| Estella123 | 28.11.2013 15:26 |
Hallo Jonas,
dankeschön für die schnelle Antwort! :)
Hier die beiden gewünschten Logfiles:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-11-2013 01
Ran by *** (administrator) on CENTAURI on 27-11-2013 20:41:02
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Uniblue Systems Ltd) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\System32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\CONEXANT\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] - C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe [281960 2011-05-25] (Lenovo Group Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MountPoints2: {56211a46-094c-11e1-8d0c-806e6f6e6963} - Q:\LenovoQDrive.exe
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] - C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [1629544 2011-08-31] (Lenovo Group Limited)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Default\...\RunOnce: [] - [x]
HKU\Default\...\RunOnce: [Lenovoautoqdrive] - C:\Program Files (x86)\Common Files\Lenovo\LenovoDrive\LenovoAutoRunReg.exe [159744 2009-03-24] ()
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=d2f018d00000000000003859f9e88dee
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {E655AC64-E7AB-4E40-A3B3-8762BFFD39A6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=d2f018d00000000000003859f9e88dee&r=95
SearchScopes: HKCU - {E655AC64-E7AB-4E40-A3B3-8762BFFD39A6} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=d2f018d00000000000003859f9e88dee&r=95
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)
BHO-x32: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 172.16.99.254
FireFox:
========
FF ProfilePath: C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default
FF user.js: detected! => C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\user.js
FF Homepage: www.google.de
FF Keyword.URL: www.google.de
FF NetworkProxy: "http", "202.85.215.250"
FF NetworkProxy: "http_port", 1080
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Steffi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\ich@maltegoetz.de
FF Extension: FoxLingo - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF Extension: client - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\client@anonymox.net.xpi
FF Extension: jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi
FF Extension: lieferheld - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\lieferheld@extensions.partneraddons.de.xpi
FF Extension: Adblock Plus - C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
Chrome:
=======
CHR Extension: (Freemake Video Downloader) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Skype Click to Call) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [74752 2011-12-30] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2011-12-30] (Microsoft)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-27 20:41 - 2013-11-27 20:41 - 00028680 _____ C:\Users\Steffi\Desktop\FRST.txt
2013-11-27 20:40 - 2013-11-27 20:40 - 00000000 ____D C:\FRST
2013-11-27 20:40 - 2013-11-27 20:40 - 00000000 _____ C:\Users\Steffi\defogger_reenable
2013-11-27 20:39 - 2013-11-27 20:40 - 00000474 _____ C:\Users\Steffi\Desktop\defogger_disable.log
2013-11-27 20:39 - 2013-11-27 20:39 - 00000246 _____ C:\Users\Steffi\Desktop\defogger_enable.log
2013-11-27 20:38 - 2013-11-27 20:38 - 01958850 _____ (Farbar) C:\Users\Steffi\Desktop\FRST64.exe
2013-11-27 20:38 - 2013-11-27 20:38 - 00050477 _____ C:\Users\Steffi\Desktop\Defogger.exe
2013-11-27 03:07 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-27 03:03 - 2013-11-27 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 03:03 - 2013-11-27 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 03:03 - 2013-11-27 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 03:03 - 2013-11-27 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 03:03 - 2013-11-27 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 03:03 - 2013-11-27 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 03:03 - 2013-11-27 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 03:03 - 2013-11-27 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 03:03 - 2013-11-27 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 03:03 - 2013-11-27 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 03:03 - 2013-11-27 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-27 03:01 - 2013-11-27 03:08 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-22 21:54 - 2013-11-22 22:26 - 345820622 _____ C:\Users\Steffi\Downloads\The.Mentalist.S06E08.LEAKED.WEBRip.mp4
