| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internet mit allen Browsern langsam nach BizCoachingWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
03.07.2013, 19:02
| #1 |
| |  Internet mit allen Browsern langsam nach BizCoaching Hallo, seit 3 Tagen ist mein Internet sehr langsam. Hatte auch diverse Pop-Ups wie die Seiten BizCoaching und CO. Hab mir da wohl was eingefangen. Ich poste gleich mal die OTL und Extras dazu Extras Code:
ATTFilter OTL Extras logfile created on: 03.07.2013 19:37:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julian\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 31,13% Memory free
7,81 Gb Paging File | 4,03 Gb Available in Paging File | 51,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 101,78 Gb Total Space | 46,67 Gb Free Space | 45,85% Space Free | Partition Type: NTFS
Drive D: | 350,89 Gb Total Space | 314,26 Gb Free Space | 89,56% Space Free | Partition Type: NTFS
Computer Name: JULIAN-PC | User Name: Julian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03DCB2FA-071A-404B-8E33-54F9B37246D9}" = rport=138 | protocol=17 | dir=out | app=system |
"{0989058F-6A45-442A-99A9-BB56CAD195B5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{13E81CE7-596F-4FEF-8BCE-7F646AEC64FC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C9FD81E-3A5A-40F2-9DDD-D05F5D88767B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D87558B-9659-4FBE-AB94-D63827D48D7E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F188470-6695-484B-B953-130778720DC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5822C651-1396-422A-9AF8-81EFB912643A}" = rport=445 | protocol=6 | dir=out | app=system |
"{5D83B5EA-1F71-45D7-B244-4BAC3FF70DCF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{634D3593-F058-4AD8-88C7-0AAB455F83F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{748CCF80-DE63-4F59-A20E-6A47550CBBB4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C3F4B9C-0022-4385-AEA0-26C2E9C33E5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7E6FD325-B626-40B8-99B3-A49099FCB062}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8543860F-62BF-41B5-93FB-312B90B3B998}" = lport=137 | protocol=17 | dir=in | app=system |
"{884FC861-0B11-450D-A174-051271B00C60}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{8A253039-2556-4245-8EA2-867330DB473A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9699BE35-87D7-4D38-9DA8-8D77BDF47D6D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BCBBA810-67D0-49CB-888A-9B605259F6D4}" = rport=137 | protocol=17 | dir=out | app=system |
"{C536E2C3-AF17-4A24-9420-EBDFF0107C3B}" = lport=138 | protocol=17 | dir=in | app=system |
"{D2A42110-D624-4207-AAE1-1FC9014D644A}" = rport=139 | protocol=6 | dir=out | app=system |
"{D8D3DBFF-A98D-4569-8479-09AB52022DC3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E0F7CBA7-5C5D-4831-843A-BEE0FB22F123}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F31E18CC-C07F-4AE6-9082-4AB6752D7F37}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6E2A07B-CA3E-4292-900A-7B8329278123}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{206A2519-1E14-4AB0-8742-B177E5837798}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2C20A616-41F9-4D8F-98DE-D59635CE89F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C68181B-DBC6-4710-87E1-4E3ECB05F853}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{32B67CAB-81C9-41DA-8832-4BAE3865CA11}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38B6CC47-234E-4DC6-BFBD-8734FA036249}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{38FF9A63-9958-41D9-81D4-1F590443DFE6}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{392B8BE4-5DD0-4C4A-A3AB-29CBD798DDBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3AFE4870-AA76-46BB-B57D-267358AEDBDE}" = dir=in | app=c:\program files (x86)\acer\touchportal\touch movie\touchmovie.exe |
"{42920F9A-7B4A-4664-AE43-E751A058C14F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{539280C6-974C-451C-AAF8-87F138C42079}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5554F022-6B71-47B1-9D5D-0F07895F6F59}" = protocol=6 | dir=out | app=system |
"{55592FDA-BC8C-491A-9728-40D90CAD0DC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{598C3E8C-2984-4B61-B77E-8239FEABBF4A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6CF2A001-3EED-426D-B351-8C452BB24954}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6F67591F-29BA-44DD-8CBF-E235644CAB40}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{73A59BD3-EBFD-4A44-8CD3-40DA1133F578}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{7747FA3C-23D5-488C-974B-0484E6B93E74}" = dir=in | app=c:\program files (x86)\acer\touchportal\touch movie\touchmovieservice.exe |
"{78FEABF0-C006-4178-8217-17E457AD7EB8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D62361F-10BD-4E73-A1BE-2ADCFC72D7D7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{823CA407-E267-40D3-9CB9-570527359349}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8F777833-C961-4FBB-98D2-3C229C8874B2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{92891B3D-0F74-44C0-8FBA-4413A1C3E104}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{930B21FA-FAB5-4A9F-9A0E-2974C04B3F7B}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{A29CFAAC-F4AB-4997-ADE1-24A21B852DEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7443786-CEED-41E3-9E2B-C6B48966809F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B5BFA905-DEFB-443A-8903-2C6D9590DA6A}" = protocol=17 | dir=in | app=c:\users\julian\appdata\roaming\icqm\icq.exe |
"{BB78C4CA-0A7A-41DC-9A61-19C6BC002112}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{D4D6A83A-ED42-4D92-BDE3-356AB3F95D95}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E63A8EEB-8393-4AB3-85B6-552B4D16D27C}" = protocol=6 | dir=in | app=c:\users\julian\appdata\roaming\icqm\icq.exe |
"{E64A89E7-88FC-4CD0-855E-9500AE1933C4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7E4524E-50D6-42C5-B535-4D4C8E2B5065}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EACFEF4B-E75D-4B53-A271-9E8B0C894901}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{EC3E2595-D1E7-4124-A4D6-D9A679AF6968}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1F1EA76-A9D3-43C3-955D-7F2D78608B41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{24F93B56-61F5-415F-85B9-AA444DA34AFC}" = Microsoft-Maus- und Tastatur-Center
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Virtual Earth 3D (Beta)
"{6E5159B4-A519-41EF-80EF-AD58371515DF}" = Eraser 6.0.10.2620
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16456401-9621-4F3D-836A-59EA425C471D}" = ZoneAlarm Security
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{219AA9C3-E1F9-4C99-A41C-7988C1A67143}" = STScreenDetection
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{243AD385-8C58-4D49-BF54-8E7F809E0A96}" = Acer TouchPortal
"{24ADC5BE-8B82-426F-8779-2308B54B00EE}" = ZoneAlarm Antivirus
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53652DA6-AD2D-4B0F-80BA-6F3CFE2B48D7}" = ZoneAlarm Security
"{54CCA4E2-D15D-4927-A866-2D33BFED4A8E}" = ZoneAlarm Firewall
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{737B13C5-990B-4339-8A4D-0FFEBBC3DB17}" = ZoneAlarm Firewall
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A80DB23D-0618-405B-89D9-28F99814E287}_is1" = AntiLogger Free version 1.6.2.226
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Touch Movie
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.188.706
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E3ED49BB-0544-4844-B296-6A0CB28E7BE3}" = Dir-It!
