Mozilla Firefoxe langsam / Chrome auch und Flashplayer absturz
Also seit ca 2 Tagen habe ich mit den Firefoxe probleme , seiten werden langsam geladen , LTE speed ist aber da , weil auf dem Galaxy Tab läuft es schneller das laden der seiten.
habe schon 3mal adwareclaener drüber laufen lassen , in den ersten 3-4 stunden nach neustart geht es aber dann wirds wieder langsam. dazu kommt das ständig es passiert das das adobe flashplayer plugin abstürzt.
hier mal die FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Rico (administrator) on RICO-PC on 13-10-2013 14:41:48
Running from C:\Users\Rico\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\java.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
() C:\Users\Rico\Desktop\adwcleaner_3.0.0.7.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1702400 2009-10-26] (Motorola Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [Personal ID] - C:\coolspot AG\Personal ID\pid.exe [1134008 2009-03-04] (coolspot AG, Düsseldorf)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKCU\...\Run: [GoPalAssistant] - C:\Program Files (x86)\MEDION GoPal Assistant\Assistant_Starter.exe [260608 2013-05-27] (MEDION)
MountPoints2: {3164d9ae-d006-11e2-b792-001060d14c30} - E:\Setup\Autorun.exe
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Ulead AutoDetector] - C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [45056 2003-03-24] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [DLSService] - "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [548864 2009-02-04] ()
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/links/home
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x26B14F2E752CCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {5F33918C-4091-439E-B1F9-657D6F60E62F} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKCU - {E50F5235-42F7-4645-A154-1273E9B07D79} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKCU - {E7359880-4F31-44D2-B6B6-D806AC158565} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: 1&&1 Internet AG Browser Configuration by mquadr.at - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\SysWow64\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.2
FireFox:
========
FF ProfilePath: C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default
FF DefaultSearchEngine: webwebweb
FF SelectedSearchEngine: webwebweb
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @dymo.com/DymoLabelFramework - C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\ich@maltegoetz.de
FF Extension: DownloadHelper - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: ffext_basicvideoext - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\ffext_basicvideoext@startpage24.xpi
FF Extension: pluswinks - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\pluswinks@PlusWinks.xpi
FF Extension: speedanalysis02 - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi
FF Extension: youtubeunblocker - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
FF Extension: No Name - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
FF Extension: No Name - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Session Manager) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi\0.4_0
CHR Extension: (YouTube) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Add to Amazon Wish List) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0
CHR Extension: (Google Search) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [bebnnlollpcjnfpkafhoclljaojgnfok] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4153784 2013-09-13] (Emsisoft GmbH)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-08-30] (AVAST Software)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 serviceIEConfig; C:\Windows\SysWOW64\ieconfig_1und1_svc.exe [1053848 2013-06-01] ()
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-09-05] (Emsisoft GmbH)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-09-05] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-05] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-05] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2013-03-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [270824 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-09-30] (Emsisoft GmbH)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-09-30] (Emsisoft GmbH)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [47104 2007-01-08] (Windows (R) Codename Longhorn DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MirayVirtualDisk; C:\Windows\System32\DRIVERS\mvd.sys [108624 2013-02-15] (Miray)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R0 Si3531; C:\Windows\System32\DRIVERS\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22568 2009-02-09] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [16936 2009-02-09] (Silicon Image, Inc.)