2013-11-18 11:54 - 2013-11-18 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-17 23:32 - 2013-11-17 23:32 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-17 23:31 - 2013-11-17 23:32 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-17 23:31 - 2013-11-17 23:32 - 00000000 ____D C:\Program Files\iTunes
2013-11-17 23:31 - 2013-11-17 23:32 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-17 23:31 - 2013-11-17 23:31 - 00000000 ____D C:\Program Files\iPod
2013-11-13 08:05 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 08:05 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 08:04 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 08:04 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 08:04 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 08:04 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 08:04 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 08:04 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 08:04 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 08:04 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 08:04 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 08:04 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 08:04 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 08:04 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 08:04 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 08:04 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 08:04 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 08:04 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 08:04 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 08:04 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 08:04 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 08:04 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 08:04 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 08:04 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 08:04 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 08:04 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 08:04 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 08:04 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 08:04 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 08:04 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-01 15:33 - 2013-11-01 15:34 - 00000000 ____D C:\Users\Steffi\Desktop\MPlus-Seminar - WS 2013-14
==================== One Month Modified Files and Folders =======
2013-11-27 20:41 - 2013-11-27 20:41 - 00028680 _____ C:\Users\Steffi\Desktop\FRST.txt
2013-11-27 20:40 - 2013-11-27 20:40 - 00000000 ____D C:\FRST
2013-11-27 20:40 - 2013-11-27 20:40 - 00000000 _____ C:\Users\Steffi\defogger_reenable
2013-11-27 20:40 - 2013-11-27 20:39 - 00000474 _____ C:\Users\Steffi\Desktop\defogger_disable.log
2013-11-27 20:40 - 2012-04-02 09:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-27 20:40 - 2012-01-05 18:49 - 00000000 ____D C:\Users\Steffi
2013-11-27 20:39 - 2013-11-27 20:39 - 00000246 _____ C:\Users\Steffi\Desktop\defogger_enable.log
2013-11-27 20:38 - 2013-11-27 20:38 - 01958850 _____ (Farbar) C:\Users\Steffi\Desktop\FRST64.exe
2013-11-27 20:38 - 2013-11-27 20:38 - 00050477 _____ C:\Users\Steffi\Desktop\Defogger.exe
2013-11-27 20:20 - 2011-11-07 15:28 - 02047246 _____ C:\Windows\WindowsUpdate.log
2013-11-27 20:00 - 2011-11-07 16:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 19:07 - 2011-11-07 16:00 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-27 10:31 - 2012-01-05 18:50 - 00003494 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2013-11-27 10:31 - 2012-01-05 18:50 - 00003448 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2013-11-27 10:31 - 2012-01-05 18:50 - 00000466 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2013-11-27 10:30 - 2013-03-30 12:07 - 00000342 _____ C:\Windows\Tasks\dsmonitor.job
2013-11-27 10:30 - 2012-01-05 18:54 - 00001432 _____ C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 10:17 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-27 10:17 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-27 10:16 - 2011-11-08 00:09 - 05238240 _____ C:\Windows\system32\perfh007.dat
2013-11-27 10:16 - 2011-11-08 00:09 - 01602054 _____ C:\Windows\system32\perfc007.dat
2013-11-27 10:16 - 2009-07-14 06:13 - 00006528 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-27 10:09 - 2012-01-06 18:15 - 00000000 _____ C:\sniffer.log
2013-11-27 10:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-27 10:07 - 2009-07-14 05:51 - 00088442 _____ C:\Windows\setupact.log