"{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Free Audio Converter_is1" = Free Audio Converter version 5.0.24.430
"GridVista" = Acer GridVista
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{243AD385-8C58-4D49-BF54-8E7F809E0A96}" = Acer TouchPortal
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.22
"LManager" = Launch Manager
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"ICQ" = ICQ 8.0 (build 6017)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28.05.2013 14:47:04 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mscorsvw.exe, Version: 4.0.30319.1,
Zeitstempel: 0x4ba1da21 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6f6e6a64 ID des fehlerhaften
Prozesses: 0x9e0 Startzeit der fehlerhaften Anwendung: 0x01ce5bd387811adc Pfad der
fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: fd016ba9-c7c6-11e2-a586-60eb699ddf56
Error - 28.05.2013 14:47:08 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: UMVPFSrv.exe, Version: 13.31.1044.0,
Zeitstempel: 0x4f166843 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6f6e6a64 ID des fehlerhaften
Prozesses: 0x344 Startzeit der fehlerhaften Anwendung: 0x01ce5bd329fe2899 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: ff489ccc-c7c6-11e2-a586-60eb699ddf56
Error - 28.05.2013 14:47:12 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GREGsvc.exe, Version: 1.0.0.1, Zeitstempel:
0x4afbd2e4 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6f6e6a64 ID des fehlerhaften Prozesses:
0x540 Startzeit der fehlerhaften Anwendung: 0x01ce5bd3362bf65f Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Acer\Registration\GREGsvc.exe Pfad des fehlerhaften
Moduls: unknown Berichtskennung: 0169b7eb-c7c7-11e2-a586-60eb699ddf56
Error - 28.05.2013 14:47:13 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IScheduleSvc.exe, Version: 2.0.0.68,
Zeitstempel: 0x4c28447e Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6f6e6a64 ID des fehlerhaften
Prozesses: 0x640 Startzeit der fehlerhaften Anwendung: 0x01ce5bd336866aaa Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NewTech Infosystems\Acer Backup
Manager\IScheduleSvc.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 02425524-c7c7-11e2-a586-60eb699ddf56
Error - 28.05.2013 14:47:18 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: RS_Service.exe, Version: 4.5.3000.9285,
Zeitstempel: 0x4a563cf3 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6f6e6a64 ID des fehlerhaften
Prozesses: 0x6d4 Startzeit der fehlerhaften Anwendung: 0x01ce5bd3369e386c Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 05374abb-c7c7-11e2-a586-60eb699ddf56
Error - 28.05.2013 14:47:22 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: UpdaterService.exe, Version: 1.0.0.8,
Zeitstempel: 0x4b614046 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6f6e6a64 ID des fehlerhaften
Prozesses: 0x808 Startzeit der fehlerhaften Anwendung: 0x01ce5bd336e80315 Pfad der
fehlerhaften Anwendung: C:\Program Files\Acer\Acer Updater\UpdaterService.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 07a491e3-c7c7-11e2-a586-60eb699ddf56
Error - 31.05.2013 17:23:58 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879,
Zeitstempel: 0x518ec3cc Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879,
Zeitstempel: 0x518ec306 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001c9789 ID des fehlerhaften
Prozesses: 0xf90 Startzeit der fehlerhaften Anwendung: 0x01ce5e180a1b704b Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
677f31ac-ca38-11e2-a1c2-60eb699ddf56
Error - 08.06.2013 05:57:29 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe, Version:
13.0.3020.2, Zeitstempel: 0x51067ac3 Name des fehlerhaften Moduls: TuneUpUtilitiesService64.exe,
Version: 13.0.3020.2, Zeitstempel: 0x51067ac3 Ausnahmecode: 0xc0000005 Fehleroffset:
0x000000000001cbe6 ID des fehlerhaften Prozesses: 0x908 Startzeit der fehlerhaften
Anwendung: 0x01ce642e8cae3970 Pfad der fehlerhaften Anwendung: C:\Program Files
(x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe Berichtskennung:
d44b6355-d021-11e2-bf0d-60eb699ddf56
Error - 09.06.2013 10:24:58 | Computer Name = Julian-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 09.06.2013 10:26:57 | Computer Name = Julian-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
[ System Events ]
Error - 12.06.2013 12:18:04 | Computer Name = Julian-PC | Source = NetBT | ID = 4307
Description = Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen
der Anfangsadressen verweigerte.
Error - 13.06.2013 00:39:05 | Computer Name = Julian-PC | Source = DCOM | ID = 10010
Description =
Error - 15.06.2013 09:47:34 | Computer Name = Julian-PC | Source = DCOM | ID = 10010
Description =
Error - 15.06.2013 16:14:13 | Computer Name = Julian-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
Error - 15.06.2013 16:14:13 | Computer Name = Julian-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
Error - 19.06.2013 15:38:54 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 19.06.2013 15:44:25 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist
bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 20.06.2013 12:43:06 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
IPsec-Richtlinien-Agent erreicht.
Error - 20.06.2013 12:43:06 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 20.06.2013 12:43:54 | Computer Name = Julian-PC | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
Code:
ATTFilter OTL logfile created on: 03.07.2013 19:37:04 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julian\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 31,13% Memory free 7,81 Gb Paging File | 4,03 Gb Available in Paging File | 51,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 101,78 Gb Total Space | 46,67 Gb Free Space | 45,85% Space Free | Partition Type: NTFS Drive D: | 350,89 Gb Total Space | 314,26 Gb Free Space | 89,56% Space Free | Partition Type: NTFS Computer Name: JULIAN-PC | User Name: Julian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.03 19:35:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Julian\Downloads\OTL.exe PRC - [2013.07.01 18:55:31 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.07.01 18:54:14 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2013.07.01 18:54:10 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.07.01 18:54:10 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013.05.28 18:07:20 | 027,598,184 | ---- | M] (ICQ) -- C:\Users\Julian\AppData\Roaming\ICQM\icq.exe PRC - [2013.05.26 17:16:43 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2013.05.16 10:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2013.05.16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2013.05.16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2013.05.15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2013.03.27 14:02:42 | 002,447,888 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe PRC - [2013.03.27 13:31:18 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe PRC - [2010.01.29 06:07:26 | 000,870,992 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.EXE PRC - [2010.01.13 04:55:58 | 000,030,080 | ---- | M] () -- C:\Windows\snuvcdsm.exe PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2009.11.06 19:22:52 | 002,584,576 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe ========== Modules (No Company Name) ========== MOD - [2013.06.15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll MOD - [2013.06.15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll MOD - [2013.06.15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll MOD - [2013.06.15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll MOD - [2013.06.15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll MOD - [2013.06.15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll MOD - [2013.05.29 18:19:23 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll MOD - [2013.05.28 21:03:50 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll MOD - [2013.05.28 21:03:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll MOD - [2013.05.28 21:02:39 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll MOD - [2013.05.28 21:02:26 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll MOD - [2013.05.28 21:02:01 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll MOD - [2013.05.28 21:01:51 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll MOD - [2013.05.28 21:01:44 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll MOD - [2013.05.28 21:01:42 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll MOD - [2013.05.28 21:01:31 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll MOD - [2013.05.28 18:07:26 | 000,851,456 | ---- | M] () -- C:\Users\Julian\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll MOD - [2013.05.27 02:52:43 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2013.05.27 02:52:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2013.05.26 17:16:43 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe MOD - [2013.05.16 10:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl MOD - [2013.05.16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2013.05.16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf MOD - [2010.01.13 04:55:58 | 000,030,080 | ---- | M] () -- C:\Windows\snuvcdsm.exe MOD - [2009.11.06 19:22:52 | 002,584,576 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe ========== Services (SafeList) ========== SRV - [2013.07.01 18:55:31 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.07.01 18:54:14 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2013.07.01 18:54:10 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.06.12 19:58:20 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.04.19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.03.27 14:02:42 | 002,447,888 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2012.11.29 16:06:12 | 002,401,632 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.11.22 16:35:22 | 000,828,072 