R3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-10-26] (Motorola Inc.)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-07-15] (Jungo)
S3 cpuz136; \??\C:\Users\Rico\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-13 14:40 - 2013-10-13 14:40 - 00001126 _____ C:\Users\Rico\Desktop\FRST64 - Verknüpfung.lnk
2013-10-13 14:10 - 2013-10-13 14:22 - 00000000 ____D C:\Users\Rico\AppData\Roaming\TeamViewer
2013-10-10 22:55 - 2013-10-09 15:01 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Rico\Desktop\TDSSKiller.exe
2013-10-10 22:30 - 2013-10-10 22:30 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Rico\Downloads\tdsskiller.exe
2013-10-10 21:57 - 2013-10-10 22:00 - 00033833 _____ C:\Users\Rico\Downloads\Addition.txt
2013-10-10 21:46 - 2013-10-10 21:46 - 00000000 ____D C:\FRST
2013-10-10 21:41 - 2013-10-10 21:41 - 01954124 _____ (Farbar) C:\Users\Rico\Downloads\FRST64.exe
2013-10-10 10:29 - 2013-10-10 10:29 - 01048960 _____ C:\Users\Rico\Desktop\adwcleaner_3.0.0.7.exe
2013-10-09 00:37 - 2013-10-09 00:36 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-09 00:37 - 2013-10-09 00:36 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-09 00:37 - 2013-10-09 00:36 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-09 00:37 - 2013-10-09 00:36 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-08 23:32 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-08 23:32 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-08 23:32 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-08 23:32 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-08 23:32 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-08 23:32 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-08 23:32 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-08 23:32 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-08 23:32 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-08 23:32 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-08 23:32 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-08 23:32 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-08 23:32 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-08 23:31 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-08 23:31 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-08 23:31 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-08 23:31 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-08 23:31 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-08 23:31 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-08 23:31 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-08 23:31 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-08 23:31 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-08 23:31 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-08 23:31 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-08 23:31 - 2013-07-03 06:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-08 23:31 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-08 23:31 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-08 23:30 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-08 23:30 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-08 23:30 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-08 23:30 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-08 23:30 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-08 23:30 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-08 23:30 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-08 23:30 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-08 23:30 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-08 23:30 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-08 23:30 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-08 23:30 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-08 23:30 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-08 23:30 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-08 23:29 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 23:29 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 23:28 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-08 23:28 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-08 23:28 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-08 23:28 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-08 23:28 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-08 23:28 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-08 23:28 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-08 23:28 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-08 23:28 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-05 12:58 - 2013-02-03 16:56 - 00000000 ____D C:\Users\Rico\Desktop\Emsisoft.AIO.Crack.v1.3.2-MAFIA
2013-09-22 16:33 - 2013-09-22 16:33 - 00000000 _____ C:\Users\Rico\Desktop\CCcam.cfg
2013-09-21 13:16 - 2013-09-21 13:16 - 02539062 _____ C:\Users\Rico\AppData\Local[j0002]-[p01].bmp
2013-09-21 12:53 - 2013-09-21 13:22 - 02539062 _____ C:\Users\Rico\AppData\Local[j0003]-[p01].bmp
2013-09-21 12:40 - 2013-09-21 12:40 - 02539062 _____ C:\Users\Rico\AppData\Local[j0006]-[p01].bmp
2013-09-18 22:08 - 2013-09-18 22:08 - 00094208 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2013-09-17 22:14 - 2013-09-17 22:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-15 10:37 - 2013-09-15 10:38 - 01069288 _____ (Solid State Networks) C:\Users\Rico\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe
==================== One Month Modified Files and Folders =======
2013-10-13 14:43 - 2013-06-05 10:09 - 00000000 ____D C:\Users\Rico\AppData\Roaming\NetSpeedMonitor