2013-11-27 03:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-27 03:08 - 2013-11-27 03:01 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-27 03:03 - 2013-11-27 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-27 03:03 - 2013-11-27 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-27 03:03 - 2013-11-27 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-27 03:03 - 2013-11-27 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-27 03:03 - 2013-11-27 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-27 03:03 - 2013-11-27 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-27 03:03 - 2013-11-27 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-27 03:03 - 2013-11-27 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-27 03:03 - 2013-11-27 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-27 03:03 - 2013-11-27 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-27 03:03 - 2013-11-27 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-27 03:03 - 2013-11-27 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-27 03:03 - 2013-11-27 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 05:18 - 2013-10-24 23:41 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\OpenCandy
2013-11-26 05:18 - 2012-07-22 12:27 - 00000000 ____D C:\ProgramData\Real
2013-11-26 05:18 - 2012-02-02 04:40 - 00000000 ____D C:\Users\Gast
2013-11-26 05:18 - 2012-01-06 15:53 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-26 05:18 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-26 05:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-26 05:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-23 00:53 - 2012-03-01 23:03 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\uTorrent
2013-11-22 22:26 - 2013-11-22 21:54 - 345820622 _____ C:\Users\Steffi\Downloads\The.Mentalist.S06E08.LEAKED.WEBRip.mp4
2013-11-22 20:29 - 2013-10-20 21:44 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\vlc
2013-11-20 10:47 - 2012-01-06 18:17 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\Skype
2013-11-20 06:35 - 2012-05-04 15:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-19 16:24 - 2013-03-29 12:46 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-19 16:24 - 2013-03-29 12:46 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-18 11:54 - 2013-11-18 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 11:38 - 2012-01-06 16:40 - 00000000 ____D C:\Users\Steffi\AppData\Roaming\Apple Computer
2013-11-18 11:36 - 2012-01-05 18:50 - 00000528 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2013-11-17 23:32 - 2013-11-17 23:32 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-17 23:32 - 2013-11-17 23:31 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-17 23:32 - 2013-11-17 23:31 - 00000000 ____D C:\Program Files\iTunes
2013-11-17 23:32 - 2013-11-17 23:31 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-17 23:31 - 2013-11-17 23:31 - 00000000 ____D C:\Program Files\iPod
2013-11-17 23:31 - 2012-01-06 16:39 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-15 16:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-15 15:16 - 2012-01-05 18:50 - 00004234 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2013-11-15 03:09 - 2012-05-15 00:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 03:05 - 2013-07-23 01:05 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 03:03 - 2012-07-13 13:18 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-06 21:29 - 2012-01-06 16:56 - 00000000 ____D C:\Users\Steffi\AppData\Local\Paint.NET
2013-11-01 15:34 - 2013-11-01 15:33 - 00000000 ____D C:\Users\Steffi\Desktop\MPlus-Seminar - WS 2013-14
Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Steffi\AppData\Local\Temp\avgnt.exe
C:\Users\Steffi\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Steffi\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Steffi\AppData\Local\Temp\setup.exe
C:\Users\Steffi\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 07:49
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- ---
Additional Log: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2013 01
Ran by *** at 2013-11-27 20:42:10
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (x32 Version: 3.1.2)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Anzeige am Bildschirm (Version: 6.60.00)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 14.0.1.749)
BatteryBar (remove only)
BisonCam Twain Pro (x32 Version: 1.5.4.7)
Bonjour (Version: 3.0.0.10)
Brain Workshop 4.8.4 (x32 Version: 4.8.4)
Broadcom InConcert Maestro (Version: 1.0.1.2200)
Burn.Now 4.5 (x32 Version: 4.5.0)
Canon Easy-PhotoPrint EX (x32)
Canon MG5200 series Benutzerregistrierung (x32)
Canon MG5200 series MP Drivers
Canon MP Navigator EX 4.0 (x32)
Canon My Printer (x32)
Canon Solution Menu EX (x32)
CCleaner (Version: 3.14)
CD-LabelPrint (x32)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Cisco Systems VPN Client 5.0.07.0440 (Version: 5.0.7)
Citrix Online Plug-in - Web (x32 Version: 12.3.0.8)