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc) SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010.06.25 09:08:30 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010.05.27 04:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010.02.26 19:57:52 | 000,841,248 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.05.24 17:08:42 | 000,026,080 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KeyCrypt64.sys -- (keycrypt) DRV:64bit: - [2013.03.06 16:13:37 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013.02.26 16:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013.02.26 16:56:50 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013.01.29 18:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2012.12.13 11:49:42 | 000,450,136 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:64bit: - [2012.11.15 21:06:08 | 000,611,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.06.25 04:33:36 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.06.25 04:13:18 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2010.06.25 04:12:26 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010.06.25 04:12:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.06.25 04:12:24 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.06.25 04:12:24 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.01.13 04:56:18 | 001,806,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:64bit: - [2009.11.24 18:58:54 | 000,021,864 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\STHall.sys -- (STHall) DRV:64bit: - [2009.09.17 14:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.09.15 06:40:00 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:64bit: - [2009.09.02 20:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.10 15:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.26 15:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV - [2012.11.22 16:35:36 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2012.11.16 16:38:44 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.03.26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=& IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{44417FA3-E13C-4E17-9A5F-FD0D0C2AC285}: "URL" = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&&r=469 IE - HKCU\..\SearchScopes\{9F1604C3-87ED-4AF9-A921-9812FF832A94}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=ff874d16-1afe-407c-9e12-ed4fbb01f3b6&apn_sauid=2A80BC78-C5B9-495E-9E26-9C8354DA0000 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320 ========== FireFox ========== FF - prefs.js..browser.search.order.1: "Search By ZoneAlarm" FF - prefs.js..browser.search.selectedEngine: "Search By ZoneAlarm" FF - prefs.js..browser.startup.homepage: "hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10GX0008T1B0008&sku=&tstsId=&ver=&" FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0 FF - prefs.js..extensions.enabledAddons: lwoofer%40lyricswoofer.co:1.116 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.09.14 13:18:04 | 000,000,000 | ---D | M] FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.09.14 13:18:04 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013.06.09 13:54:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013.06.09 13:54:19 | 000,000,000 | ---D | M] [2013.05.26 19:23:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\Extensions [2013.06.09 13:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\7yoofxo0.default\extensions [2013.06.09 13:54:09 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\7yoofxo0.default\extensions\ffxtlbr@zonealarm.com [2013.05.27 20:13:38 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\7yoofxo0.default\extensions\tineye@ideeinc.com.xpi [2013.05.27 20:12:29 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\7yoofxo0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.01.23 12:46:58 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\7yoofxo0.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js [2013.05.26 19:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.05.26 19:23:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.26 19:23:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\PROGRAM FILES (X86)\LYRICSWOOFER\116.XPI ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll CHR - plugin: Google Update (Enabled) = C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - Extension: Google Docs = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: AdBlock = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\ CHR - Extension: Google Mail = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll (Montera Technologeis LTD) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [ScreenRotation] C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe () O4:64bit: - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [icq] C:\Users\Julian\AppData\Roaming\ICQM\icq.exe (ICQ) O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1215907-6827-4EBB-8FCD-12BBD623A7FB}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL) - C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL (Zemana Ltd.) O20 - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL) - C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL (Zemana Ltd.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.03 19:03:18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.07.03 19:03:03 | 000,000,000 | ---D | C] -- C:\JRT [2013.07.03 18:58:42 | 000,000,000 | ---D | C] -- C:\FRST [2013.07.01 20:03:16 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2013.07.01 20:03:11 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2013.07.01 20:03:10 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2013.07.01 20:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2013.07.01 20:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2013.07.01 19:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013.07.01 19:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.07.01 18:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013.07.01 18:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013.07.01 18:33:02 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2013.07.01 18:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.06.30 11:25:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsWoofer [2013.06.19 21:58:15 | 000,000,000 | ---D | C] -- C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass [2013.06.15 16:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools&More [2013.06.15 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tools&More [2013.06.09 13:51:24 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD [2013.06.07 19:34:49 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Adobe [2013.06.04 19:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2013.06.04 19:43:56 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoft [2013.06.04 19:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2013.06.04 19:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2013.06.04 18:05:46 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.06.04 18:04:51 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Google [2013.06.04 17:34:42 | 000,026,080 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\KeyCrypt64.sys [2013.06.04 17:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free [2013.06.04 17:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyCryptSDK [2013.06.04 17:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiLogger Free [2013.06.04 17:34:40 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\AntiLogger Free ========== Files - Modified Within 30 Days ========== [2013.07.03 19:36:39 | 000,000,000 | ---- | M] () -- C:\Users\Julian\defogger_reenable [2013.07.03 19:30:02 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job [2013.07.03 19:14:11 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job [2013.07.03 19:13:41 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.07.03 19:13:41 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.07.03 19:13:41 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.07.03 19:13:41 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.07.03 19:13:41 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.07.03 18:58:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.03 18:41:31 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.03 18:41:31 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.03 18:33:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.03 18:33:30 | 3144,867,840 | -HS- | M] () -- C:\hiberfil.sys [2013.07.03 18:15:55 | 000,417,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.07.01 19:07:57 | 000,008,174 | ---- | M] () -- D:\Users\Julian\Documents\cc_20130701_190751.reg [2013.07.01 18:55:35 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.07.01 18:14:01 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job [2013.06.24 21:34:29 | 000,004,414 | ---- | M] () -- D:\Users\Julian\Documents\NewDatabase.kdbx [2013.06.22 20:50:07 | 000,006,729 | -H-- | M] () -- C:\Windows\SysWow64\BTImages.dat [2013.06.10 18:34:59 | 000,417,563 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2013.06.04 17:18:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf ========== Files Created - No Company Name ========== [2013.07.03 19:36:39 | 000,000,000 | ---- | C] () -- C:\Users\Julian\defogger_reenable [2013.07.03 18:15:44 | 000,417,040 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.07.01 20:03:05 | 000,002,209 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2013.07.01 19:07:55 | 000,008,174 | ---- | C] () -- D:\Users\Julian\Documents\cc_20130701_190751.reg [2013.07.01 18:33:09 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013.06.04 18:04:56 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job [2013.06.04 18:04:56 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job [2013.06.04 17:18:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.05.28 20:04:24 | 000,006,729 | -H-- | C] () -- C:\Windows\SysWow64\BTImages.dat [2013.05.26 17:16:51 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe [2013.05.26 17:16:51 | 000,113,264 | ---- | C] () -- C:\Windows\FixUVC.exe [2013.05.26 17:16:51 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini [2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.06.09 13:51:24 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD [2013.05.26 19:26:09 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\CheckPoint [2013.06.04 19:44:35 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoft [2013.05.28 18:09:40 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\ICQ-Profile [2013.05.28 18:07:27 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\ICQM [2013.07.03 18:31:03 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\KeePass [2013.05.29 18:42:51 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\TuneUp Software ========== Purity Check ========== < End of report >  |