2013-10-13 14:40 - 2013-10-13 14:40 - 00001126 _____ C:\Users\Rico\Desktop\FRST64 - Verknüpfung.lnk
2013-10-13 14:39 - 2013-09-05 10:31 - 00000000 ____D C:\AdwCleaner
2013-10-13 14:34 - 2013-05-25 10:13 - 00000000 ____D C:\Users\Rico\AppData\Roaming\Skype
2013-10-13 14:22 - 2013-10-13 14:10 - 00000000 ____D C:\Users\Rico\AppData\Roaming\TeamViewer
2013-10-13 14:05 - 2013-05-26 18:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-13 13:57 - 2013-04-01 12:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-13 09:15 - 2013-03-29 14:49 - 01082228 _____ C:\Windows\WindowsUpdate.log
2013-10-13 02:32 - 2009-07-14 06:45 - 00020288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-13 02:32 - 2009-07-14 06:45 - 00020288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-12 15:57 - 2013-04-01 12:14 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-12 11:22 - 2010-11-21 08:50 - 00700418 _____ C:\Windows\system32\perfh007.dat
2013-10-12 11:22 - 2010-11-21 08:50 - 00149182 _____ C:\Windows\system32\perfc007.dat
2013-10-12 11:22 - 2009-07-14 07:13 - 01621244 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 17:15 - 2013-06-09 18:30 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-10-11 17:14 - 2013-03-29 15:32 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-11 17:14 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-11 17:14 - 2009-07-14 06:51 - 00045508 _____ C:\Windows\setupact.log
2013-10-10 23:54 - 2013-05-25 18:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-10 23:52 - 2010-11-21 05:47 - 00053160 _____ C:\Windows\PFRO.log
2013-10-10 22:30 - 2013-10-10 22:30 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Rico\Downloads\tdsskiller.exe
2013-10-10 22:00 - 2013-10-10 21:57 - 00033833 _____ C:\Users\Rico\Downloads\Addition.txt
2013-10-10 21:46 - 2013-10-10 21:46 - 00000000 ____D C:\FRST
2013-10-10 21:41 - 2013-10-10 21:41 - 01954124 _____ (Farbar) C:\Users\Rico\Downloads\FRST64.exe
2013-10-10 10:29 - 2013-10-10 10:29 - 01048960 _____ C:\Users\Rico\Desktop\adwcleaner_3.0.0.7.exe
2013-10-09 15:52 - 2013-04-01 12:14 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-09 15:52 - 2013-04-01 12:14 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 15:01 - 2013-10-10 22:55 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Rico\Desktop\TDSSKiller.exe
2013-10-09 08:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-09 07:39 - 2009-07-14 06:45 - 00462656 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-09 07:38 - 2013-05-28 19:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-09 07:38 - 2013-05-28 19:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-09 07:37 - 2013-09-05 11:05 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2013-10-09 04:05 - 2013-05-26 18:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 04:05 - 2013-05-26 18:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 04:05 - 2013-05-26 18:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 03:20 - 2013-05-27 11:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-09 03:20 - 2013-04-01 13:05 - 00175769 _____ C:\Windows\IE10_main.log
2013-10-09 03:16 - 2013-05-25 11:03 - 01599138 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-09 03:10 - 2013-07-25 16:03 - 00000000 ____D C:\Windows\system32\MRT
2013-10-09 03:07 - 2013-05-24 14:51 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 00:36 - 2013-10-09 00:37 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-09 00:36 - 2013-10-09 00:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-09 00:36 - 2013-10-09 00:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-09 00:36 - 2013-10-09 00:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-10-09 00:36 - 2013-05-31 11:36 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-10-09 00:36 - 2013-05-31 11:36 - 00973736 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-10-06 12:06 - 2013-09-02 18:39 - 00003115 _____ C:\Windows\system32\TeamViewer8_Hooks.log
2013-10-06 12:06 - 2013-07-12 14:12 - 00001090 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-10-05 15:23 - 2013-06-08 14:10 - 00000835 _____ C:\Users\Rico\Desktop\Demon Slayer - Anmeldeclient.lnk
2013-10-05 13:02 - 2013-06-04 22:39 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-10-05 01:58 - 2013-04-01 12:15 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-22 16:33 - 2013-09-22 16:33 - 00000000 _____ C:\Users\Rico\Desktop\CCcam.cfg
2013-09-21 13:22 - 2013-09-21 12:53 - 02539062 _____ C:\Users\Rico\AppData\Local[j0003]-[p01].bmp
2013-09-21 13:16 - 2013-09-21 13:16 - 02539062 _____ C:\Users\Rico\AppData\Local[j0002]-[p01].bmp
2013-09-21 12:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-21 12:40 - 2013-09-21 12:40 - 02539062 _____ C:\Users\Rico\AppData\Local[j0006]-[p01].bmp
2013-09-21 11:16 - 2013-05-26 16:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-20 14:47 - 2013-05-25 12:36 - 00000000 ____D C:\Program Files (x86)\DivX
2013-09-20 14:47 - 2013-05-25 12:35 - 00000000 ____D C:\ProgramData\DivX
2013-09-19 10:26 - 2013-05-26 16:53 - 00000000 ____D C:\Users\Rico\AppData\Local\Mozilla
2013-09-18 22:08 - 2013-09-18 22:08 - 00094208 _____ (DivX, Inc.) C:\Windows\SysWOW64\dpl100.dll
2013-09-18 10:15 - 2013-07-30 17:59 - 00000000 ____D C:\Program Files (x86)\TMbot
2013-09-17 22:14 - 2013-09-17 22:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-17 12:23 - 2013-07-19 11:41 - 00007629 _____ C:\Users\Rico\AppData\Local\Resmon.ResmonCfg
2013-09-15 12:26 - 2013-05-25 18:38 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-15 10:38 - 2013-09-15 10:37 - 01069288 _____ (Solid State Networks) C:\Users\Rico\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe
2013-09-14 03:10 - 2013-10-08 23:31 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-09-13 03:55 - 2013-03-29 14:50 - 00000000 ___RD C:\Users\Rico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 03:55 - 2013-03-29 14:50 - 00000000 ___RD C:\Users\Rico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
Some content of TEMP:
====================
C:\Users\Rico\AppData\Local\Temp\7z920.exe
C:\Users\Rico\AppData\Local\Temp\aelfzwlf.dll
C:\Users\Rico\AppData\Local\Temp\AskSLib.dll
C:\Users\Rico\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Rico\AppData\Local\Temp\DefaultAssets.exe
C:\Users\Rico\AppData\Local\Temp\DefaultOfflineContent.exe
C:\Users\Rico\AppData\Local\Temp\DivXSetup.exe
C:\Users\Rico\AppData\Local\Temp\Execute2App.exe
C:\Users\Rico\AppData\Local\Temp\IntResource64.dll
C:\Users\Rico\AppData\Local\Temp\msvcp90.dll
C:\Users\Rico\AppData\Local\Temp\msvcr90.dll
C:\Users\Rico\AppData\Local\Temp\NLStubInstallerResources.dll
C:\Users\Rico\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Rico\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Rico\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Rico\AppData\Local\Temp\nvStInst.exe
C:\Users\Rico\AppData\Local\Temp\PCCU_Installer.exe
C:\Users\Rico\AppData\Local\Temp\Quarantine.exe
C:\Users\Rico\AppData\Local\Temp\SAV2RemoveAll.exe
C:\Users\Rico\AppData\Local\Temp\Setup530.exe
C:\Users\Rico\AppData\Local\Temp\SHSetup.exe
C:\Users\Rico\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Rico\AppData\Local\Temp\uninst1.exe
C:\Users\Rico\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Rico\AppData\Local\Temp\w64.exe
C:\Users\Rico\AppData\Local\Temp\_PC_DRIVERS_HQAssets.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-02 11:38
==================== End Of Log ============================
--- --- ---
und die Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Rico at 2013-10-13 15:08:58
Running from C:\Users\Rico\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Internet Security (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Internet Security (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security (Enabled) {131692B0-0864-D491-4E21-3A3A1D8BBB47}
==================== Installed Programs ======================
1&1 EasyLogin (x32)
1und1 Internet Explorer Add-On (x32 Version: 1.0)
1und1 Internet Explorer Add-On (x32)
7-Zip 9.20 (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AAF_Recovery_tool installer V4.6 (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
avast! Internet Security (x32 Version: 8.0.1497.0)
Bonjour (Version: 2.0.2.0)
CAS Studio 9.8.2 (x32 Version: 9.8.2)
CPUID HWMonitor 1.21
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
diclovit's mod pack 1.6.91 (x32 Version: 1.6.91)
DivX-Setup (x32 Version: 2.6.1.84)
Dokan Library 0.6.0 (x32)
DYMO Label Software (x32)
DYMO Label v.8 (x32 Version: 8.5.0.1751)
DYMO LabelWriter Drivers (Version: 8.3.0.443)
Emsisoft Anti-Malware (x32 Version: 8.0)
Google Chrome (x32 Version: 30.0.1599.69)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
HDClone 4.2 Enterprise Edition (x32 Version: 4.2)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196)
ImgBurn (x32 Version: 2.5.7.0)
ITECIR Driver (x32 Version: 1.00.000)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 40 (64-bit) (Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.5)
JDownloader 0.9 (x32 Version: 0.9)
Lagarith Lossless Codec (1.3.27) (x32)
LAME v3.99.3 (for Windows) (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Maxiboot Installer V1.5 (x32)
MEDION GoPal Assistant (x32 Version: 6.2.7.12196)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Corporation (x32 Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.60.253.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Motorola SM56 Speakerphone Modem (Version: 6.12.25.06)
MozBackup 1.5.1 (x32)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 11 (x32 Version: 11.2.01000)
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0)
Nero 11 Effects Basic (x32 Version: 11.0.11400.14.0)
Nero 11 Image Samples (x32 Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (x32 Version: 11.0.11400.14.0)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero BackItUp 11 (x32 Version: 6.2.18400.2.100)
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.11100.8.0)
Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0)
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300)
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27)
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Core Components 11 (x32 Version: 11.0.16300.1.23)
Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100)
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Express 11 (x32 Version: 11.2.10300.0.0)
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Kwik Media (x32 Version: 1.14.11600.19.100)
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200)
Nero Recode 11 (x32 Version: 5.2.10900.0.0)
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10500)
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400)
Nero SharedVideoCodecs (x32 Version: 1.0.11500.1.5)
Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100)
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Update (x32 Version: 11.0.11500.28.0)
Nero Video 11 (x32 Version: 8.2.15700.3.100)
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300)
Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100)
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400)
nero.prerequisites.msi (x32 Version: 11.0.20010)
NetObjects Fusion 12.0 (x32 Version: 12 German)