Citrix Online Plug-in (DV) (x32 Version: 12.3.0.8)
Citrix Online Plug-in (HDX) (x32 Version: 12.3.0.8)
Citrix Online Plug-in (USB) (x32 Version: 12.3.0.8)
Citrix Online Plug-in (Web) (x32 Version: 12.3.0.8)
ClipGrab 3.2.1.2 (x32)
Conexant HD Audio (Version: 8.32.27.0)
Corel Burn.Now Lenovo Edition (x32 Version: 4.5.0)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0)
Corel DVD MovieFactory Lenovo Edition (x32 Version: 7.0.0)
Corel WinDVD (x32 Version: 10.0.5.828)
Create Recovery Media (x32 Version: 1.20.0.00)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Direct DiscRecorder (x32 Version: 1.00.0000)
DivX-Setup (x32 Version: 2.6.1.24)
DriverScanner (x32 Version: 4.0.10.0)
Dropbox (HKCU Version: 1.4.7)
ElectriCalm 3D Screensaver (remove only) (x32)
Error Messages for Windows (x32 Version: Error Messages for Windows - Version 2.9)
Evernote v. 4.2.3 (x32 Version: 4.2.3.15)
FlashGet 1.9.6.1073 (x32 Version: 1.9.6.1073)
Free-Jahreskalender 2013 (x32 Version: 9.00.2013)
Freemake Video Downloader (x32 Version: 3.0.0)
Google Earth (x32 Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
IBM SPSS Statistics 20 (Version: 20.0.0.0)
iCloud (Version: 3.0.2.163)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (x32 Version: 1.1.0.1147)
Intel Processor Diagnostic Tool 64Bit (Version: 17.0.0)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2476)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 21 (64-bit) (Version: 6.0.210)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 8.8.0 (Full) (x32 Version: 8.8.0)
Lenovo Auto Scroll Utility (Version: 1.10)
Lenovo Patch Utility (x32 Version: 1.0.1.1)
Lenovo Patch Utility 64 bit (Version: 1.2.0.1)
Lenovo Registration (x32 Version: 1.0.4)
Lenovo SimpleTap (Version: 2.1.0003.00)
Lenovo System Interface Driver (Version: 1.05)
Lenovo ThinkVantage Toolbox (Version: 6.0.5849.23)
Lenovo User Guide (x32 Version: 1.0.0008.00)
Lenovo Warranty Information (x32 Version: 1.0.0005.00)
Lenovo Welcome (x32 Version: 3.00.006.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Message Center Plus (x32 Version: 2.0.0012.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MozBackup 1.5.1 (x32)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
Paint.NET v3.5.10 (Version: 3.60.0)
PDF24 Creator 4.9.0 (x32)
PDF-XChange Viewer (Version: 2.5.200.0)
Picasa 3 (x32 Version: 3.8)
QuickTime (x32 Version: 7.74.80.86)
RapidBoot (Version: 1.11)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)
RealPlayer (x32 Version: 15.0.5)
Realtek Ethernet Controller Driver (x32 Version: 7.37.1229.2010)
RealUpgrade 1.1 (x32 Version: 1.1.0)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00)
RICOH_Media_Driver_v2.14.18.01 (x32 Version: 2.14.18.01)
Secunia PSI (2.0.0.4002) (x32)
Skype Click to Call (x32 Version: 5.6.8442)
Skype™ 5.10 (x32 Version: 5.10.116)
Softonic toolbar on IE and Chrome (x32 Version: 1.8.21.14)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Steam (x32 Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
System Update (x32 Version: 4.01.0015)
TeamViewer 7 (x32 Version: 7.0.12313)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.2200)
ThinkPad Energie-Manager (x32 Version: 3.63)
ThinkPad Power Management Driver (Version: 1.64.00.00)
ThinkPad UltraNav Driver (Version: 15.3.8.0)
ThinkPad Wireless LAN Adapter Software (x32 Version: 1.00.0029.8)
ThinkVantage AutoLock (Version: 1.03)
ThinkVantage Communications Utility (Version: 2.07)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.75)
Trine 2 (x32)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 2.1.0 (x32 Version: 2.1.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows-Treiberpaket - Intel (iaStor) hdc (11/06/2010 10.1.0.1008) (Version: 11/06/2010 10.1.0.1008)
Windows-Treiberpaket - Lenovo 1.64.00.00 (07/28/2011 1.64.00.00) (Version: 07/28/2011 1.64.00.00)
Windows-Treiberpaket - Realtek (RTL8167) Net (12/29/2010 7.037.1229.2010) (Version: 12/29/2010 7.037.1229.2010)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (Version: 05/19/2011 15.3.8.0)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
==================== Restore Points =========================
20-10-2013 19:16:03 Installed Java 7 Update 45 (64-bit)
20-10-2013 19:25:14 Installed Java 7 Update 45
28-10-2013 09:46:20 Geplanter Prüfpunkt
06-11-2013 09:44:23 Geplanter Prüfpunkt
15-11-2013 02:00:34 Geplanter Prüfpunkt
15-11-2013 02:00:34 Windows Update
23-11-2013 12:31:23 Geplanter Prüfpunkt
27-11-2013 02:00:27 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {32C128F8-60B5-4F03-A1BB-739BAD766C7A} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {41946192-8B41-4D24-B62A-F15F2263A2A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-07] (Google Inc.)