|
03.07.2013, 19:10
| #2 |
| /// the machine /// TB-Ausbilder    | Internet mit allen Browsern langsam nach BizCoaching Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
03.07.2013, 20:22
| #3 |
| | Internet mit allen Browsern langsam nach BizCoaching FRST
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2013 02
Ran by Julian (administrator) on 03-07-2013 20:43:14
Running from C:\Users\Julian\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Windows\snuvcdsm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(ICQ) C:\Users\Julian\AppData\Roaming\ICQM\icq.exe
(AppWork GmbH) C:\Users\Julian\AppData\Local\JDownloader v2.0\JDownloader2.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [ScreenRotation] C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe [2584576 2009-11-06] ()
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated)
HKLM\...\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe [30080 2010-01-13] ()
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] C:\Windows\PLFSetI.exe [206208 2013-05-26] ()
HKLM\...\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" [1127592 2012-11-22] (Check Point Software Technologies)
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [icq] C:\Users\Julian\AppData\Roaming\ICQM\icq.exe -CU [27598184 2013-05-28] (ICQ)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [870992 2010-01-29] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-01-15] ()
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL [89936 2013-05-24] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL [82696 2013-05-24] (Zemana Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {44417FA3-E13C-4E17-9A5F-FD0D0C2AC285} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&&r=469
SearchScopes: HKCU - {9F1604C3-87ED-4AF9-A921-9812FF832A94} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=ff874d16-1afe-407c-9e12-ed4fbb01f3b6&apn_sauid=2A80BC78-C5B9-495E-9E26-9C8354DA0000
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll (Montera Technologeis LTD)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10GX0008T1B0008&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Extension: zonealarm.com - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: tineye - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\tineye@ideeinc.com.xpi
FF Extension: No Name - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
CHR Plugin: (Google Update) - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (Gmail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [828072 2012-11-22] (Check Point Software Technologies)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33712 2012-11-22] (Check Point Software Technologies)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [26080 2013-05-24] (Zemana Ltd.)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [611160 2012-11-15] (Kaspersky Lab)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2010-01-13] ()
R3 STHall; C:\Windows\system32\DRIVERS\STHall.sys [21864 2009-11-24] (ST Microelectronics)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-03 19:58 - 2013-07-03 19:58 - 00063312 ____A C:\Users\Julian\Downloads\Extras.Txt
2013-07-03 19:57 - 2013-07-03 19:57 - 00106358 ____A C:\Users\Julian\Downloads\OTL.Txt
2013-07-03 19:36 - 2013-07-03 19:36 - 00050477 ____A C:\Users\Julian\Downloads\Defogger.exe
2013-07-03 19:36 - 2013-07-03 19:36 - 00000474 ____A C:\Users\Julian\Downloads\defogger_disable.log
2013-07-03 19:36 - 2013-07-03 19:36 - 00000000 ____A C:\Users\Julian\defogger_reenable
2013-07-03 19:35 - 2013-07-03 19:35 - 00602112 ____A (OldTimer Tools) C:\Users\Julian\Downloads\OTL.exe
2013-07-03 19:10 - 2013-03-05 13:18 - 00000016 ____A C:\Users\Julian\Downloads\enjoy.txt
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\JRT
2013-07-03 19:00 - 2013-07-03 19:02 - 00024303 ____A C:\Users\Julian\Downloads\Addition.txt
2013-07-03 19:00 - 2013-07-03 19:00 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Julian\Downloads\JRT.exe
2013-07-03 18:58 - 2013-07-03 18:58 - 00000000 ____D C:\FRST
2013-07-03 18:40 - 2013-07-03 18:40 - 01934082 ____A (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2013-07-03 18:39 - 2013-07-03 18:40 - 00001137 ____A C:\AdwCleaner[R1].txt
2013-07-03 18:31 - 2013-07-03 18:32 - 00012655 ____A C:\AdwCleaner[S1].txt
2013-07-03 18:30 - 2013-07-03 18:30 - 00650027 ____A C:\Users\Julian\Downloads\adwcleaner.exe
2013-07-03 18:16 - 2013-07-03 19:31 - 00000168 ____A C:\Windows\setupact.log
2013-07-03 18:16 - 2013-07-03 18:16 - 00109688 ____A C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 18:16 - 2013-07-03 18:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 18:15 - 2013-07-03 18:15 - 00417040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-03 18:15 - 2013-07-03 18:15 - 00000352 ____A C:\Windows\PFRO.log
2013-07-01 20:03 - 2012-11-29 16:06 - 00034656 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-07-01 20:03 - 2012-11-29 16:06 - 00025952 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-07-01 20:03 - 2012-11-29 16:06 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-01 20:02 - 2013-07-01 20:03 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 20:00 - 2013-07-01 20:00 - 30169591 ____A C:\Users\Julian\Downloads\TuneUp_Utilities_2013_v13.0.300.132.rar
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Julian\Downloads\TuneUp Utilities 2013 v13.0.300.132
2013-07-01 19:02 - 2013-07-01 19:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-01 18:57 - 2013-07-01 18:57 - 03357912 ____A (Piriform Ltd) C:\Users\Julian\Downloads\ccsetup403_slim.exe
2013-07-01 18:34 - 2013-07-01 18:39 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-01 18:33 - 2009-01-25 13:14 - 00017272 ____A (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2013-07-01 18:32 - 2013-07-01 18:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-01 18:31 - 2013-07-01 18:32 - 36271144 ____A (Safer-Networking Ltd. ) C:\Users\Julian\Downloads\spybot-2.1.exe
2013-06-30 12:28 - 2013-06-30 12:29 - 00000000 ____D C:\Users\Julian\Downloads\Movie.43.2013.BDRip.AC3.German.XviD-POE
2013-06-30 12:21 - 2013-06-27 11:19 - 1972400128 ____A C:\Users\Julian\Downloads\Olympus has fallen.avi
2013-06-30 11:25 - 2013-07-03 18:19 - 00000000 ____D C:\Program Files (x86)\LyricsWoofer
2013-06-22 20:45 - 2013-07-01 21:20 - 00000000 ____D C:\Users\Julian\Downloads\Genetikk - D.N.A
2013-06-22 20:11 - 2013-06-22 20:11 - 00844290 ____A C:\Users\Julian\Downloads\gendna2013pre.rar.part
2013-06-22 20:04 - 2013-06-22 20:11 - 11627273 ____A C:\Users\Julian\Downloads\DNA_PR_E.rar.part
2013-06-19 21:58 - 2013-06-19 21:59 - 00000000 ____D C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
2013-06-15 21:53 - 2013-06-15 21:54 - 00000000 ____D C:\Users\Julian\Downloads\Snitch.2013.READ.NFO.BDRip.MD.German.x264-POE
2013-06-15 16:39 - 2013-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-06-09 15:33 - 2013-06-15 17:54 - 00000000 ____D C:\Users\Julian\Downloads\Der.Hobbit.Eine.Unerwartete.Reise.2012.German.DL.1080p.BluRay.x264.READ.NFO.INTERNAL-ENCOUNTERS
2013-06-09 13:51 - 2013-06-09 13:51 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
2013-06-07 19:34 - 2013-06-07 19:35 - 00000000 ____D C:\Users\Julian\AppData\Local\Adobe
2013-06-04 19:43 - 2013-06-04 19:44 - 00000000 ____D C:\Users\Julian\AppData\Roaming\DVDVideoSoft
2013-06-04 19:43 - 2013-06-04 19:44 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-04 18:04 - 2013-07-03 20:14 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job
2013-06-04 18:04 - 2013-07-01 18:14 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job
2013-06-04 18:04 - 2013-06-04 18:05 - 00000000 ____D C:\Users\Julian\AppData\Local\Google
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Users\Julian\AppData\Local\AntiLogger Free
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2013-06-04 17:34 - 2013-05-24 17:08 - 00026080 ____A (Zemana Ltd.) C:\Windows\System32\Drivers\KeyCrypt64.sys
2013-06-04 17:18 - 2013-06-04 17:18 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
==================== One Month Modified Files and Folders =======
2013-07-03 20:30 - 2013-05-26 19:16 - 00000388 ____A C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2013-07-03 20:14 - 2013-06-04 18:04 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job
2013-07-03 19:58 - 2013-07-03 19:58 - 00063312 ____A C:\Users\Julian\Downloads\Extras.Txt
2013-07-03 19:58 - 2013-05-26 19:53 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-03 19:57 - 2013-07-03 19:57 - 00106358 ____A C:\Users\Julian\Downloads\OTL.Txt
2013-07-03 19:36 - 2013-07-03 19:36 - 00050477 ____A C:\Users\Julian\Downloads\Defogger.exe
2013-07-03 19:36 - 2013-07-03 19:36 - 00000474 ____A C:\Users\Julian\Downloads\defogger_disable.log
2013-07-03 19:36 - 2013-07-03 19:36 - 00000000 ____A C:\Users\Julian\defogger_reenable
2013-07-03 19:36 - 2013-05-26 17:46 - 00000000 ____D C:\users\Julian
2013-07-03 19:35 - 2013-07-03 19:35 - 00602112 ____A (OldTimer Tools) C:\Users\Julian\Downloads\OTL.exe
2013-07-03 19:31 - 2013-07-03 18:16 - 00000168 ____A C:\Windows\setupact.log
2013-07-03 19:13 - 2013-05-27 02:54 - 00654166 ____A C:\Windows\System32\perfh007.dat