NetObjects Fusion 12.0 (x32 Version: 12.00.5000.5041)
NetSpeedMonitor 2.5.4.0 x64 (Version: 2.5.4.0)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.125.816)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
Personal ID (x32 Version: 1.8.5)
POIbase 1.066 (x32)
Samsung Kies (x32 Version: 2.5.3.13043_14)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1)
Samsung Universal Print Driver (x32)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
SDFormatter (x32 Version: 4.0.0)
SetEditHD100 (remove only) (x32)
SetIP (x32 Version: 1.04.01.00)
Skype™ 6.6 (x32 Version: 6.6.106)
StreamTransport version: 1.0.2.2171 (x32)
System Requirements Lab for Intel (x32 Version: 4.5.13.0)
TeamViewer 8 (x32 Version: 8.0.22298)
TManager 5.6.5 (x32)
Total Commander 64-bit (Remove or Repair) (Version: 8.01)
Travian Crop Tool 1.10 (x32 Version: 1.10)
Ulead COOL 360 1.0 (x32)
Ulead Photo Explorer 8.0 SE Basic (x32 Version: 8.0)
Ulead VideoStudio 7 SE VCD (x32 Version: 7.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition
USB2.0 1.3M WebCam (x32 Version: 6.32.00.004b)
VCDS AIB 11.11 (x32 Version: AIB 11.11)
VideoPerformer (x32)
VLC media player 2.0.7 (x32 Version: 2.0.7)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows-Treiberpaket - Auto-Intern USB-Treiber (03/30/2010 2.06.02) (Version: 03/30/2010 2.06.02)
Windows-Treiberpaket - Auto-Intern Virtueller COM-Port-Treiber (03/30/2010 2.06.02) (Version: 03/30/2010 2.06.02)
Windows-Treiberpaket - ITE Tech.Inc. (itecir) HIDClass (01/05/2007 5.0.0003.2) (Version: 01/05/2007 5.0.0003.2)
Windows-Treiberpaket - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (Version: 06/16/2010 2.06.02)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WinZip 17.5 (Version: 17.5.10480)
World of Tanks (x32)
Xvid Video Codec (x32 Version: 1.3.2)
==================== Restore Points =========================
01-10-2013 01:00:13 Windows Update
01-10-2013 11:54:37 Windows Update
02-10-2013 01:00:17 Windows Update
03-10-2013 01:00:13 Windows Update
04-10-2013 01:00:12 Windows Update
05-10-2013 01:00:14 Windows Update
06-10-2013 01:00:17 Windows Update
07-10-2013 01:00:15 Windows Update
08-10-2013 01:00:24 Windows Update
08-10-2013 22:35:38 Installed Java 7 Update 40 (64-bit)
09-10-2013 01:00:15 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {145E45D1-FEEC-447B-89C4-CCAC269BE258} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\Norton PC Checkup 3.0\NLAppLauncher.exe
Task: {2DBB5082-99D9-4620-8E0A-39E5E91B3E07} - \DSite No Task File
Task: {3330ACB4-454B-4CC7-A908-2AF9FEDEADCF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: {38F6D2E0-E43C-4090-8E88-710BA3B82319} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {85D5E96A-3FD5-47C3-913F-ACFDF4FAD4C1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {8D715B07-B470-496F-AC01-2D71F165319F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {996959FD-9F15-4748-9406-09B486836783} - \QtraxPlayer No Task File
Task: {A016F0FB-4435-4506-AEE8-D791C835AE3C} - System32\Tasks\4578 => C:\Users\Rico\AppData\Local\Temp\launchie.vbsC:\Users\Rico\AppData\Local\Temp\launchie.vbs //B
Task: {AF057A25-4F01-425E-AC49-56F9AB4873B6} - System32\Tasks\0 => Iexplore.exe
Task: {B2EC126B-23F5-4FDC-B31B-CE9F7DF12260} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2666592708-3794203733-3362275663-1001
Task: {C8612B3F-1073-418D-AE28-243B194AFA08} - \DealPly No Task File
Task: {FA0B958A-DFFD-4AF4-9BF4-9576468408A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-12 21:23 - 2013-10-12 17:00 - 02105856 _____ () C:\Program Files\AVAST Software\Avast\defs\13101200\algo.dll
2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-09-17 22:14 - 2013-09-17 22:14 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-22 10:18 - 2013-07-22 10:18 - 00016808 _____ () C:\Program Files (x86)\Java\jre7\bin\jp2native.dll
2013-10-09 04:05 - 2013-10-09 04:05 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: NVIDIA GeForce 8600M GS
Description: NVIDIA GeForce 8600M GS
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/11/2013 07:57:39 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 24.0.0.5001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f38
Startzeit: 01cec694b803ed97
Endzeit: 316
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: c9b07b2c-329b-11e3-bbdf-001060d14c30
Error: (10/11/2013 05:16:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/11/2013 05:15:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Assistant_Starter.exe, Version: 6.2.7.12196, Zeitstempel: 0x51a39b87
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x9a8
Startzeit der fehlerhaften Anwendung: 0xAssistant_Starter.exe0
Pfad der fehlerhaften Anwendung: Assistant_Starter.exe1
Pfad des fehlerhaften Moduls: Assistant_Starter.exe2
Berichtskennung: Assistant_Starter.exe3
Error: (10/11/2013 05:14:54 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: Assistant_Starter.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.GetSection(System.String)
bei System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
bei System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
bei System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
bei System.Configuration.SettingsBase.SetPropertyValueByName(System.String, System.Object)
bei System.Configuration.SettingsBase.set_Item(System.String, System.Object)
bei System.Configuration.ApplicationSettingsBase.set_Item(System.String, System.Object)
bei MP.Assistant.Starter.Properties.Settings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.ApplicationSettings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.StarterApplicationContext.ReadCommandLine()
