| |
| |||||||
Log-Analyse und Auswertung: Minimierung einiger FensterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.08.2013, 19:37
| #1 |
 |  Minimierung einiger Fenster habe die vermutung das ich einen Virus auf meinem Rechner habe. Ich komme dazu, weil wenn ich "vollbild" Spiele spiele schließen sie sich in unregelmäßigen abständen minimieren Ich habe Windows 7 professional ; Service Pack 1; 32 bit version Grafikkarte: Nvidia Gforce GTX 550 Ti Prozessor: AMD Athlon II X4 640 Processor Motherboard: Asus M4A77T/USB3 OTL Logfile: Code:
ATTFilter OTL logfile created on: 06.08.2013 16:34:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tim\Downloads Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 71,36% Memory free 6,49 Gb Paging File | 4,75 Gb Available in Paging File | 73,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 53,61 Gb Total Space | 10,02 Gb Free Space | 18,68% Space Free | Partition Type: NTFS Drive D: | 390,62 Gb Total Space | 280,61 Gb Free Space | 71,84% Space Free | Partition Type: NTFS Drive E: | 487,17 Gb Total Space | 482,91 Gb Free Space | 99,12% Space Free | Partition Type: NTFS Drive G: | 100,00 Mb Total Space | 71,51 Mb Free Space | 71,51% Space Free | Partition Type: NTFS Computer Name: TIM-PC | User Name: tim | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.08.06 16:33:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tim\Downloads\OTL.exe PRC - [2013.07.25 02:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe PRC - [2013.06.27 13:40:35 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.06.27 13:40:19 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.06.27 13:39:54 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.06.27 13:39:54 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.06.01 09:30:10 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013.01.26 07:08:50 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\tim\AppData\Local\Akamai\netsession_win.exe PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2012.07.17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2012.07.17 14:49:00 | 000,194,304 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2011.08.04 17:08:56 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEUPDT.EXE PRC - [2011.08.04 17:06:12 | 001,612,920 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE PRC - [2011.03.14 19:09:00 | 002,565,520 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011.02.07 09:56:11 | 000,138,192 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe PRC - [2011.01.16 17:04:04 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011.01.16 16:13:52 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2010.11.20 14:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe PRC - [2010.11.20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe PRC - [2010.05.24 11:10:34 | 001,683,360 | R--- | M] (VIA) -- C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe PRC - [2010.03.05 10:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2010.03.05 10:15:04 | 000,411,864 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe PRC - [2010.02.03 16:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe PRC - [2010.01.22 12:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2003.04.17 08:54:16 | 000,012,288 | ---- | M] () -- D:\Programme\Winamp\winampa.exe ========== Modules (No Company Name) ========== MOD - [2013.07.25 02:49:46 | 000,396,240 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll MOD - [2013.07.25 02:49:44 | 004,052,944 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\pdf.dll MOD - [2013.07.25 02:48:54 | 000,601,552 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\libglesv2.dll MOD - [2013.07.25 02:48:53 | 000,123,344 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\libegl.dll MOD - [2013.07.25 02:48:51 | 001,597,392 | ---- | M] () -- C:\Programme\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll MOD - [2010.05.24 11:10:38 | 000,098,720 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\VMicApi.dll MOD - [2010.05.24 11:10:32 | 064,661,408 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\skin.dll MOD - [2010.05.24 11:10:30 | 000,078,240 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\QsApoApi.dll MOD - [2010.05.24 11:10:28 | 000,111,008 | R--- | M] () -- C:\Programme\VIA\VIAudioi\VDeck\Dts2ApoApi.dll MOD - [2009.09.30 05:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\System32\AsIO.dll MOD - [2009.07.31 21:39:08 | 000,503,202 | ---- | M] () -- C:\Programme\DeviceVM\Browser Configuration Utility\sqlite3.dll MOD - [2009.03.25 16:53:14 | 000,053,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AsSpindownTimeout.dll MOD - [2009.03.19 22:35:52 | 000,208,896 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AiNap.dll MOD - [2009.03.19 22:35:50 | 000,008,704 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\vvc.dll MOD - [2009.01.15 14:55:10 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\pngio.dll MOD - [2003.04.17 08:54:16 | 000,012,288 | ---- | M] () -- D:\Programme\Winamp\winampa.exe ========== Services (SafeList) ========== SRV - [2013.06.27 13:40:35 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.06.27 13:39:54 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013.05.27 00:28:25 | 004,467,488 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.07.17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2012.01.23 18:19:32 | 001,858,048 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2011.02.07 09:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2011.01.16 16:13:52 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.03.05 10:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Programme\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2007.03.28 19:42:42 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1) DRV - File not found [Kernel | On_Demand | Running] -- C:\Windows\system32\XDva403.sys -- (XDva403) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva402.sys -- (XDva402) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva401.sys -- (XDva401) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\vtany.sys -- (vtany) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - [2013.06.13 14:41:27 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf003.sys -- (apf003) DRV - [2013.04.20 15:38:44 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013.04.20 15:38:44 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.04.20 15:38:44 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.04.20 15:38:44 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013.02.26 00:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2013.02.18 09:22:18 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2011.05.13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011.05.13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) DRV - [2011.05.13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) DRV - [2011.05.13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) DRV - [2011.05.13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.05.15 13:11:42 | 001,150,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2010.01.22 12:21:48 | 000,139,648 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2010.01.22 12:21:46 | 000,059,904 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2009.08.24 00:55:32 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2009.08.04 04:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2009.07.16 05:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fde.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA 43 1C E0 BB 3D CE 01 [binary data] IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Programme\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=5CB7BCAEC5DEDEBC IE - HKCU\..\SearchScopes\{7C6607F5-8B33-4aaa-A490-5DF91FFE8B58}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} IE - HKCU\..\SearchScopes\{D55190B2-D813-4b69-B994-68835272AACF}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.3.3.15 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.11 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013.07.17 14:27:30 | 000,000,000 | ---D | M] [2013.04.20 14:22:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\Extensions [2013.08.03 22:21:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\Firefox\Profiles\dps4hh4h.default\extensions [2013.07.31 11:14:55 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.08.03 22:21:40 | 000,275,449 | ---- | M] () (No name found) -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013.05.31 12:39:43 | 000,006,473 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\babylon.xml [2013.05.31 12:39:43 | 000,006,473 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\BrowserProtect.xml [2013.04.21 19:05:04 | 000,001,294 | ---- | M] () -- C:\Users\tim\AppData\Roaming\mozilla\firefox\profiles\dps4hh4h.default\searchplugins\delta.xml [2013.07.17 14:27:30 | 000,000,000 | ---D | M] ("DVDVideoSoft YouTube MP3 and Video Download") -- C:\PROGRAM FILES\COMMON FILES\DVDVIDEOSOFT\PLUGINS\FF [2013.04.21 19:04:58 | 000,006,470 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: DealPlyLive Update (Enabled) = C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll CHR - Extension: Google Docs = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [WinampAgent] D:\Programme\Winamp\Winampa.exe () O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\tim\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aeriagames.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F84B3D99-2ABE-49C4-B79D-E08C1ADA95D3}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.08.05 22:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.08.05 22:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013.08.05 15:46:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.07.31 21:22:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games [2013.07.30 21:08:53 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX_MusicEditor [2013.07.30 21:08:50 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Xara [2013.07.30 21:08:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX [2013.07.30 21:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [2013.07.30 21:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX [2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\Video deluxe 2013 [2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX Downloads [2013.07.30 20:54:29 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\MAGIX [2013.07.30 20:54:28 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\MAGIX [2013.07.30 20:49:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared [2013.07.30 20:48:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2013.07.30 20:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services [2013.07.30 20:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2013.07.30 20:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps [2013.07.30 12:03:48 | 000,000,000 | ---D | C] -- C:\Users\tim\Desktop\tante anna [2013.07.29 17:33:04 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\OpenOffice [2013.07.29 17:32:41 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0 [2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\redist [2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\readmes [2013.07.29 17:30:48 | 000,000,000 | ---D | C] -- C:\Users\tim\licenses [2013.07.25 19:16:20 | 000,000,000 | ---D | C] -- C:\Users\tim\Documents\My Cheat Tables [2013.07.25 19:15:11 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\DealPlyLive [2013.07.25 19:15:09 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Google [2013.07.25 19:15:09 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly [2013.07.24 18:11:17 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Dragons-Empire [2013.07.21 22:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL [2013.07.21 22:05:48 | 000,000,000 | ---D | C] -- C:\Stormblade [2013.07.19 19:10:25 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\PunkBuster [2013.07.19 18:10:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya [2013.07.19 18:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Solid State Networks [2013.07.18 08:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [2013.07.18 07:56:17 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Riot Games [2013.07.17 22:22:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT [2013.07.17 20:56:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Just Aion Launcher [2013.07.17 20:41:54 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Chromium [2013.07.17 15:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge [2013.07.17 15:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge [2013.07.17 14:41:14 | 000,000,000 | ---D | C] -- C:\Users\tim\Desktop\rap [2013.07.17 14:27:38 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\DVDVideoSoftIEHelpers [2013.07.17 14:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\OpenCandy [2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\DVDVideoSoft [2013.07.17 14:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2013.07.16 17:12:52 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\SWTORPerf [2013.07.16 17:11:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare [2013.07.16 15:32:52 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Ubisoft [2013.07.16 15:32:50 | 000,000,000 | -HSD | C] -- C:\Users\tim\wc [2013.07.16 15:32:49 | 000,000,000 | -HSD | C] -- C:\Users\tim\AppData\Roaming\wyUpdate AU [2013.07.14 20:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJ [2013.07.14 20:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM [2013.07.14 20:10:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX [2013.07.14 20:10:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2013.07.14 20:10:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2 [2013.07.14 20:10:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP [2013.07.14 20:09:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter [2013.07.14 20:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Benutzerregistrierung [2013.07.14 20:07:39 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Roaming\Canon [2013.07.14 20:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series [2013.07.14 20:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON [2013.07.14 20:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt [2013.07.14 20:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2013.07.14 20:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5300 series Manual [2013.07.14 20:02:10 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2013.07.14 20:02:00 | 000,035,328 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMNPUI.DLL [2013.07.14 20:02:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\STRING [2013.07.14 20:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2013.07.11 22:06:13 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.07.11 22:06:12 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.07.11 22:06:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.07.11 22:06:12 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.07.11 22:06:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.07.11 22:06:11 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.07.11 22:06:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.07.11 22:06:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.07.11 22:06:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.07.11 22:06:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.07.11 16:59:34 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013.07.11 16:59:33 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2013.07.11 16:59:31 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.07.11 16:59:30 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2013.07.09 17:45:43 | 000,000,000 | ---D | C] -- C:\Users\tim\AppData\Local\Paint.NET ========== Files - Modified Within 30 Days ========== [2013.08.06 16:21:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.08.06 16:20:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job [2013.08.06 16:15:00 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\Dealply.job [2013.08.06 16:05:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.08.06 15:49:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.08.06 13:20:36 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.08.06 13:20:36 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.08.06 13:15:34 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.08.06 13:15:21 | 2615,808,000 | -HS- | M] () -- C:\hiberfil.sys [2013.08.05 23:31:24 | 000,000,928 | ---- | M] () -- C:\Users\tim\Desktop\Royalsstar.lnk [2013.08.05 22:01:45 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.08.05 15:46:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.08.04 11:24:32 | 000,000,983 | ---- | M] () -- C:\Users\tim\Desktop\Akimura2.lnk [2013.08.02 17:15:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2013.07.31 21:22:47 | 000,000,790 | ---- | M] () -- C:\Users\tim\Desktop\CrossFire.lnk [2013.07.31 09:29:26 | 000,544,648 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.07.30 21:08:49 | 000,120,200 | ---- | M] () -- C:\Windows\System32\DLLDEV32i.dll [2013.07.30 21:08:46 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Premium.lnk [2013.07.30 20:07:23 | 000,000,551 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk [2013.07.30 19:50:21 | 000,004,509 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamStudio.cfg [2013.07.30 19:50:21 | 000,000,408 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamShapes.ini [2013.07.30 19:50:21 | 