2013-07-03 19:13 - 2013-05-27 02:54 - 00130006 ____A C:\Windows\System32\perfc007.dat
2013-07-03 19:13 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-03 19:06 - 2013-05-26 20:34 - 00000000 ____D C:\Users\Julian\AppData\Local\JDownloader v2.0
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\JRT
2013-07-03 19:02 - 2013-07-03 19:00 - 00024303 ____A C:\Users\Julian\Downloads\Addition.txt
2013-07-03 19:00 - 2013-07-03 19:00 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Julian\Downloads\JRT.exe
2013-07-03 18:58 - 2013-07-03 18:58 - 00000000 ____D C:\FRST
2013-07-03 18:41 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-03 18:41 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-03 18:40 - 2013-07-03 18:40 - 01934082 ____A (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2013-07-03 18:40 - 2013-07-03 18:39 - 00001137 ____A C:\AdwCleaner[R1].txt
2013-07-03 18:37 - 2013-05-26 17:03 - 01829198 ____A C:\Windows\WindowsUpdate.log
2013-07-03 18:33 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-03 18:32 - 2013-07-03 18:31 - 00012655 ____A C:\AdwCleaner[S1].txt
2013-07-03 18:31 - 2013-05-26 21:36 - 00000000 ____D C:\Users\Julian\AppData\Roaming\KeePass
2013-07-03 18:30 - 2013-07-03 18:30 - 00650027 ____A C:\Users\Julian\Downloads\adwcleaner.exe
2013-07-03 18:19 - 2013-06-30 11:25 - 00000000 ____D C:\Program Files (x86)\LyricsWoofer
2013-07-03 18:16 - 2013-07-03 18:16 - 00109688 ____A C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 18:16 - 2013-07-03 18:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 18:15 - 2013-07-03 18:15 - 00417040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-03 18:15 - 2013-07-03 18:15 - 00000352 ____A C:\Windows\PFRO.log
2013-07-01 21:42 - 2013-05-28 18:12 - 00000000 ____D C:\Users\Julian\Downloads\mdh
2013-07-01 21:42 - 2013-05-26 21:46 - 00000000 ____D C:\Users\Julian\AppData\Roaming\vlc
2013-07-01 21:20 - 2013-06-22 20:45 - 00000000 ____D C:\Users\Julian\Downloads\Genetikk - D.N.A
2013-07-01 21:15 - 2013-05-26 19:19 - 00000000 ____D C:\Users\Julian\AppData\Local\DoNotTrackPlus
2013-07-01 21:09 - 2013-05-26 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 21:06 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-07-01 20:11 - 2013-05-29 18:39 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-01 20:04 - 2013-05-26 19:18 - 00000000 ____D C:\Users\Julian\Desktop\Verwaltung
2013-07-01 20:03 - 2013-07-01 20:02 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 20:00 - 2013-07-01 20:00 - 30169591 ____A C:\Users\Julian\Downloads\TuneUp_Utilities_2013_v13.0.300.132.rar
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Julian\Downloads\TuneUp Utilities 2013 v13.0.300.132
2013-07-01 19:02 - 2013-07-01 19:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-01 18:57 - 2013-07-01 18:57 - 03357912 ____A (Piriform Ltd) C:\Users\Julian\Downloads\ccsetup403_slim.exe
2013-07-01 18:55 - 2013-05-27 06:09 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-01 18:39 - 2013-07-01 18:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-01 18:33 - 2013-07-01 18:32 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-01 18:32 - 2013-07-01 18:31 - 36271144 ____A (Safer-Networking Ltd. ) C:\Users\Julian\Downloads\spybot-2.1.exe
2013-07-01 18:14 - 2013-06-04 18:04 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job
2013-06-30 20:37 - 2013-05-26 19:25 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Skype
2013-06-30 12:29 - 2013-06-30 12:28 - 00000000 ____D C:\Users\Julian\Downloads\Movie.43.2013.BDRip.AC3.German.XviD-POE
2013-06-27 11:19 - 2013-06-30 12:21 - 1972400128 ____A C:\Users\Julian\Downloads\Olympus has fallen.avi
2013-06-22 20:50 - 2013-05-28 20:04 - 00006729 ___AH C:\Windows\SysWOW64\BTImages.dat
2013-06-22 20:11 - 2013-06-22 20:11 - 00844290 ____A C:\Users\Julian\Downloads\gendna2013pre.rar.part
2013-06-22 20:11 - 2013-06-22 20:04 - 11627273 ____A C:\Users\Julian\Downloads\DNA_PR_E.rar.part
2013-06-19 21:59 - 2013-06-19 21:58 - 00000000 ____D C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
2013-06-19 21:53 - 2013-05-26 20:11 - 00000000 ____D C:\Users\Julian\Desktop\Media
2013-06-15 21:54 - 2013-06-15 21:53 - 00000000 ____D C:\Users\Julian\Downloads\Snitch.2013.READ.NFO.BDRip.MD.German.x264-POE
2013-06-15 17:54 - 2013-06-09 15:33 - 00000000 ____D C:\Users\Julian\Downloads\Der.Hobbit.Eine.Unerwartete.Reise.2012.German.DL.1080p.BluRay.x264.READ.NFO.INTERNAL-ENCOUNTERS
2013-06-15 16:39 - 2013-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-06-15 16:38 - 2010-09-14 13:14 - 00000000 ____D C:\Windows\Downloaded Installations
2013-06-12 19:58 - 2013-05-26 19:53 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 19:58 - 2013-05-26 19:53 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-10 18:34 - 2013-05-26 19:26 - 00417563 ____A C:\Windows\System32\Drivers\vsconfig.xml
2013-06-09 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-09 13:51 - 2013-06-09 13:51 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
2013-06-07 19:35 - 2013-06-07 19:34 - 00000000 ____D C:\Users\Julian\AppData\Local\Adobe
2013-06-07 19:34 - 2013-05-26 18:13 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Adobe
2013-06-04 19:44 - 2013-06-04 19:43 - 00000000 ____D C:\Users\Julian\AppData\Roaming\DVDVideoSoft
2013-06-04 19:44 - 2013-06-04 19:43 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-04 18:12 - 2013-05-26 19:26 - 00000000 ____D C:\Users\Julian\Desktop\Internet
2013-06-04 18:05 - 2013-06-04 18:04 - 00000000 ____D C:\Users\Julian\AppData\Local\Google
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Users\Julian\AppData\Local\AntiLogger Free
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2013-06-04 17:18 - 2013-06-04 17:18 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-09 16:23
==================== End Of Log ============================
Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2013 02
Ran by Julian at 2013-07-03 19:00:40
Running from C:\Users\Julian\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Acer Backup Manager (x32 Version: 2.0.0.68)
Acer Crystal Eye webcam Ver:1.1.188.706 (x32 Version: 1.1.188.706)
Acer ePower Management (x32 Version: 4.05.3007)
Acer eRecovery Management (x32 Version: 4.05.3013)
Acer GridVista (x32 Version: 3.03.1223)
Acer Registration (x32 Version: 1.03.3003)
Acer ScreenSaver (x32 Version: 1.1.0203.2010)
Acer Touch Movie (x32 Version: 9.0.6325)
Acer TouchPortal (x32 Version: 1.0.3925)
Acer Updater (x32 Version: 1.02.3001)
Acer VCM (x32 Version: 4.05.3002)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader 9.1 MUI (x32 Version: 9.1.0)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006)
AntiLogger Free version 1.6.2.226 (x32 Version: 1.6.2.226)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.33)
Avira Free Antivirus (x32 Version: 13.0.0.3737)
Backup Manager Basic (x32 Version: 2.0.0.68)
CCleaner (Version: 4.03)
CyberLink PowerDVD 8 (x32 Version: 8.1.4022.50)
Dir-It! (x32 Version: 4.02.0000)
eBay Worldwide (x32 Version: 2.1.0901)
Eraser 6.0.10.2620 (Version: 6.0.2620)
eSobi v2 (x32 Version: 2.0.4.000274)
Free Audio Converter version 5.0.24.430 (x32 Version: 5.0.24.430)
Google Chrome (HKCU Version: 27.0.1453.116)
ICQ 8.0 (build 6017) (HKCU Version: 8.0.6017.0)
Identity Card (x32 Version: 1.00.3003)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
JDownloader 2 (Version: 2.0)
Junk Mail filter update (x32 Version: 14.0.8117.416)
KeePass Password Safe 2.22 (x32)
Launch Manager (x32 Version: 3.0.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (x32 Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (x32 Version: 1.0.40517.00)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.0 (x32 Version: 3.0.11010.0)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
MSVCRT (x32 Version: 14.0.1468.721)
MyWinLocker (x32 Version: 3.1.212.0)
MyWinLocker Suite (x32 Version: 3.1.212.0)
Norton Online Backup (x32 Version: 2.1.17869)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6156)
Shredder (Version: 2.0.8.3)
Shredder (x32 Version: 2.0.8.3)
Skype™ 6.3 (x32 Version: 6.3.107)
Spybot - Search & Destroy (x32 Version: 2.1.19)
STScreenDetection (x32 Version: 1.00.00.18)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
TuneUp Utilities 2013 (x32 Version: 13.0.3000.132)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Virtual Earth 3D (Beta) (Version: 4.0.903.16005)
VLC media player 2.0.6 (Version: 2.0.6)
Welcome Center (x32 Version: 1.02.3004)
WIDCOMM Bluetooth Software (Version: 6.3.0.6000)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
ZoneAlarm Antivirus (x32 Version: 11.0.000.057)
ZoneAlarm Firewall (x32 Version: 11.0.000.057)
ZoneAlarm Firewall (x32 Version: 11.0.000.504)
ZoneAlarm Free Firewall (x32 Version: 11.0.000.504)
ZoneAlarm Security (x32 Version: 11.0.000.057)
ZoneAlarm Security (x32 Version: 11.0.000.504)
ZoneAlarm Security Toolbar (x32 Version: 1.8.11.11)
==================== Restore Points =========================
01-07-2013 18:01:44 TuneUp Utilities 2013 wird installiert
==================== Scheduled Tasks (whitelisted) =============
Task: {37A4203B-D0CA-4708-9D6A-DAC55A5FD32E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe No File
Task: {394EE9A4-555F-4E45-AFED-580607036D0A} - System32\Tasks\Acer Registration - Reminder Recall task => C:\Program Files (x86)\Acer\Registration\GREG.exe [2010-04-28] (Acer Incorporated)
Task: {5A73F8BD-5151-451A-86DF-50D55963FA64} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA => C:\Users\Julian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-04] (Google Inc.)
Task: {613CF678-5552-4664-B6E2-D7174D12EDF9} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {64B3C097-467D-47EC-BC1B-76189F766BA1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe No File
Task: {6FF4580C-21F3-42F9-AD95-BA878B9E9216} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core => C:\Users\Julian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-04] (Google Inc.)