bei MP.Assistant.Starter.StarterApplicationContext..ctor()
bei MP.Assistant.Starter.Program.Main()
Error: (10/10/2013 11:54:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Assistant_Starter.exe, Version: 6.2.7.12196, Zeitstempel: 0x51a39b87
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x510
Startzeit der fehlerhaften Anwendung: 0xAssistant_Starter.exe0
Pfad der fehlerhaften Anwendung: Assistant_Starter.exe1
Pfad des fehlerhaften Moduls: Assistant_Starter.exe2
Berichtskennung: Assistant_Starter.exe3
Error: (10/10/2013 11:54:46 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: Assistant_Starter.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.GetSection(System.String)
bei System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
bei System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
bei System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
bei System.Configuration.SettingsBase.SetPropertyValueByName(System.String, System.Object)
bei System.Configuration.SettingsBase.set_Item(System.String, System.Object)
bei System.Configuration.ApplicationSettingsBase.set_Item(System.String, System.Object)
bei MP.Assistant.Starter.Properties.Settings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.ApplicationSettings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.StarterApplicationContext.ReadCommandLine()
bei MP.Assistant.Starter.StarterApplicationContext..ctor()
bei MP.Assistant.Starter.Program.Main()
Error: (10/10/2013 11:54:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 09:12:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 09:12:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Assistant_Starter.exe, Version: 6.2.7.12196, Zeitstempel: 0x51a39b87
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x880
Startzeit der fehlerhaften Anwendung: 0xAssistant_Starter.exe0
Pfad der fehlerhaften Anwendung: Assistant_Starter.exe1
Pfad des fehlerhaften Moduls: Assistant_Starter.exe2
Berichtskennung: Assistant_Starter.exe3
Error: (10/10/2013 09:11:58 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: Assistant_Starter.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.GetSection(System.String)
bei System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
bei System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
bei System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
bei System.Configuration.SettingsBase.SetPropertyValueByName(System.String, System.Object)
bei System.Configuration.SettingsBase.set_Item(System.String, System.Object)
bei System.Configuration.ApplicationSettingsBase.set_Item(System.String, System.Object)
bei MP.Assistant.Starter.Properties.Settings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.ApplicationSettings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.StarterApplicationContext.ReadCommandLine()
bei MP.Assistant.Starter.StarterApplicationContext..ctor()
bei MP.Assistant.Starter.Program.Main()
System errors:
=============
Error: (10/12/2013 05:14:59 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (10/12/2013 05:14:48 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (10/11/2013 05:14:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/11/2013 11:29:11 AM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (10/11/2013 11:29:11 AM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (10/11/2013 11:29:10 AM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (10/11/2013 11:29:09 AM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (10/11/2013 11:28:39 AM) (Source: cdrom) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.
Error: (10/10/2013 11:53:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (10/10/2013 09:11:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (10/11/2013 07:57:39 PM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.5001f3801cec694b803ed97316C:\Program Files (x86)\Mozilla Firefox\firefox.exec9b07b2c-329b-11e3-bbdf-001060d14c30
Error: (10/11/2013 05:16:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/11/2013 05:15:10 PM) (Source: Application Error)(User: )
Description: Assistant_Starter.exe6.2.7.1219651a39b87KERNELBASE.dll6.1.7601.1822951fb1116e04343520000c41f9a801cec694a2de0fedC:\Program Files (x86)\MEDION GoPal Assistant\Assistant_Starter.exeC:\Windows\syswow64\KERNELBASE.dllead1d76b-3287-11e3-bbdf-001060d14c30
Error: (10/11/2013 05:14:54 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: Assistant_Starter.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.GetSection(System.String)
bei System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
bei System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
bei System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
bei System.Configuration.SettingsBase.SetPropertyValueByName(System.String, System.Object)
bei System.Configuration.SettingsBase.set_Item(System.String, System.Object)
bei System.Configuration.ApplicationSettingsBase.set_Item(System.String, System.Object)
bei MP.Assistant.Starter.Properties.Settings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.ApplicationSettings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.StarterApplicationContext.ReadCommandLine()
bei MP.Assistant.Starter.StarterApplicationContext..ctor()
bei MP.Assistant.Starter.Program.Main()
Error: (10/10/2013 11:54:51 PM) (Source: Application Error)(User: )
Description: Assistant_Starter.exe6.2.7.1219651a39b87KERNELBASE.dll6.1.7601.1822951fb1116e04343520000c41f51001cec60346de992fC:\Program Files (x86)\MEDION GoPal Assistant\Assistant_Starter.exeC:\Windows\syswow64\KERNELBASE.dll963a322e-31f6-11e3-90a1-001060d14c30