000,000,408 | ---- | M] () -- C:\Users\tim\AppData\Roaming\CamLayout.ini [2013.07.30 19:50:21 | 000,000,096 | ---- | M] () -- C:\Users\tim\AppData\Roaming\Camdata.ini [2013.07.30 13:33:40 | 000,696,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.07.30 13:33:40 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.07.30 13:33:40 | 000,147,916 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.07.30 13:33:40 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.07.30 11:08:37 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.07.30 11:08:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.07.29 18:02:04 | 000,016,727 | ---- | M] () -- C:\Users\tim\Desktop\Unbenannt 1.odt [2013.07.29 17:32:41 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk [2013.07.21 22:05:54 | 000,000,232 | ---- | M] () -- C:\Windows\ODBCINST.INI [2013.07.19 20:01:33 | 000,139,424 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2013.07.19 20:01:25 | 000,282,104 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2013.07.19 20:01:17 | 000,234,768 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2013.07.19 19:06:18 | 000,138,056 | ---- | M] () -- C:\Users\tim\AppData\Roaming\PnkBstrK.sys [2013.07.18 08:49:31 | 000,001,497 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2013.07.17 14:27:32 | 000,000,956 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk [2013.07.16 15:42:32 | 152,126,245 | ---- | M] () -- C:\Users\tim\openoffice1.cab [2013.07.16 15:40:58 | 002,269,184 | ---- | M] () -- C:\Users\tim\openoffice400.msi [2013.07.16 15:40:58 | 000,475,136 | ---- | M] () -- C:\Users\tim\setup.exe [2013.07.16 15:40:58 | 000,000,279 | ---- | M] () -- C:\Users\tim\setup.ini [2013.07.14 20:07:23 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2013.07.09 17:59:32 | 000,024,239 | ---- | M] () -- C:\Users\tim\Desktop\Diamond.jpg ========== Files Created - No Company Name ========== [2013.08.05 23:31:24 | 000,000,928 | ---- | C] () -- C:\Users\tim\Desktop\Royalsstar.lnk [2013.08.05 22:01:45 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.08.05 22:00:54 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.08.05 22:00:52 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.08.05 15:46:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.08.03 18:43:43 | 000,000,983 | ---- | C] () -- C:\Users\tim\Desktop\Akimura2.lnk [2013.07.31 21:22:47 | 000,000,790 | ---- | C] () -- C:\Users\tim\Desktop\CrossFire.lnk [2013.07.30 21:08:46 | 000,000,857 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Premium.lnk [2013.07.30 20:07:23 | 000,000,551 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk [2013.07.30 01:01:46 | 000,000,408 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamShapes.ini [2013.07.30 01:01:46 | 000,000,408 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamLayout.ini [2013.07.30 01:01:46 | 000,000,096 | ---- | C] () -- C:\Users\tim\AppData\Roaming\Camdata.ini [2013.07.29 20:20:15 | 000,004,509 | ---- | C] () -- C:\Users\tim\AppData\Roaming\CamStudio.cfg [2013.07.29 18:02:02 | 000,016,727 | ---- | C] () -- C:\Users\tim\Desktop\Unbenannt 1.odt [2013.07.29 17:32:41 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk [2013.07.25 19:15:19 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\DealPlyLiveUpdateTaskMachineUA.job [2013.07.25 19:15:09 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\Dealply.job [2013.07.21 22:05:54 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI [2013.07.19 19:11:34 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr [2013.07.19 19:06:18 | 000,139,424 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2013.07.19 19:06:17 | 000,138,056 | ---- | C] () -- C:\Users\tim\AppData\Roaming\PnkBstrK.sys [2013.07.19 19:05:54 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2013.07.19 19:05:54 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.ex0 [2013.07.19 19:05:51 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2013.07.18 08:49:31 | 000,001,497 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk [2013.07.17 14:27:32 | 000,000,956 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk [2013.07.16 15:42:32 | 152,126,245 | ---- | C] () -- C:\Users\tim\openoffice1.cab [2013.07.16 15:40:58 | 002,269,184 | ---- | C] () -- C:\Users\tim\openoffice400.msi [2013.07.16 15:40:58 | 000,475,136 | ---- | C] () -- C:\Users\tim\setup.exe [2013.07.16 15:40:58 | 000,000,279 | ---- | C] () -- C:\Users\tim\setup.ini [2013.07.14 20:04:51 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk [2013.07.09 17:59:26 | 000,024,239 | ---- | C] () -- C:\Users\tim\Desktop\Diamond.jpg [2013.06.13 14:41:27 | 000,016,304 | ---- | C] () -- C:\Windows\System32\apl003.sys [2013.06.13 14:41:27 | 000,013,232 | ---- | C] () -- C:\Windows\System32\apf003.sys [2013.04.23 18:08:28 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI [2013.04.21 20:54:23 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2013.04.21 19:02:04 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini [2013.04.20 13:57:41 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll [2013.04.20 13:57:41 | 000,011,296 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys [2013.04.20 13:57:39 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys [2013.04.20 13:57:39 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys [2013.04.20 13:52:12 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2013.04.20 13:52:08 | 000,032,040 | ---- | C] () -- C:\Windows\Ascd_tmp.ini ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > |
| Themen zu Minimierung einiger Fenster |
| 32 bit, adobe, akamai, antivir, autorun, avg, avira, bho, browser, canon, converter, defender, desktop, dvdvideosoft ltd., explorer, firefox, flash player, format, google, helper, intranet, logfile, minimieren, mp3, nvidia, plug-in, registry, scan, software, verdacht auf virus, virus, windows |
Baum-Darstellung