07-13 22:47 - 2013-07-02 15:37 - 00002187 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-13 22:21 - 2013-07-13 22:21 - 00000976 ____A C:\Users\Alex\Desktop\JRT.txt
2013-07-13 22:15 - 2013-07-13 22:15 - 00559441 ____A (Oleg N. Scherbakov) C:\Users\Alex\Downloads\JRT.exe
2013-07-13 22:15 - 2013-06-11 16:39 - 00559441 ____A (Oleg N. Scherbakov) C:\Users\Alex\Desktop\JRT.exe
2013-07-13 22:14 - 2013-06-11 16:39 - 00000000 ____D C:\JRT
2013-07-13 22:08 - 2013-07-13 22:07 - 00002569 ____A C:\AdwCleaner[S5].txt
2013-07-13 22:07 - 2013-07-13 22:07 - 00662345 ____A C:\Users\Alex\Downloads\adwcleaner.exe
2013-07-13 22:07 - 2013-07-13 22:07 - 00662345 ____A C:\Users\Alex\Desktop\adwcleaner.exe
2013-07-13 21:30 - 2013-07-13 21:29 - 00000000 ____D C:\Users\Alex\Desktop\Musik
2013-07-13 21:30 - 2013-03-13 22:07 - 00000000 ____D C:\Users\Alex\Desktop\BigBang -- HIMUM
2013-07-13 20:54 - 2013-07-13 20:54 - 00027489 ____A C:\Users\Alex\Downloads\Addition.txt
2013-07-13 20:51 - 2013-07-13 20:51 - 01777829 ____A (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2013-07-13 19:39 - 2013-07-13 19:39 - 00075840 ____A C:\Users\Alex\Desktop\OTL.Txt
2013-07-13 03:31 - 2009-07-14 06:45 - 00282568 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-13 03:29 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 03:29 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-13 03:29 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-13 03:12 - 2012-04-19 00:25 - 00654166 ____A C:\Windows\System32\perfh007.dat
2013-07-13 03:12 - 2012-04-19 00:25 - 00130006 ____A C:\Windows\System32\perfc007.dat
2013-07-13 03:12 - 2009-07-14 07:13 - 01519874 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-13 03:08 - 2012-12-22 15:52 - 78185248 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-08 13:04 - 2012-12-19 22:05 - 00000000 ____D C:\Users\Alex\AppData\Local\Paint.NET
2013-07-02 15:37 - 2012-10-18 14:35 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-02 15:35 - 2013-07-02 15:35 - 00000000 ____D C:\Users\Alex\AppData\Local\Mozilla
2013-07-02 15:35 - 2013-01-03 01:03 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Mozilla
2013-07-02 15:34 - 2013-07-02 15:34 - 00001155 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\ProgramData\Mozilla
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 15:34 - 2013-07-02 15:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 21:48 - 2012-10-18 14:26 - 00000000 ____D C:\users\Alex
2013-06-30 21:34 - 2013-06-30 16:16 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-30 21:34 - 2013-06-30 15:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-30 21:34 - 2013-06-30 09:30 - 00000000 ____D C:\Windows\erdnt
2013-06-30 21:34 - 2013-06-11 16:40 - 00000000 ____D C:\Windows\ERUNT
2013-06-30 21:34 - 2012-10-18 15:52 - 00000000 ____D C:\Users\Alex\AppData\Local\Akamai
2013-06-30 21:34 - 2012-03-20 17:19 - 00000000 ____D C:\ProgramData\BackupManager
2013-06-30 21:33 - 2013-06-30 15:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-30 21:33 - 2013-06-30 09:31 - 00000000 ____D C:\Qoobox
2013-06-30 21:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-30 21:27 - 2012-12-30 16:51 - 00000000 ____D C:\users\hedev
2013-06-30 15:16 - 2013-06-30 15:15 - 00001249 ____A C:\AdwCleaner[S4].txt
2013-06-30 15:02 - 2013-06-30 15:02 - 00001117 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-30 15:02 - 2013-06-30 15:02 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Malwarebytes
2013-06-30 15:00 - 2013-06-30 15:01 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Alex\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-30 09:39 - 2013-06-30 09:39 - 00016491 ____A C:\ComboFix.txt
2013-06-30 09:39 - 2013-06-30 09:31 - 00000000 ____D C:\ComboFix
2013-06-30 09:39 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-06-30 09:37 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-30 09:30 - 2013-06-30 09:30 - 05084379 ___RA (Swearware) C:\Users\Alex\Desktop\ComboFix.exe
2013-06-29 22:58 - 2013-06-29 22:58 - 01933592 ____A (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2013-06-29 22:58 - 2013-06-29 22:58 - 00000000 ____D C:\FRST
2013-06-29 21:05 - 2013-06-29 21:05 - 00602112 ____A (OldTimer Tools) C:\Users\Alex\Desktop\OTL.exe
2013-06-29 20:57 - 2013-06-29 20:57 - 00008480 ____A C:\Users\Alex\Documents\Ereignisse.txt
2013-06-29 18:34 - 2013-06-29 18:34 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2013-06-29 18:31 - 2013-06-29 18:31 - 00001144 ____A C:\AdwCleaner[S3].txt
2013-06-29 18:31 - 2013-06-29 18:31 - 00001081 ____A C:\AdwCleaner[R3].txt
2013-06-29 18:29 - 2013-06-29 18:29 - 00890988 ____A C:\Users\Alex\Desktop\SecurityCheck (2).exe
2013-06-29 13:01 - 2013-06-29 13:01 - 00001024 ____A C:\AdwCleaner[S2].txt
2013-06-29 13:01 - 2013-06-29 13:01 - 00000963 ____A C:\AdwCleaner[R2].txt
2013-06-29 13:00 - 2013-06-29 12:59 - 00000904 ____A C:\AdwCleaner[R1].txt
2013-06-26 12:52 - 2013-05-14 14:54 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-06-24 18:35 - 2012-12-19 22:06 - 00000000 ____D C:\Program Files\Paint.NET
2013-06-24 18:22 - 2013-06-24 18:22 - 00000000 ____D C:\Users\Alex\AppData\Roaming\InstallShield
2013-06-24 18:22 - 2012-03-20 16:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-13 04:01

==================== End Of Log ============================
--- --- ---



sieht soweit alles gut aus!

Danke für deine Hilfe!

Gruß hundkatze

schrauber 15.07.2013 19:02
Adobe und Firefox updaten.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:54 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27