Error: (10/10/2013 11:54:46 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: Assistant_Starter.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.GetSection(System.String)
bei System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
bei System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
bei System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
bei System.Configuration.SettingsBase.SetPropertyValueByName(System.String, System.Object)
bei System.Configuration.SettingsBase.set_Item(System.String, System.Object)
bei System.Configuration.ApplicationSettingsBase.set_Item(System.String, System.Object)
bei MP.Assistant.Starter.Properties.Settings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.ApplicationSettings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.StarterApplicationContext.ReadCommandLine()
bei MP.Assistant.Starter.StarterApplicationContext..ctor()
bei MP.Assistant.Starter.Program.Main()
Error: (10/10/2013 11:54:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 09:12:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/10/2013 09:12:17 PM) (Source: Application Error)(User: )
Description: Assistant_Starter.exe6.2.7.1219651a39b87KERNELBASE.dll6.1.7601.1822951fb1116e04343520000c41f88001cec5ec8bcdeabdC:\Program Files (x86)\MEDION GoPal Assistant\Assistant_Starter.exeC:\Windows\syswow64\KERNELBASE.dlle0b976f3-31df-11e3-b69e-001060d14c30
Error: (10/10/2013 09:11:58 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: Assistant_Starter.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.GetSection(System.String)
bei System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
bei System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
bei System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
bei System.Configuration.SettingsBase.SetPropertyValueByName(System.String, System.Object)
bei System.Configuration.SettingsBase.set_Item(System.String, System.Object)
bei System.Configuration.ApplicationSettingsBase.set_Item(System.String, System.Object)
bei MP.Assistant.Starter.Properties.Settings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.ApplicationSettings.set_UseActiveSync(Boolean)
bei MP.Assistant.Starter.StarterApplicationContext.ReadCommandLine()
bei MP.Assistant.Starter.StarterApplicationContext..ctor()
bei MP.Assistant.Starter.Program.Main()
==================== Memory info ===========================
Percentage of memory in use: 77%
Total physical RAM: 4094.43 MB
Available physical RAM: 908.24 MB
Total Pagefile: 8187.04 MB
Available Pagefile: 3574.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:252.06 GB) NTFS
Drive f: (PROMT8) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: FEE78907)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A80DC1EB)
==================== End Of Log ============================
adware :txt R1 Code:
# AdwCleaner v2.304 - Datei am 07/07/2013 um 21:40:44 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Rico - RICO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Rico\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
Gefunden : IBUpdaterService
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Users\Rico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
Datei Gefunden : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\foxydeal.sqlite
Datei Gefunden : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\searchplugins\Babylon.xml
Datei Gefunden : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\searchplugins\delta.xml
Datei Gefunden : C:\Windows\Tasks\DSite.job
Ordner Gefunden : C:\Program Files (x86)\continuetosave
Ordner Gefunden : C:\Program Files (x86)\FilesFrog Update Checker
Ordner Gefunden : C:\Program Files (x86)\jZip
Ordner Gefunden : C:\Program Files (x86)\WebSearch
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\coontiinueTosoave
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\ProgramData\InstallMate
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Ordner Gefunden : C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Ordner Gefunden : C:\Users\Rico\AppData\Local\jZip
Ordner Gefunden : C:\Users\Rico\AppData\Local\PutLockerDownloader
Ordner Gefunden : C:\Users\Rico\AppData\Local\Temp\jZip
Ordner Gefunden : C:\Users\Rico\AppData\Local\Temp\OCS
Ordner Gefunden : C:\Users\Rico\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Rico\AppData\Roaming\DealPly
Ordner Gefunden : C:\Users\Rico\AppData\Roaming\DSite
Ordner Gefunden : C:\Users\Rico\AppData\Roaming\file scout
Ordner Gefunden : C:\Users\Rico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Ordner Gefunden : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\jetpack
Ordner Gefunden : C:\Users\Rico\AppData\Roaming\PerformerSoft
Ordner Gefunden : C:\Users\Rico\AppData\Roaming\SpeedAnalysis2
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\1ClickDownload
Schlüssel Gefunden : HKCU\Software\AppDataLow\SProtector
Schlüssel Gefunden : HKCU\Software\BabSolution
Schlüssel Gefunden : HKCU\Software\BI
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\filescout
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\jZip
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B0B45C1-8B65-2625-6294-4E993905C13E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Somoto
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\jZip
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gefunden : HKLM\Software\SP Global
Schlüssel Gefunden : HKLM\Software\SProtector
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\92ddd8e56eee15