Task: {44845285-3271-4179-9318-A513FA9E6175} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {51D7526D-1E8D-4542-AFE2-435CC2E58C8E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5AD049F5-16D8-4F1C-8E15-4EA18C385A5B} - System32\Tasks\{FB2FF831-3CAF-4A3C-852D-C35B374CBA32} => Firefox.exe
Task: {66DB5056-EFA7-409D-A964-E63E728B5E5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-07] (Google Inc.)
Task: {6948EB98-FE0E-4EC7-AD6E-77F0F9A86E2E} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2013-01-16] (Uniblue Systems Ltd)
Task: {6C4ACA37-B888-4BBB-8B37-0AF134DF76C3} - System32\Tasks\{6E423486-25FA-4AEB-A700-E1BE0C842CED} => Firefox.exe hxxp://ui.skype.com/ui/0/5.0.0.152.375/de/go/help.faq.installer?LastError=1603
Task: {6D37EDC1-C8DA-46AE-AF1C-74819CD5E02B} - System32\Tasks\{81459E6B-14C3-4751-8C2B-1CEA807C5807} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {942F7A86-EBE8-476D-868C-DE9806FA3DFB} - System32\Tasks\{5E68570B-BD88-4E51-BEA4-FB5916815DA0} => C:\Users\Steffi\Downloads\CitrixOnlinePluginWeb.exe [2013-07-22] (Citrix Systems, Inc.)
Task: {9FDA9612-D04E-46E6-943C-B39851F72FED} - System32\Tasks\MCP => C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {BACD5A5E-C885-469D-A09B-D5DAFEEAF02B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2011-09-22] (Lenovo)
Task: {BFC59D6A-87C3-442A-B393-6C779EE5E1BA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C463E434-D55D-47C4-8B38-633E14A93533} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2617601996-74598242-3223451816-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {C98501C6-E991-48B5-8C70-C9CE83714A1B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {D346E136-E98C-47AC-B1B0-9DE695678E42} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {D891213D-109A-4F26-905B-80709B50C11D} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-08-31] (Lenovo Group Limited)
Task: {E60C8C3C-C936-435F-BB82-D485EE81F83F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {F83E5140-7C30-49BC-94B8-9498F59CA7CB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2617601996-74598242-3223451816-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2011-11-07 15:49 - 2011-08-31 19:03 - 00055808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2011-11-08 00:04 - 2011-05-19 13:04 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2011-11-07 15:46 - 2011-08-19 06:20 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-03-16 17:29 - 2013-03-16 16:20 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 11:49 - 2011-03-04 11:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2011-11-07 15:50 - 2010-04-06 09:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2011-11-07 15:50 - 2010-04-06 09:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-11-18 11:54 - 2013-11-18 11:54 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-09 22:40 - 2013-10-09 22:40 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:B606BA34
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Integrated Camera
Description: Integrated Camera
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Ricoh
Service: 5U877
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3120
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3120
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2122
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2122
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123
System errors:
=============
Error: (11/27/2013 10:10:33 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/27/2013 06:44:59 AM) (Source: iaStor) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (11/27/2013 03:23:36 AM) (Source: DCOM) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (11/26/2013 11:39:05 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/25/2013 08:25:40 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/25/2013 07:03:00 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/25/2013 11:43:44 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/24/2013 09:54:34 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (11/24/2013 09:51:58 PM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (11/24/2013 09:51:54 PM) (Source: DCOM) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Microsoft Office Sessions:
=========================
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4134
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4134
Error: (11/27/2013 00:39:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3120
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3120
Error: (11/27/2013 00:38:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2122
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2122
Error: (11/27/2013 00:38:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/27/2013 00:38:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123
==================== Memory info ===========================
Percentage of memory in use: 60%