Task: {8638A350-88F0-4267-84FA-EE6C9D1577C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {974A498E-9D94-44D0-83FA-FDB66441EACC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-11-29] (TuneUp Software)
Task: {A52F4767-DCAF-408B-A3D0-118FB32A2C83} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File
Task: {CB2F6BC1-38F3-45AF-8D4F-C987EDFBEAD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {D5342157-3A4E-4CDF-8967-B97CDCA53F6C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {DB94BE21-F2BB-4A05-80AD-6E70740028BD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe No File
Task: {E5D3F610-4DB3-4E0E-ABE6-D2CD721B27BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {E8AB24D5-2304-40C9-B118-6A5977D36288} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job => C:\Users\Julian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job => C:\Users\Julian\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/09/2013 04:26:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/09/2013 04:24:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (06/08/2013 11:57:29 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe, Version: 13.0.3020.2, Zeitstempel: 0x51067ac3
Name des fehlerhaften Moduls: TuneUpUtilitiesService64.exe, Version: 13.0.3020.2, Zeitstempel: 0x51067ac3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001cbe6
ID des fehlerhaften Prozesses: 0x908
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService64.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService64.exe2
Berichtskennung: TuneUpUtilitiesService64.exe3
Error: (05/31/2013 11:23:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec3cc
Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879, Zeitstempel: 0x518ec306
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c9789
ID des fehlerhaften Prozesses: 0xf90
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (05/28/2013 08:47:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UpdaterService.exe, Version: 1.0.0.8, Zeitstempel: 0x4b614046
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x808
Startzeit der fehlerhaften Anwendung: 0xUpdaterService.exe0
Pfad der fehlerhaften Anwendung: UpdaterService.exe1
Pfad des fehlerhaften Moduls: UpdaterService.exe2
Berichtskennung: UpdaterService.exe3
Error: (05/28/2013 08:47:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RS_Service.exe, Version: 4.5.3000.9285, Zeitstempel: 0x4a563cf3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x6d4
Startzeit der fehlerhaften Anwendung: 0xRS_Service.exe0
Pfad der fehlerhaften Anwendung: RS_Service.exe1
Pfad des fehlerhaften Moduls: RS_Service.exe2
Berichtskennung: RS_Service.exe3
Error: (05/28/2013 08:47:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IScheduleSvc.exe, Version: 2.0.0.68, Zeitstempel: 0x4c28447e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x640
Startzeit der fehlerhaften Anwendung: 0xIScheduleSvc.exe0
Pfad der fehlerhaften Anwendung: IScheduleSvc.exe1
Pfad des fehlerhaften Moduls: IScheduleSvc.exe2
Berichtskennung: IScheduleSvc.exe3
Error: (05/28/2013 08:47:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GREGsvc.exe, Version: 1.0.0.1, Zeitstempel: 0x4afbd2e4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x540
Startzeit der fehlerhaften Anwendung: 0xGREGsvc.exe0
Pfad der fehlerhaften Anwendung: GREGsvc.exe1
Pfad des fehlerhaften Moduls: GREGsvc.exe2
Berichtskennung: GREGsvc.exe3
Error: (05/28/2013 08:47:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UMVPFSrv.exe, Version: 13.31.1044.0, Zeitstempel: 0x4f166843
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x344
Startzeit der fehlerhaften Anwendung: 0xUMVPFSrv.exe0
Pfad der fehlerhaften Anwendung: UMVPFSrv.exe1
Pfad des fehlerhaften Moduls: UMVPFSrv.exe2
Berichtskennung: UMVPFSrv.exe3
Error: (05/28/2013 08:47:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mscorsvw.exe, Version: 4.0.30319.1, Zeitstempel: 0x4ba1da21
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x9e0
Startzeit der fehlerhaften Anwendung: 0xmscorsvw.exe0
Pfad der fehlerhaften Anwendung: mscorsvw.exe1
Pfad des fehlerhaften Moduls: mscorsvw.exe2
Berichtskennung: mscorsvw.exe3
System errors:
=============
Error: (07/01/2013 09:14:36 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (07/01/2013 07:35:38 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (07/01/2013 06:33:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/01/2013 06:33:47 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (07/01/2013 06:02:08 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
Error: (06/28/2013 06:11:26 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070420
Error: (06/26/2013 10:20:17 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
Error: (06/20/2013 06:43:54 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
Error: (06/20/2013 06:43:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/20/2013 06:43:06 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IPsec-Richtlinien-Agent erreicht.
Microsoft Office Sessions:
=========================
Error: (06/09/2013 04:26:57 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8
Error: (06/09/2013 04:24:58 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (06/08/2013 11:57:29 AM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService64.exe13.0.3020.251067ac3TuneUpUtilitiesService64.exe13.0.3020.251067ac3c0000005000000000001cbe690801ce642e8cae3970C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exeC:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exed44b6355-d021-11e2-bf0d-60eb699ddf56
Error: (05/31/2013 11:23:58 PM) (Source: Application Error)(User: )
Description: firefox.exe21.0.0.4879518ec3ccxul.dll21.0.0.4879518ec306c0000005001c9789f9001ce5e180a1b704bC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll677f31ac-ca38-11e2-a1c2-60eb699ddf56
Error: (05/28/2013 08:47:22 PM) (Source: Application Error)(User: )
Description: UpdaterService.exe1.0.0.84b614046unknown0.0.0.000000000c00000056f6e6a6480801ce5bd336e80315C:\Program Files\Acer\Acer Updater\UpdaterService.exeunknown07a491e3-c7c7-11e2-a586-60eb699ddf56
Error: (05/28/2013 08:47:18 PM) (Source: Application Error)(User: )
Description: RS_Service.exe4.5.3000.92854a563cf3unknown0.0.0.000000000c00000056f6e6a646d401ce5bd3369e386cC:\Program Files (x86)\Acer\Acer VCM\RS_Service.exeunknown05374abb-c7c7-11e2-a586-60eb699ddf56
Error: (05/28/2013 08:47:13 PM) (Source: Application Error)(User: )
Description: IScheduleSvc.exe2.0.0.684c28447eunknown0.0.0.000000000c00000056f6e6a6464001ce5bd336866aaaC:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exeunknown02425524-c7c7-11e2-a586-60eb699ddf56
Error: (05/28/2013 08:47:12 PM) (Source: Application Error)(User: )
Description: GREGsvc.exe1.0.0.14afbd2e4unknown0.0.0.000000000c00000056f6e6a6454001ce5bd3362bf65fC:\Program Files (x86)\Acer\Registration\GREGsvc.exeunknown0169b7eb-c7c7-11e2-a586-60eb699ddf56
Error: (05/28/2013 08:47:08 PM) (Source: Application Error)(User: )
Description: UMVPFSrv.exe13.31.1044.04f166843unknown0.0.0.000000000c00000056f6e6a6434401ce5bd329fe2899C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exeunknownff489ccc-c7c6-11e2-a586-60eb699ddf56
Error: (05/28/2013 08:47:04 PM) (Source: Application Error)(User: )
Description: mscorsvw.exe4.0.30319.14ba1da21unknown0.0.0.000000000c00000056f6e6a649e001ce5bd387811adcC:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeunknownfd016ba9-c7c6-11e2-a586-60eb699ddf56
CodeIntegrity Errors:
===================================
Date: 2013-07-03 18:56:13.424
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-03 18:45:32.274
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-03 18:40:20.009
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-03 18:30:27.088
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-01 20:41:31.839
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-01 20:12:52.810
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-01 20:00:59.778
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-01 19:22:40.138
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-01 19:11:17.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-01 18:53:50.044
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 62%
Total physical RAM: 3998.91 MB
Available physical RAM: 1508.38 MB
Total Pagefile: 7995.96 MB
Available Pagefile: 4514.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:101.78 GB) (Free:46.77 GB) NTFS (Disk=0 Partition=3)
Drive d: (Daten) (Fixed) (Total:350.89 GB) (Free:314.26 GB) NTFS (Disk=0 Partition=4)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 82D3A025)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=102 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=351 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
03.07.2013, 20:45
| #4 |
| /// the machine /// TB-Ausbilder | Internet mit allen Browsern langsam nach BizCoaching Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.07.2013, 17:15
| #5 |
| | Internet mit allen Browsern langsam nach BizCoaching So Code:
ATTFilter # AdwCleaner v2.304 - Datei am 04/07/2013 um 17:49:09 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium (64 bits)
# Benutzer : Julian - JULIAN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Julian\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Julian\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16483
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v27.0.1453.116
Datei : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1137 octets] - [03/07/2013 18:39:48]
AdwCleaner[S1].txt - [12655 octets] - [03/07/2013 18:31:13]
AdwCleaner[S2].txt - [1071 octets] - [04/07/2013 17:49:09]
########## EOF - C:\AdwCleaner[S2].txt - [1131 octets] ##########
JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Julian on 04.07.2013 at 17:58:54,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9F1604C3-87ED-4AF9-A921-9812FF832A94}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\7yoofxo0.default\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.07.2013 at 18:11:29,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
04.07.2013, 19:50
| #6 |
| /// the machine /// TB-Ausbilder | Internet mit allen Browsern langsam nach BizCoachingESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST Log bitte. Noch Probleme?
__________________ --> Internet mit allen Browsern langsam nach BizCoaching |
|
06.07.2013, 15:33
| #7 |
| | Internet mit allen Browsern langsam nach BizCoachingCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=559bd8049d48f74dafcba09518177120
# engine=14289
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-06 01:16:16
# local_time=2013-07-06 03:16:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1799 16775165 100 96 9477 238539866 2221 0
# compatibility_mode=5893 16776573 100 94 148673 124746426 0 0
# compatibility_mode=9217 16776573 100 13 2337756 13635644 0 0
# scanned=138098
# found=0
# cleaned=0
# scan_time=7068
Code:
ATTFilter Results of screen317's Security Check version 0.99.68
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
ZoneAlarm Free Firewall Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
TuneUp Utilities 2013
TuneUp Utilities Language Pack (de-DE)
Adobe Flash Player 11.7.700.224
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 21.0 Firefox out of Date!
Google Chrome 27.0.1453.110
Google Chrome 27.0.1453.116
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2013 02
Ran by Julian (administrator) on 06-07-2013 16:28:11
Running from C:\Users\Julian\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Windows\snuvcdsm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [ScreenRotation] C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe [2584576 2009-11-06] ()
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated)
HKLM\...\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe [30080 2010-01-13] ()
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] C:\Windows\PLFSetI.exe [206208 2013-05-26] ()
HKLM\...\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden" [1127592 2012-11-22] (Check Point Software Technologies)
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [icq] C:\Users\Julian\AppData\Roaming\ICQM\icq.exe -CU [27598184 2013-05-28] (ICQ)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [870992 2010-01-29] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [1558480 2013-07-03] (APN)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-01-15] ()
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL [89936 2013-05-24] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL [82696 2013-05-24] (Zemana Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {44417FA3-E13C-4E17-9A5F-FD0D0C2AC285} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&&r=469
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll (Montera Technologeis LTD)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10GX0008T1B0008&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Extension: zonealarm.com - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: tineye - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\tineye@ideeinc.com.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: No Name - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (Gmail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-03] (APN LLC.)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [828072 2012-11-22] (Check Point Software Technologies)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33712 2012-11-22] (Check Point Software Technologies)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [26080 2013-05-24] (Zemana Ltd.)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [611160 2012-11-15] (Kaspersky Lab)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2010-01-13] ()
R3 STHall; C:\Windows\system32\DRIVERS\STHall.sys [21864 2009-11-24] (ST Microelectronics)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-06 16:16 - 2013-07-06 16:16 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Avira
2013-07-06 16:13 - 2013-07-06 16:12 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\ProgramData\APN
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-06 16:10 - 2013-07-06 16:10 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-06 16:10 - 2013-06-20 14:48 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-07-06 16:10 - 2013-06-20 14:48 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-07-06 16:10 - 2013-03-06 16:13 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-07-06 16:06 - 2013-07-06 16:07 - 104943936 ____A C:\Users\Julian\Downloads\avira3737_free_antivirus_de.exe
2013-07-06 15:59 - 2013-07-06 15:59 - 00001201 ____A C:\Users\Julian\Desktop\checkup.txt
2013-07-06 15:33 - 2013-07-06 15:34 - 00890988 ____A C:\Users\Julian\Downloads\SecurityCheck.exe
2013-07-06 13:15 - 2013-07-06 13:15 - 02347384 ____A (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_enu (1).exe
2013-07-04 21:21 - 2013-07-04 21:21 - 02347384 ____A (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_enu.exe
2013-07-04 18:11 - 2013-07-04 18:11 - 00000905 ____A C:\Users\Julian\Desktop\JRT.txt
2013-07-04 17:56 - 2013-07-04 17:56 - 00001200 ____A C:\Users\Julian\Desktop\AdwCleaner[S2].txt
2013-07-04 17:49 - 2013-07-04 17:50 - 00001200 ____A C:\AdwCleaner[S2].txt
2013-07-03 19:58 - 2013-07-03 19:58 - 00063312 ____A C:\Users\Julian\Downloads\Extras.Txt
2013-07-03 19:57 - 2013-07-03 19:57 - 00106358 ____A C:\Users\Julian\Downloads\OTL.Txt
2013-07-03 19:36 - 2013-07-03 19:36 - 00050477 ____A C:\Users\Julian\Downloads\Defogger.exe
2013-07-03 19:36 - 2013-07-03 19:36 - 00000474 ____A C:\Users\Julian\Downloads\defogger_disable.log
2013-07-03 19:36 - 2013-07-03 19:36 - 00000000 ____A C:\Users\Julian\defogger_reenable
2013-07-03 19:35 - 2013-07-03 19:35 - 00602112 ____A (OldTimer Tools) C:\Users\Julian\Downloads\OTL.exe
2013-07-03 19:10 - 2013-03-05 13:18 - 00000016 ____A C:\Users\Julian\Downloads\enjoy.txt
2013-07-03 19:03 - 2013-07-04 17:57 - 00000000 ____D C:\JRT
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 19:00 - 2013-07-03 19:02 - 00024303 ____A C:\Users\Julian\Downloads\Addition.txt
2013-07-03 19:00 - 2013-07-03 19:00 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Julian\Downloads\JRT.exe
2013-07-03 18:58 - 2013-07-03 18:58 - 00000000 ____D C:\FRST
2013-07-03 18:40 - 2013-07-03 18:40 - 01934082 ____A (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2013-07-03 18:39 - 2013-07-03 18:40 - 00001137 ____A C:\AdwCleaner[R1].txt
2013-07-03 18:31 - 2013-07-03 18:32 - 00012655 ____A C:\AdwCleaner[S1].txt
2013-07-03 18:30 - 2013-07-03 18:30 - 00650027 ____A C:\Users\Julian\Downloads\adwcleaner.exe
2013-07-03 18:16 - 2013-07-06 16:00 - 00000448 ____A C:\Windows\setupact.log
2013-07-03 18:16 - 2013-07-03 18:16 - 00109688 ____A C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 18:16 - 2013-07-03 18:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 18:15 - 2013-07-06 15:59 - 00001408 ____A C:\Windows\PFRO.log
2013-07-03 18:15 - 2013-07-03 18:15 - 00417040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-01 20:03 - 2012-11-29 16:06 - 00034656 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-07-01 20:03 - 2012-11-29 16:06 - 00025952 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-07-01 20:03 - 2012-11-29 16:06 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-01 20:02 - 2013-07-01 20:03 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 20:00 - 2013-07-01 20:00 - 30169591 ____A C:\Users\Julian\Downloads\TuneUp_Utilities_2013_v13.0.300.132.rar
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Julian\Downloads\TuneUp Utilities 2013 v13.0.300.132
2013-07-01 19:02 - 2013-07-01 19:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-01 18:57 - 2013-07-01 18:57 - 03357912 ____A (Piriform Ltd) C:\Users\Julian\Downloads\ccsetup403_slim.exe
2013-07-01 18:34 - 2013-07-01 18:39 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-01 18:33 - 2009-01-25 13:14 - 00017272 ____A (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2013-07-01 18:32 - 2013-07-01 18:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-01 18:31 - 2013-07-01 18:32 - 36271144 ____A (Safer-Networking Ltd. ) C:\Users\Julian\Downloads\spybot-2.1.exe
2013-06-30 12:28 - 2013-06-30 12:29 - 00000000 ____D C:\Users\Julian\Downloads\Movie.43.2013.BDRip.AC3.German.XviD-POE
2013-06-30 12:21 - 2013-06-27 11:19 - 1972400128 ____A C:\Users\Julian\Downloads\Olympus has fallen.avi
2013-06-30 11:25 - 2013-07-03 18:19 - 00000000 ____D C:\Program Files (x86)\LyricsWoofer
2013-06-22 20:45 - 2013-07-01 21:20 - 00000000 ____D C:\Users\Julian\Downloads\Genetikk - D.N.A
2013-06-22 20:11 - 2013-06-22 20:11 - 00844290 ____A C:\Users\Julian\Downloads\gendna2013pre.rar.part
2013-06-22 20:04 - 2013-06-22 20:11 - 11627273 ____A C:\Users\Julian\Downloads\DNA_PR_E.rar.part
2013-06-19 21:58 - 2013-06-19 21:59 - 00000000 ____D C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
2013-06-15 21:53 - 2013-06-15 21:54 - 00000000 ____D C:\Users\Julian\Downloads\Snitch.2013.READ.NFO.BDRip.MD.German.x264-POE
2013-06-15 16:39 - 2013-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-06-09 15:33 - 2013-06-15 17:54 - 00000000 ____D C:\Users\Julian\Downloads\Der.Hobbit.Eine.Unerwartete.Reise.2012.German.DL.1080p.BluRay.x264.READ.NFO.INTERNAL-ENCOUNTERS
2013-06-09 13:51 - 2013-06-09 13:51 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
2013-06-07 19:34 - 2013-06-07 19:35 - 00000000 ____D C:\Users\Julian\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
2013-07-06 16:24 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-06 16:24 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-06 16:16 - 2013-07-06 16:16 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Avira
2013-07-06 16:14 - 2013-06-04 18:04 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job
2013-07-06 16:13 - 2013-05-26 21:36 - 00000000 ____D C:\Users\Julian\AppData\Roaming\KeePass
2013-07-06 16:12 - 2013-07-06 16:13 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\ProgramData\APN
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-06 16:11 - 2013-05-26 19:18 - 00000000 ____D C:\Users\Julian\Desktop\Verwaltung
2013-07-06 16:10 - 2013-07-06 16:10 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-06 16:10 - 2013-05-26 18:59 - 00000000 ____D C:\ProgramData\Avira
2013-07-06 16:07 - 2013-07-06 16:06 - 104943936 ____A C:\Users\Julian\Downloads\avira3737_free_antivirus_de.exe
2013-07-06 16:00 - 2013-07-03 18:16 - 00000448 ____A C:\Windows\setupact.log
2013-07-06 16:00 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-06 15:59 - 2013-07-06 15:59 - 00001201 ____A C:\Users\Julian\Desktop\checkup.txt
2013-07-06 15:59 - 2013-07-03 18:15 - 00001408 ____A C:\Windows\PFRO.log
2013-07-06 15:59 - 2013-05-26 17:03 - 01957965 ____A C:\Windows\WindowsUpdate.log
2013-07-06 15:58 - 2013-05-26 19:53 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 15:34 - 2013-07-06 15:33 - 00890988 ____A C:\Users\Julian\Downloads\SecurityCheck.exe
2013-07-06 15:34 - 2013-05-27 02:54 - 00654166 ____A C:\Windows\System32\perfh007.dat
2013-07-06 15:34 - 2013-05-27 02:54 - 00130006 ____A C:\Windows\System32\perfc007.dat
2013-07-06 15:34 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-06 15:30 - 2013-05-26 19:16 - 00000388 ____A C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2013-07-06 13:15 - 2013-07-06 13:15 - 02347384 ____A (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_enu (1).exe
2013-07-06 13:14 - 2013-05-26 21:46 - 00000000 ____D C:\Users\Julian\AppData\Roaming\vlc
2013-07-04 21:21 - 2013-07-04 21:21 - 02347384 ____A (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_enu.exe
2013-07-04 20:45 - 2013-05-28 18:12 - 00000000 ____D C:\Users\Julian\Downloads\mdh
2013-07-04 18:57 - 2013-05-26 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-04 18:14 - 2013-06-04 18:04 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job
2013-07-04 18:11 - 2013-07-04 18:11 - 00000905 ____A C:\Users\Julian\Desktop\JRT.txt
2013-07-04 17:57 - 2013-07-03 19:03 - 00000000 ____D C:\JRT
2013-07-04 17:56 - 2013-07-04 17:56 - 00001200 ____A C:\Users\Julian\Desktop\AdwCleaner[S2].txt
2013-07-04 17:50 - 2013-07-04 17:49 - 00001200 ____A C:\AdwCleaner[S2].txt
2013-07-04 17:49 - 2013-05-26 19:26 - 00000000 ____D C:\Users\Julian\AppData\Roaming\CheckPoint
2013-07-03 19:58 - 2013-07-03 19:58 - 00063312 ____A C:\Users\Julian\Downloads\Extras.Txt
2013-07-03 19:57 - 2013-07-03 19:57 - 00106358 ____A C:\Users\Julian\Downloads\OTL.Txt
2013-07-03 19:36 - 2013-07-03 19:36 - 00050477 ____A C:\Users\Julian\Downloads\Defogger.exe
2013-07-03 19:36 - 2013-07-03 19:36 - 00000474 ____A C:\Users\Julian\Downloads\defogger_disable.log
2013-07-03 19:36 - 2013-07-03 19:36 - 00000000 ____A C:\Users\Julian\defogger_reenable
2013-07-03 19:36 - 2013-05-26 17:46 - 00000000 ____D C:\users\Julian
2013-07-03 19:35 - 2013-07-03 19:35 - 00602112 ____A (OldTimer Tools) C:\Users\Julian\Downloads\OTL.exe
2013-07-03 19:06 - 2013-05-26 20:34 - 00000000 ____D C:\Users\Julian\AppData\Local\JDownloader v2.0
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 19:02 - 2013-07-03 19:00 - 00024303 ____A C:\Users\Julian\Downloads\Addition.txt
2013-07-03 19:00 - 2013-07-03 19:00 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Julian\Downloads\JRT.exe
2013-07-03 18:58 - 2013-07-03 18:58 - 00000000 ____D C:\FRST
2013-07-03 18:40 - 2013-07-03 18:40 - 01934082 ____A (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2013-07-03 18:40 - 2013-07-03 18:39 - 00001137 ____A C:\AdwCleaner[R1].txt
2013-07-03 18:32 - 2013-07-03 18:31 - 00012655 ____A C:\AdwCleaner[S1].txt
2013-07-03 18:30 - 2013-07-03 18:30 - 00650027 ____A C:\Users\Julian\Downloads\adwcleaner.exe
2013-07-03 18:19 - 2013-06-30 11:25 - 00000000 ____D C:\Program Files (x86)\LyricsWoofer
2013-07-03 18:16 - 2013-07-03 18:16 - 00109688 ____A C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 18:16 - 2013-07-03 18:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 18:15 - 2013-07-03 18:15 - 00417040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-01 21:20 - 2013-06-22 20:45 - 00000000 ____D C:\Users\Julian\Downloads\Genetikk - D.N.A
2013-07-01 21:15 - 2013-05-26 19:19 - 00000000 ____D C:\Users\Julian\AppData\Local\DoNotTrackPlus
2013-07-01 21:06 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-07-01 20:11 - 2013-05-29 18:39 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-01 20:03 - 2013-07-01 20:02 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 20:00 - 2013-07-01 20:00 - 30169591 ____A C:\Users\Julian\Downloads\TuneUp_Utilities_2013_v13.0.300.132.rar
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Julian\Downloads\TuneUp Utilities 2013 v13.0.300.132
2013-07-01 19:02 - 2013-07-01 19:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-01 18:57 - 2013-07-01 18:57 - 03357912 ____A (Piriform Ltd) C:\Users\Julian\Downloads\ccsetup403_slim.exe
2013-07-01 18:39 - 2013-07-01 18:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-01 18:33 - 2013-07-01 18:32 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-01 18:32 - 2013-07-01 18:31 - 36271144 ____A (Safer-Networking Ltd. ) C:\Users\Julian\Downloads\spybot-2.1.exe
2013-06-30 20:37 - 2013-05-26 19:25 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Skype
2013-06-30 12:29 - 2013-06-30 12:28 - 00000000 ____D C:\Users\Julian\Downloads\Movie.43.2013.BDRip.AC3.German.XviD-POE
2013-06-27 11:19 - 2013-06-30 12:21 - 1972400128 ____A C:\Users\Julian\Downloads\Olympus has fallen.avi
2013-06-22 20:50 - 2013-05-28 20:04 - 00006729 ___AH C:\Windows\SysWOW64\BTImages.dat
2013-06-22 20:11 - 2013-06-22 20:11 - 00844290 ____A C:\Users\Julian\Downloads\gendna2013pre.rar.part
2013-06-22 20:11 - 2013-06-22 20:04 - 11627273 ____A C:\Users\Julian\Downloads\DNA_PR_E.rar.part
2013-06-20 14:48 - 2013-07-06 16:10 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-20 14:48 - 2013-07-06 16:10 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-19 21:59 - 2013-06-19 21:58 - 00000000 ____D C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
2013-06-19 21:53 - 2013-05-26 20:11 - 00000000 ____D C:\Users\Julian\Desktop\Media
2013-06-15 21:54 - 2013-06-15 21:53 - 00000000 ____D C:\Users\Julian\Downloads\Snitch.2013.READ.NFO.BDRip.MD.German.x264-POE
2013-06-15 17:54 - 2013-06-09 15:33 - 00000000 ____D C:\Users\Julian\Downloads\Der.Hobbit.Eine.Unerwartete.Reise.2012.German.DL.1080p.BluRay.x264.READ.NFO.INTERNAL-ENCOUNTERS
2013-06-15 16:39 - 2013-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-06-15 16:38 - 2010-09-14 13:14 - 00000000 ____D C:\Windows\Downloaded Installations
2013-06-12 19:58 - 2013-05-26 19:53 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 19:58 - 2013-05-26 19:53 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-10 18:34 - 2013-05-26 19:26 - 00417563 ____A C:\Windows\System32\Drivers\vsconfig.xml
2013-06-09 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-09 13:51 - 2013-06-09 13:51 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
2013-06-07 19:35 - 2013-06-07 19:34 - 00000000 ____D C:\Users\Julian\AppData\Local\Adobe
2013-06-07 19:34 - 2013-05-26 18:13 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Adobe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-09 16:23
==================== End Of Log ============================
Hat sich nichts geändert ... Internet immer noch langsam und CPU Auslastung auf 100% bei allen Browsern |
|
06.07.2013, 17:33
| #8 |
| /// the machine /// TB-Ausbilder | Internet mit allen Browsern langsam nach BizCoaching Adobe und Firefox brauchen ein Update, für dein Windows gibt es nen Servicepack, dringend installieren. Öffne bitte FRST, setz nen Haken bei Additional und lass scannen, poste beide Logfiles.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Internet mit allen Browsern langsam nach BizCoaching |
| adblock, avira, bho, browser, converter, desktop, ebay, error, excel, firefox, flash player, google, home, install.exe, kaspersky, langsam, launch, logfile, plug-in, programm, realtek, richtlinie, safer networking, scan, security, senden, server, software, svchost.exe, symantec, windows, zemana |
Hybrid-Darstellung