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-2666592708-3794203733-3362275663-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16521
[HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://www.delta-search.com/?affID=119781&tt=gc_&babsrc=HP_ss&mntrId=B43100030D7FF71B
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.searchrocket.info/?pid=557&r=2013/05/25&hid=2366588070&lg=EN&cc=DE&unqvl=16
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\prefs.js
Gefunden : user_pref("extensions.delta.admin", false);
Gefunden : user_pref("extensions.delta.aflt", "babsst");
Gefunden : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gefunden : user_pref("extensions.delta.autoRvrt", "false");
Gefunden : user_pref("extensions.delta.dfltLng", "en");
Gefunden : user_pref("extensions.delta.excTlbr", false);
Gefunden : user_pref("extensions.delta.ffxUnstlRst", true);
Gefunden : user_pref("extensions.delta.id", "b431ab2d00000000000000030d7ff71b");
Gefunden : user_pref("extensions.delta.instlDay", "15858");
Gefunden : user_pref("extensions.delta.instlRef", "sst");
Gefunden : user_pref("extensions.delta.newTab", false);
Gefunden : user_pref("extensions.delta.prdct", "delta");
Gefunden : user_pref("extensions.delta.prtnrId", "delta");
Gefunden : user_pref("extensions.delta.rvrt", "false");
Gefunden : user_pref("extensions.delta.smplGrp", "none");
Gefunden : user_pref("extensions.delta.tlbrId", "base");
Gefunden : user_pref("extensions.delta.tlbrSrchUrl", "");
Gefunden : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gefunden : user_pref("extensions.delta.vrsnTs", "1.8.21.513:16:14");
Gefunden : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gefunden : user_pref("extensions.delta_i.babExt", "");
Gefunden : user_pref("extensions.delta_i.babTrack", "affID=119781&tt=gc_");
Gefunden : user_pref("extensions.delta_i.srcExt", "ss");
Gefunden : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
-\\ Google Chrome v27.0.1453.116
Datei : C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gefunden [l.2487] : homepage = "hxxp://www.delta-search.com/?affID=119781&tt=gc_&babsrc=HP_ss&mntrId=B43100030D7FF71B",
*************************
AdwCleaner[R1].txt - [9053 octets] - [07/07/2013 21:40:44]
########## EOF - C:\AdwCleaner[R1].txt - [9113 octets] ##########
adware TXT S1 Code:
# AdwCleaner v2.304 - Datei am 07/07/2013 um 21:41:50 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Rico - RICO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Rico\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : IBUpdaterService
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Rico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
Datei Gelöscht : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\searchplugins\delta.xml
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Ordner Gelöscht : C:\Program Files (x86)\continuetosave
Ordner Gelöscht : C:\Program Files (x86)\FilesFrog Update Checker
Ordner Gelöscht : C:\Program Files (x86)\jZip
Ordner Gelöscht : C:\Program Files (x86)\WebSearch
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\coontiinueTosoave
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\InstallMate
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Ordner Gelöscht : C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Ordner Gelöscht : C:\Users\Rico\AppData\Local\jZip
Ordner Gelöscht : C:\Users\Rico\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Rico\AppData\Local\Temp\jZip
Ordner Gelöscht : C:\Users\Rico\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Rico\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Rico\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Rico\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Rico\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Rico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Ordner Gelöscht : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\jetpack
Ordner Gelöscht : C:\Users\Rico\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Rico\AppData\Roaming\SpeedAnalysis2
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\jZip
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B0B45C1-8B65-2625-6294-4E993905C13E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Somoto
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\jZip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\92ddd8e56eee15
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16521
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://www.delta-search.com/?affID=119781&tt=gc_&babsrc=HP_ss&mntrId=B43100030D7FF71B --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.searchrocket.info/?pid=557&r=2013/05/25&hid=2366588070&lg=EN&cc=DE&unqvl=16 --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\prefs.js
C:\Users\Rico\AppData\Roaming\Mozilla\Firefox\Profiles\3w7xw9pt.default\user.js ... Gelöscht !
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "b431ab2d00000000000000030d7ff71b");
Gelöscht : user_pref("extensions.delta.instlDay", "15858");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.513:16:14");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119781&tt=gc_");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
-\\ Google Chrome v27.0.1453.116
Datei : C:\Users\Rico\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.2487] : homepage = "hxxp://www.delta-search.com/?affID=119781&tt=gc_&babsrc=HP_ss&mntrId=B43100030D7FF71[...]
*************************
AdwCleaner[R1].txt - [9172 octets] - [07/07/2013 21:40:44]
AdwCleaner[S1].txt - [8974 octets] - [07/07/2013 21:41:50]
########## EOF - C:\AdwCleaner[S1].txt - [9034 octets] ##########
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