Total physical RAM: 4007.23 MB
Available physical RAM: 1574.82 MB
Total Pagefile: 8012.65 MB
Available Pagefile: 5197.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:452.58 GB) (Free:364.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:2.42 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 3693D307)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
==================== End Of Log ============================
edit: Hier auch noch das gmer-log: Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-27 21:26:57
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Steffi\AppData\Local\Temp\kfliqpoc.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe[1968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe[1968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe[2640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe[2640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2216] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2216] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[4148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[1408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[1408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
.text C:\Windows\SysWOW64\RunDll32.exe[2188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Windows\SysWOW64\RunDll32.exe[2188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
? C:\Windows\system32\mssprxy.dll [5804] entry point in ".rdata" section 00000000686b71e6
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000755b1465 2 bytes [5B, 75]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[4048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000755b14bb 2 bytes [5B, 75]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\402cf46a4c73
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\402cf46a4c73 (not active ControlSet)
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
LG
estella
Hallo,
ich würde mich freuen, wenn sich jemand meinem Problem heute annehmen könnte, weil die Trojaner mittlerweile mein System zerschießen (selbst vermutete Kausalität). Erst der zigste Boot-Vorgang hat gerade geklappt, vorher Blue Screen und mehrfaches Aufhängen, trotz Starthilfe.
Ich könnte, falls es hilft, hier noch das Adwcleaner-Log posten: Code:
# AdwCleaner v3.013 - Bericht erstellt am 27/11/2013 um 23:34:20
# Updated 24/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : *** - ***
# Gestartet von : C:\Users\Steffi\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\DriverScanner
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\Uniblue\DriverScanner
Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Steffi\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\Softonic
Ordner Gelöscht : C:\Users\Steffi\AppData\Roaming\Uniblue\DriverScanner
Ordner Gelöscht : C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Datei Gelöscht : C:\Users\Public\Desktop\driverscanner.lnk
Datei Gelöscht : C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\searchplugins\softonic.xml
Datei Gelöscht : C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\user.js
Datei Gelöscht : C:\Windows\Tasks\dsmonitor.job
Datei Gelöscht : C:\Windows\System32\Tasks\dsmonitor
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_electricalm-3d-screensaver_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_electricalm-3d-screensaver_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16736
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Steffi\AppData\Roaming\Mozilla\Firefox\Profiles\z93s0nb2.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=d2f018d00000000000003859f9e88dee");
Zeile gelöscht : user_pref("extensions.Softonic.id", "d2f018d00000000000003859f9e88dee");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16002");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=d2f018d00000000000003859f9e88dee");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=d2f018d00000000000003859f9e88dee&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.140:41:30");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.ffxtlbr@Facemoods.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"20\": {\"id\": \"20\",\"title\": \"Babylon\",\"type\": \"EXE\",\"url\": \"hxxps://www.addonfox.com/partners/rd/babylon/\",\"hom[...]
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\3276zffz.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Steffi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : homepage
Gelöscht : search_url
Gelöscht : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [13147 octets] - [27/11/2013 23:33:36]
AdwCleaner[S0].txt - [12689 octets] - [27/11/2013 23:34:20]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12750 octets] ##########
Danke schonmal im Voraus und sorry für das Nachfragen! :)
Herzlich,
estella |
Regeln zum Ablauf der Bereinigung
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
SecurityCheck und: