Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
ADWARE/bProtect.D gemeldet

ADWARE/bProtect.D gemeldet


Plagegeister aller Art und deren Bekämpfung: ADWARE/bProtect.D gemeldet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.09.2013, 21:01   #1
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
ADWARE/bProtect.D gemeldet - Standard

ADWARE/bProtect.D gemeldet


Hi,

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.09.2013, 06:51   #2
Simone70
 
ADWARE/bProtect.D gemeldet - Standard

ADWARE/bProtect.D gemeldet


Vielen Dank für die schnell Antwort.

Hier der FRST TXT:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-09-2013 01
Ran by Simone70 (ATTENTION: The logged in user is not administrator) on SIMONE70 on 10-09-2013 07:38:56
Running from C:\Users\Simone70\Downloads
Microsoft Windows 7 Professional  (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(Microsoft) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(NCP engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\NcpBudgetGui.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Simone70\AppData\Local\Citrix\GoToMeeting\1010\g2mstart.exe
(Akamai Technologies, Inc.) C:\Users\Simone70\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Simone70\AppData\Local\Akamai\netsession_win.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Simone70\AppData\Roaming\Dropbox\bin\Dropbox.exe
(sw4you, Siegfried Weckmann) C:\Program Files\Hardcopy\hardcopy.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Simone70\AppData\Local\Citrix\GoToMeeting\1010\g2mcomm.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Simone70\AppData\Local\Citrix\GoToMeeting\1010\g2mlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe InDesign CS6\InDesign.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1602856 2010-01-08] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-04-07] (IDT, Inc.)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3873648 2010-01-15] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] - C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe [726640 2010-08-02] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5249024 2010-11-02] (Dell Inc.)
HKLM\...\Run: [Dell Webcam Central] - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM\...\Run: [DpAgent] - C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-05-13] (DigitalPersona, Inc.)
HKLM\...\Run: [RemoteControl9] - c:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] - c:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-14] (CyberLink Corp.)
HKLM\...\Run: [DBRMTray] - C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [206336 2010-05-20] (Microsoft)
HKLM\...\Run: [NcpBudgetGui] - C:\Program Files\LANCOM\Advanced VPN Client\NcpBudgetGui.exe [1026560 2010-05-21] (NCP engineering GmbH)
HKLM\...\Run: [NcpPopup] - C:\Program Files\LANCOM\Advanced VPN Client\ncppopup.exe [1192016 2010-05-21] (NCP engineering GmbH)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [BrMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1167360 2009-08-03] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] - C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [413464 2013-02-15] (Acronis)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-20] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [DBRMTray] - C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-02-05] (Microsoft)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [360448 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKCU\...\Run: [GoToMeeting] - C:\Users\Simone70\AppData\Local\Citrix\GoToMeeting\1010\g2mstart.exe [40376 2012-09-20] (Citrix Online, a division of Citrix Systems, Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Simone70\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {2ee00d07-a566-11e1-a346-02004e435049} - F:\Install.exe
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Simone70\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Simone70\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Simone70\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=EIE9HP&PC=UP50
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} -  No File
URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
URLSearchHook: (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {C0F38068-0981-4889-AAFB-1D915045DC26} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKCU - bProtectorDefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKCU - {92709D39-BBE1-4495-9B19-10F9407C6B1B} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - {C0F38068-0981-4889-AAFB-1D915045DC26} URL = 
SearchScopes: HKCU - {E2152A3A-570A-4313-9DA9-0818FB5D8F1E} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKCU - {F5D69A5E-6C69-4294-9AA6-F6787F10A659} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKCU - {FCD90272-C38C-4C95-9B2D-B329AC8B1E4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll No File
BHO: DigitalPersona Fingerprint Software Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} -  No File
Toolbar: HKCU -No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
Toolbar: HKCU -No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKCU -No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU -No Name - {C476973F-2EA1-4E9C-AC35-38111C02D924} -  No File
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll No File
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Simone70\AppData\Local\Citrix\Plugins\60\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\searchplugins\schulengel-customized-web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: FoxyDeal - C:\Users\Simone70\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: Visualisateur 3D de 20-20 - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\2020Player_IKEA@2020Technologies.com
FF Extension: No Name - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\fb_add_on@avm.de
FF Extension: No Name - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\staged
FF Extension: Yahoo! Toolbar - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: ColorZilla - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF Extension: WOT - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: firebug - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: firefile - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\firefile@strebitzer.at.xpi
FF Extension: No Name - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] C:\Program Files\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt\
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] c:\Program Files\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] C:\Program Files\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\firefoxext

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [831360 2013-02-15] (Acronis)
R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3816440 2013-05-11] (Acronis)
R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [622648 2013-09-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 Client32; C:\PROGRA~1\NETSUP~1\client32.exe [16447 2006-02-28] (NetSupport Ltd)
R2 Crypkey License; C:\Windows\System32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.)
R2 dldo_device; C:\Windows\system32\dldocoms.exe [589824 2007-09-10] ( )
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe [81920 2010-06-21] (FirebirdSQL Project)
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe [2043904 2010-06-21] (FirebirdSQL Project)
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 M4-Service; C:\Users\Simone70\AppData\Local\Mikogo4\Viewer\Service\M4-Service.exe [1008032 2012-11-12] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [1590560 2012-05-17] (Microsoft Corp.)
R2 mysql; c:\xampp\mysql\bin\my.ini [5777 2012-12-14] ()
R2 ncpclcfg; C:\Program Files\LANCOM\Advanced VPN Client\ncpclcfg.exe [133712 2010-05-21] (NCP engineering GmbH)
R2 ncprwsnt; C:\Program Files\LANCOM\Advanced VPN Client\ncprwsnt.exe [1118288 2010-06-30] (NCP Engineering GmbH)
R2 NcpSec; C:\Program Files\LANCOM\Advanced VPN Client\NCPSEC.EXE [93184 2010-05-07] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [993848 2011-04-19] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-04-19] (Secunia)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7094592 2013-03-20] (Acronis)
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [1664304 2010-06-03] (Validity Sensors, Inc.)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4539392 2010-11-02] (Dell Inc.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [520576 2012-10-29] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R3 Acceler; C:\Windows\System32\DRIVERS\Accelern.sys [43888 2010-07-09] (ST Microelectronics)
R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [92448 2013-08-06] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-08-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-08-06] (Avira Operations GmbH & Co. KG)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2010-11-02] (Broadcom Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 CtAudDrv; C:\Windows\system32\Drivers\CtAudDrv.sys [134144 2009-05-28] (Creative Technology Ltd.)
S3 gdihook5; C:\Windows\System32\DRIVERS\gdihook5.sys [24633 2006-02-28] (NetSupport Ltd)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [11680 2012-10-12] (Windows (R) Win 7 DDK provider)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10.sys [52096 2010-10-01] (Generic USB smartcard reader)
S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [77808 2010-07-06] (NCP Engineering GmbH)
R3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [77808 2010-07-06] (NCP Engineering GmbH)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] ()
R1 PCISys; C:\Windows\System32\Drivers\PCISys.sys [32823 2006-02-28] (NetSupport Ltd)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-07-01] (REDC)
R2 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe86.sys [38400 2009-07-05] (REDC)
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17648 2010-07-09] (ST Microelectronics)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [888640 2013-05-11] (Acronis International GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2013-05-11] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2013-05-11] (Acronis)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2013-05-11] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2013-05-11] (Acronis International GmbH)
S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [69024 2012-10-12] (Wacom Technology)
S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13728 2012-10-12] (Wacom Technology)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-10 06:49 - 2013-09-10 06:49 - 96866131 _____ C:\Windows\system32\唵ஂb
2013-09-09 13:07 - 2013-09-09 13:09 - 00000000 ____D C:\AdwCleaner
2013-09-09 13:06 - 2013-09-09 13:06 - 01037278 _____ C:\Users\Simone70\Desktop\adwcleaner.exe
2013-09-09 12:24 - 2013-09-09 12:24 - 96665497 _____ C:\Windows\system32\躬鬔[
2013-09-05 14:45 - 2013-09-05 21:01 - 00000000 ____D D:\Daten_Simone70\schule
2013-09-05 08:09 - 2013-09-05 20:08 - 96185213 _____ C:\Windows\system32\悮⥳m
2013-09-04 08:01 - 2013-09-04 08:01 - 95812354 _____ C:\Windows\system32\﵉᭰Z
2013-09-02 12:04 - 2013-09-02 12:04 - 00009313 _____ C:\Users\Simone70\Downloads\Yamaha-vector-logo-8F4376D8D1-seeklogo.com.zip
2013-09-02 10:19 - 2013-09-03 11:47 - 00000000 ____D D:\Daten_Simone70\pa
2013-09-01 16:44 - 2013-09-01 16:44 - 95198291 _____ C:\Windows\system32\펅i
2013-09-01 12:43 - 2013-09-01 12:43 - 95178560 _____ C:\Windows\system32\㿜㣺g
2013-08-31 12:53 - 2013-08-31 12:57 - 00056106 _____ D:\Daten_Simone70\images.jpg
2013-08-31 12:50 - 2013-08-31 12:51 - 00036598 _____ D:\Daten_Simone70\IMGP3122.JPG
2013-08-30 09:49 - 2013-08-30 11:49 - 94748418 _____ C:\Windows\system32\㶼㹷f
2013-08-29 20:25 - 2013-08-29 20:25 - 94663095 _____ C:\Windows\system32\⤭h
2013-08-29 14:30 - 2013-08-29 14:30 - 94605346 _____ C:\Windows\system32\偙杣^
2013-08-28 20:48 - 2013-08-28 20:48 - 101009872 _____ C:\Windows\system32\ꔑྡྷ`
2013-08-27 09:38 - 2013-08-27 15:39 - 100448122 _____ C:\Windows\system32\浗叞i
2013-08-26 13:41 - 2013-08-26 19:41 - 100225570 _____ C:\Windows\system32\捆࣬d
2013-08-24 19:40 - 2013-08-24 19:40 - 100041808 _____ C:\Windows\system32\颩}
2013-08-23 09:43 - 2013-08-23 09:43 - 99862753 _____ C:\Windows\system32\⻯䠧g
2013-08-22 19:36 - 2013-08-22 19:36 - 00022366 _____ C:\Users\Simone70\Downloads\fontello-a9d789d3.zip
2013-08-22 18:55 - 2013-08-22 20:55 - 99814594 _____ C:\Windows\system32\뛭䏀`
2013-08-21 20:26 - 2013-08-21 20:26 - 99727755 _____ C:\Windows\system32\縪�6
2013-08-21 10:54 - 2013-08-21 10:54 - 99647885 _____ C:\Windows\system32\黳]
2013-08-20 21:11 - 2013-08-20 21:11 - 00292246 _____ C:\Users\Simone70\Downloads\Lifesciencetexte.html
2013-08-20 20:28 - 2013-08-20 20:28 - 99562272 _____ C:\Windows\system32\Lc
2013-08-20 20:26 - 2013-09-04 10:21 - 416761189 _____ C:\Windows\MEMORY.DMP
2013-08-20 13:29 - 2013-09-10 06:48 - 00002184 _____ C:\Windows\setupact.log
2013-08-20 13:29 - 2013-08-20 13:29 - 00000000 _____ C:\Windows\setuperr.log
2013-08-18 19:20 - 2013-08-18 19:20 - 05118341 _____ C:\Users\Simone70\Downloads\Fotolia_42350377_V.zip
2013-08-18 11:18 - 2013-08-18 11:18 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Avira
2013-08-18 11:07 - 2013-08-18 11:07 - 00000000 ____D C:\Users\Simone\AppData\Roaming\WTablet
2013-08-17 17:12 - 2013-08-17 17:12 - 00026081 _____ C:\Users\Simone70\Downloads\Architects_Daughter.zip

==================== One Month Modified Files and Folders =======

2013-09-10 07:36 - 2013-09-10 07:36 - 01082349 _____ (Farbar) C:\Users\Simone70\Downloads\FRST.exe
2013-09-10 07:35 - 2010-11-10 12:27 - 00000000 ____D D:\Daten_Simone70\Outlook-Dateien
2013-09-10 07:34 - 2012-10-10 16:05 - 03205045 _____ D:\Daten_Simone70\zeitnachweis_2012.xlsx
2013-09-10 07:28 - 2012-04-11 10:05 - 00000000 ____D C:\Users\Simone70\AppData\Roaming\Dropbox
2013-09-10 06:57 - 2009-07-14 06:34 - 00014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-10 06:57 - 2009-07-14 06:34 - 00014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-10 06:51 - 2012-04-11 10:07 - 00000000 ___RD C:\Users\Simone70\Dropbox
2013-09-10 06:49 - 2013-09-10 06:49 - 96866131 _____ C:\Windows\system32\唵ஂb
2013-09-10 06:49 - 2010-11-12 12:31 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-09-10 06:48 - 2013-08-20 13:29 - 00002184 _____ C:\Windows\setupact.log
2013-09-10 06:48 - 2010-11-10 11:22 - 00000008 _____ C:\Windows\system32\pcisys.ntk
2013-09-10 06:48 - 2010-11-10 00:52 - 00077748 _____ C:\Windows\error.log
2013-09-10 06:48 - 2010-11-10 00:52 - 00017118 _____ C:\Windows\errord.log
2013-09-09 21:51 - 2009-07-14 06:55 - 01357927 _____ C:\Windows\WindowsUpdate.log
2013-09-09 14:56 - 2011-11-10 00:21 - 00000000 ____D C:\Users\SIMONE~1\AppData\Local\Akamai
2013-09-09 14:29 - 2013-01-04 18:03 - 00000000 ____D D:\Daten_Simone70\Grafikakademie
2013-09-09 13:09 - 2013-09-09 13:07 - 00000000 ____D C:\AdwCleaner
2013-09-09 13:09 - 2011-10-24 20:54 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Uniblue
2013-09-09 13:08 - 2011-10-24 20:54 - 00000000 ____D C:\ProgramData\Uniblue
2013-09-09 13:08 - 2011-10-24 20:54 - 00000000 ____D C:\Program Files\Uniblue
2013-09-09 13:06 - 2013-09-09 13:06 - 01037278 _____ C:\Users\Simone70\Desktop\adwcleaner.exe
2013-09-09 12:38 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-09 12:33 - 2010-11-10 10:01 - 00000000 ____D C:\Users\SIMONE~1\AppData\Local\Adobe
2013-09-09 12:24 - 2013-09-09 12:24 - 96665497 _____ C:\Windows\system32\躬鬔[
2013-09-09 12:24 - 2012-03-02 09:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-09 12:23 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-06 07:15 - 2012-03-02 09:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-06 06:47 - 2012-06-03 10:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-05 21:01 - 2013-09-05 14:45 - 00000000 ____D D:\Daten_Simone70\schule
2013-09-05 20:08 - 2013-09-05 08:09 - 96185213 _____ C:\Windows\system32\悮⥳m
2013-09-04 13:59 - 2012-09-27 13:17 - 00000000 ____D D:\Daten_Simone70\Kunden
2013-09-04 10:21 - 2013-08-20 20:26 - 416761189 _____ C:\Windows\MEMORY.DMP
2013-09-04 10:21 - 2010-11-10 10:03 - 00000000 ____D C:\Windows\Minidump
2013-09-04 08:01 - 2013-09-04 08:01 - 95812354 _____ C:\Windows\system32\﵉᭰Z
2013-09-03 21:18 - 2011-05-13 22:22 - 00000488 __RSH C:\ProgramData\ntuser.pol
2013-09-03 14:04 - 2012-01-06 12:58 - 00000000 ____D D:\Daten_Simone70\bü
2013-09-03 11:47 - 2013-09-02 10:19 - 00000000 ____D D:\Daten_Simone70\pa
2013-09-02 16:30 - 2010-11-01 19:46 - 00454910 _____ C:\Windows\PFRO.log
2013-09-02 16:22 - 2012-01-08 13:25 - 00000000 ____D C:\ProgramData\MySQL
2013-09-02 16:22 - 2012-01-08 13:25 - 00000000 ____D C:\Program Files\MySQL
2013-09-02 16:07 - 2013-08-06 13:59 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 16:07 - 2012-12-12 14:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-02 16:06 - 2013-05-06 06:22 - 00000862 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-09-02 16:04 - 2012-08-31 10:20 - 00000000 ____D C:\Program Files\Microsoft Lync
2013-09-02 15:46 - 2010-11-02 02:00 - 00000000 ____D C:\ProgramData\Adobe
2013-09-02 15:46 - 2010-11-02 02:00 - 00000000 ____D C:\Program Files\Adobe
2013-09-02 15:45 - 2010-11-02 02:00 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-09-02 15:32 - 2012-06-03 10:23 - 00000000 ____D C:\Windows\pss
2013-09-02 15:03 - 2012-08-31 10:21 - 00000000 ____D C:\Users\Simone70\Tracing
2013-09-02 12:04 - 2013-09-02 12:04 - 00009313 _____ C:\Users\Simone70\Downloads\Yamaha-vector-logo-8F4376D8D1-seeklogo.com.zip
2013-09-01 16:44 - 2013-09-01 16:44 - 95198291 _____ C:\Windows\system32\펅i
2013-09-01 12:43 - 2013-09-01 12:43 - 95178560 _____ C:\Windows\system32\㿜㣺g
2013-08-31 20:27 - 2010-11-12 14:10 - 00000000 ___RD D:\Daten_Simone70\EIGDAT
2013-08-31 12:57 - 2013-08-31 12:53 - 00056106 _____ D:\Daten_Simone70\images.jpg
2013-08-31 12:51 - 2013-08-31 12:50 - 00036598 _____ D:\Daten_Simone70\IMGP3122.JPG
2013-08-30 12:41 - 2010-11-25 12:07 - 00000000 ____D C:\Users\Simone70\AppData\Roaming\FileZilla
2013-08-30 11:49 - 2013-08-30 09:49 - 94748418 _____ C:\Windows\system32\㶼㹷f
2013-08-29 20:25 - 2013-08-29 20:25 - 94663095 _____ C:\Windows\system32\⤭h
2013-08-29 14:30 - 2013-08-29 14:30 - 94605346 _____ C:\Windows\system32\偙杣^
2013-08-28 20:48 - 2013-08-28 20:48 - 101009872 _____ C:\Windows\system32\ꔑྡྷ`
2013-08-27 15:39 - 2013-08-27 09:38 - 100448122 _____ C:\Windows\system32\浗叞i
2013-08-26 19:41 - 2013-08-26 13:41 - 100225570 _____ C:\Windows\system32\捆࣬d
2013-08-25 19:35 - 2013-04-21 13:19 - 00001456 _____ C:\Users\SIMONE~1\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-08-24 21:06 - 2010-11-10 12:26 - 00000000 ___RD D:\Daten_Simone70\Bilder
2013-08-24 19:40 - 2013-08-24 19:40 - 100041808 _____ C:\Windows\system32\颩}
2013-08-23 09:43 - 2013-08-23 09:43 - 99862753 _____ C:\Windows\system32\⻯䠧g
2013-08-22 21:11 - 2012-08-30 18:43 - 00000000 ____D C:\Users\Simone70\AppData\Roaming\Skype
2013-08-22 20:55 - 2013-08-22 18:55 - 99814594 _____ C:\Windows\system32\뛭䏀`
2013-08-22 19:36 - 2013-08-22 19:36 - 00022366 _____ C:\Users\Simone70\Downloads\fontello-a9d789d3.zip
2013-08-21 20:26 - 2013-08-21 20:26 - 99727755 _____ C:\Windows\system32\縪�6
2013-08-21 10:54 - 2013-08-21 10:54 - 99647885 _____ C:\Windows\system32\黳]
2013-08-20 21:47 - 2012-06-03 10:30 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-20 21:47 - 2011-05-13 23:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 21:11 - 2013-08-20 21:11 - 00292246 _____ C:\Users\Simone70\Downloads\Lifesciencetexte.html
2013-08-20 20:28 - 2013-08-20 20:28 - 99562272 _____ C:\Windows\system32\Lc
2013-08-20 13:36 - 2013-08-06 14:37 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-20 13:36 - 2013-08-06 13:59 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-20 13:29 - 2013-08-20 13:29 - 00000000 _____ C:\Windows\setuperr.log
2013-08-19 20:44 - 2011-05-17 14:51 - 00000000 ____D C:\Program Files\WYSIWYG Web Builder 7
2013-08-19 20:26 - 2010-11-12 13:22 - 00000000 ____D D:\Daten_Simone70\Marion
2013-08-19 20:21 - 2011-02-12 13:07 - 00000000 ____D D:\Daten_Simone70\Kiga
2013-08-19 20:19 - 2012-01-03 21:52 - 00000000 ____D D:\Daten_Simone70\homepageRettung
2013-08-19 20:18 - 2012-03-30 17:24 - 00000000 ____D D:\Daten_Simone70\Forum NEU
2013-08-19 19:49 - 2010-11-02 01:53 - 01644114 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-18 19:20 - 2013-08-18 19:20 - 05118341 _____ C:\Users\Simone70\Downloads\Fotolia_42350377_V.zip
2013-08-18 11:18 - 2013-08-18 11:18 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Avira
2013-08-18 11:11 - 2012-08-31 10:20 - 00000000 ____D C:\Users\Simone\Tracing
2013-08-18 11:07 - 2013-08-18 11:07 - 00000000 ____D C:\Users\Simone\AppData\Roaming\WTablet
2013-08-17 17:12 - 2013-08-17 17:12 - 00026081 _____ C:\Users\Simone70\Downloads\Architects_Daughter.zip
2013-08-15 03:05 - 2013-07-17 07:37 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 03:01 - 2010-11-09 21:57 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 17:25 - 2011-10-04 08:06 - 00000000 ____D C:\ProgramData\Roxio
2013-08-12 17:14 - 2012-10-21 13:03 - 00000000 ____D D:\Daten_Simone70\Kinder CD'
2013-08-11 11:12 - 2011-07-15 11:20 - 00000000 ____D C:\ProgramData\tmp
2013-08-11 11:06 - 2011-07-15 11:20 - 00001105 _____ C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2013-08-11 11:06 - 2011-07-15 11:20 - 00001090 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
--- --- ---

--- --- ---


Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-09-2013 01
Ran by Simone70 at 2013-09-10 07:40:09
Running from C:\Users\Simone70\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

"Durchstarten mit Ponky - Mathe 1+2" (Version: 2.00)
AccelerometerP11 (Version: 2.00.10.11)
Adobe AIR (Version: 3.7.0.2090)
Adobe Content Viewer (Version: 1.4.0)
Adobe Download Assistant (Version: 1.0.5)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Help Manager (Version: 4.0.244)
Adobe Illustrator CS6 (Version: 16.0)
Adobe InDesign CS6 (Version: 8.0)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Advanced Audio FX Engine (Version: 1.12.05)
Akamai NetSession Interface Service
AllDup 3.3.14 (Version: 3.3.14)
Amicron-Faktura 10.0 © Amicron Software
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
AVM FRITZ!fax für FRITZ!Box
AVS Audio Converter 7
AVS Audio Editor 7.1
AVS Audio Recorder version 4.0
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Converter 8
AVS Video Editor 6
AVS Video Recorder 2.5
AVS4YOU Software Navigator 1.4
Bonjour (Version: 3.0.0.10)
Brother BRAdmin Light 1.18.0000 (Version: 1.18.0000)
Brother MFC-5895CW (Version: 1.00)
Brother MFL-Pro Suite MFC-5895CW (Version: 1.0.2.0)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CrystalDiskInfo 4.1.3 (Version: 4.1.3)
CyberLink PowerDVD 9.5 (Version: 9.5.0.2829)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery Manager (Version: 1.3)
Dell Driver Download Manager (HKCU Version: 2.1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Touchpad (Version: 15.0.2.0)
Dell Webcam Central (Version: 1.40.05)
DigitalPersona Personal 4.01 (Version: 4.01.3765)
dm-Fotowelt (Version: 5.0.4)
Dropbox (HKCU Version: 2.0.22)
DW WLAN Card Utility (Version: 5.60.48.35)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
ElsterFormular-Upgrade (Version: 14.3.11574)
FileHippo.com Update Checker
FileZilla Client 3.5.3 (Version: 3.5.3)
Firebird 2.0.6.13266 (win32) (Version: 2.0.6.13266)
GetDataBack for NTFS (Version: 4.00.000)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
GoToMeeting 5.3.0.1010 (HKCU Version: 5.3.0.1010)
Hardcopy (C:\Program Files\Hardcopy) (Version: 2010.10.01)
iCloud (Version: 1.0.2.17)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
iTunes (Version: 11.0.0.163)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java(TM) 6 Update 24 (Version: 6.0.240)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 14.0.8089.726)
LANCOM Advanced VPN Client (Version: 2.23)
Lexware Info Service (Version: 2.80.00.0007)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
McAfee Security Scan Plus (Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Labs Forgotten Attachment Detector (Version: 1.0.0609.0)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Online Services-Anmeldeassistent (Version: 7.250.4303.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 17.0.1 (x86 de) (Version: 17.0.1)
Mozilla Maintenance Service (Version: 17.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MySQL Connector C 6.0.2 (Version: 6.0.2)
MySQL Connector C++ 1.1.0 (Version: 1.1.0)
MySQL Connector J (Version: 5.1.15.0)
MySQL Connector Net 6.4.4 (Version: 6.4.4)
MySQL Connector/ODBC 5.1 (Version: 5.1.8)
MySQL Workbench 5.2 CE (Version: 5.2.35)
NetSupport Manager (Version: NetSupport Manager 9.50)
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.33)
NVIDIA Drivers (Version: 1.10.62.40)
PDF Settings CS6 (Version: 11.0)
PDF Split And Merge Basic (Version: 2.2.2)
Picasa 3 (Version: 3.9)
PST Walker Evaluation 4.63
QuickSet32 (Version: 1.3.3)
QuickSteuer 2012 DB (Version: 18.07.00.0006)
QuickTime (Version: 7.71.80.42)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
R-Studio 3.0 (Version: 3.0.123023)
R-Studio 5.3 (Version: 5.3.132958)
Safari (Version: 5.34.52.7)
ScanSoft PaperPort 11 (Version: 11.2.0000)
Secunia PSI (2.0.0.3003)
Skype™ 5.10 (Version: 5.10.116)
SlimDX Redistributable (June 2010) (Version: 2.0.10.43)
SpeedFan (remove only)
Stellar Phoenix Windows Data Recovery V4.1
TeamViewer 8 (Version: 8.0.17396)
True Image 2013 (Version: 16.0.6514)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Validity Sensors DDK (Version: 3.1.379)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
Wacom Tablett (Version: 6.3.4-3)
WebTablet FB Plugin 32 bit (Version: 2.1.0.2)
WIDCOMM Bluetooth Software (Version: 6.2.1.900)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Fotogalerie (Version: 14.0.8081.709)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
XAMPP 1.8.1
 

==================== Restore Points  =========================

Could not list Restore Points.


==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2009-05-13 00:50 - 2009-05-13 00:50 - 00494656 _____ (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll
2010-11-10 15:18 - 2010-04-21 11:00 - 00058368 _____ () C:\Program Files\Hardcopy\HcDLL2_30_Win32.dll
2012-12-17 19:53 - 2012-10-29 09:14 - 00963456 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2012-12-17 19:53 - 2012-10-29 09:14 - 01628032 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2013-03-28 00:53 - 2013-03-28 00:53 - 02670136 _____ (Acronis) C:\Program Files\Acronis\TrueImageHome\tishell.dll
2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\Simone70\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2009-05-13 00:50 - 2009-05-13 00:50 - 00359488 _____ (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpoSet.dll
2012-01-08 15:41 - 2012-01-08 15:41 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-07-14 02:07 - 2009-07-14 03:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2010-11-10 15:18 - 2010-09-30 10:14 - 00055296 _____ () C:\Program Files\Hardcopy\hardcopy_03.dll
2009-10-20 16:12 - 2009-10-20 16:12 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00021312 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2013-03-28 00:54 - 2013-03-28 00:54 - 00141632 _____ (Acronis) C:\Program Files\Acronis\TrueImageHome\versions_page.dll
2011-11-02 09:09 - 2008-08-20 20:12 - 00258048 _____ (Alex Yakovlev) C:\ProgramData\AllDup\FEShlExt.dll
2010-11-02 01:59 - 2010-11-02 01:59 - 07489024 _____ (Dell Inc.) C:\Windows\system32\BCMWLCPL.CPL
2010-11-02 04:39 - 2010-06-03 19:55 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2010-11-02 04:37 - 2010-01-08 06:45 - 00173352 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2010-11-02 04:37 - 2010-01-08 06:45 - 00161064 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2010-11-01 19:49 - 2010-04-07 14:35 - 03354624 _____ (IDT, Inc.) C:\Program Files\IDT\WDM\STLang.dll
2010-11-02 04:37 - 2010-04-07 14:35 - 00527872 _____ (IDT, Inc.) C:\Windows\system32\stapi32.dll
2010-11-02 02:08 - 2009-06-23 03:15 - 00235008 _____ (Creative Technology Ltd) C:\Program Files\Dell Webcam\Dell Webcam Central\CTLoadRs.dll
2010-11-02 02:08 - 2009-06-24 00:16 - 00065536 _____ (Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\CtPinMgr.dll
2009-05-13 00:50 - 2009-05-13 00:50 - 00334912 _____ (DigitalPersona, Inc.) C:\Windows\system32\DPFPApi.DLL
2009-05-13 00:50 - 2009-05-13 00:50 - 00240704 _____ (DigitalPersona, Inc.) C:\Windows\system32\DPCLBACK.dll
2009-05-13 00:50 - 2009-05-13 00:50 - 00670784 _____ (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpOCache.dll
2010-11-02 04:37 - 2010-05-20 18:39 - 00122880 _____ (Microsoft) C:\dell\DBRM\Reminder\de-DE\DbrmTrayicon.resources.dll
2010-11-10 11:00 - 2010-06-09 13:45 - 00097792 _____ () C:\Program Files\LANCOM\Advanced VPN Client\ncpmif32.dll
2010-11-10 11:00 - 2002-06-28 12:16 - 00151552 _____ () C:\Program Files\LANCOM\Advanced VPN Client\ncpcfg.dll
2010-11-10 11:00 - 2009-10-21 14:29 - 00139264 _____ () C:\Program Files\LANCOM\Advanced VPN Client\ncpdlg.dll
2010-11-10 11:00 - 2010-02-02 18:23 - 00249344 _____ (NCP engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\ncpmon3.dll
2010-11-10 11:00 - 2010-05-21 12:45 - 00090704 _____ (NCP engineering GmbH) C:\Program Files\LANCOM\Advanced VPN Client\ncpclcfg.dll
2011-11-25 23:50 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2011-11-25 23:51 - 2008-12-14 10:11 - 00163840 ____N (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BRMFCWNDGer.dll
2013-03-27 18:53 - 2013-03-27 18:53 - 00121152 _____ (Acronis) C:\Program Files\Acronis\TrueImageHome\afcdpapi.dll
2013-01-23 16:09 - 2013-01-23 16:09 - 00399680 _____ (Acronis) C:\Program Files\Common Files\Acronis\SnapAPI\snapapi.dll
2013-03-28 00:37 - 2013-03-28 00:37 - 13627872 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers.dll
2013-03-27 21:31 - 2013-03-27 21:31 - 00028480 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\thread_pool.dll
2013-03-27 21:33 - 2013-03-27 21:33 - 00289088 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\libssl10.dll
2013-03-27 21:23 - 2013-03-27 21:23 - 01329472 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\libcrypto10.dll
2013-03-20 19:31 - 2013-03-20 19:31 - 00280896 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\sync_agent_api.dll
2013-03-14 17:51 - 2013-03-14 17:51 - 03566664 _____ (Acronis International GmbH) C:\Program Files\Common Files\Acronis\TrueImageHome\tdrpapi.dll
2013-03-28 00:32 - 2013-03-28 00:32 - 00076096 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\rpc_client.dll
2013-01-10 13:31 - 2013-01-10 13:31 - 00342488 _____ (Acronis) C:\Program Files\Common Files\Acronis\TibMounter\tib_mounter.dll
2012-07-24 15:50 - 2012-07-24 15:50 - 01750400 _____ (Acronis) C:\Program Files\Common Files\Acronis\TibMounter\fox.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files\Common Files\Acronis\TibMounter\icudt38.dll
2012-07-24 15:47 - 2012-07-24 15:47 - 00032640 _____ (Acronis) C:\Program Files\Common Files\Acronis\TibMounter\thread_pool.dll
2011-11-25 23:51 - 2008-02-05 20:17 - 00176128 ____N (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BroSNMP.dll
2011-11-25 23:51 - 2009-03-06 13:51 - 00770048 ____N (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccDCtl.dll
2011-11-25 23:51 - 2008-10-21 20:41 - 00159744 ____N (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccger.dll
2011-11-25 23:51 - 2008-07-22 22:24 - 05390336 ____N (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccimg.dll
2011-11-25 23:51 - 2009-05-11 14:48 - 00372736 ____N (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccFCtl.dll
2012-09-20 13:01 - 2012-09-20 13:01 - 15933352 _____ (Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Simone70\AppData\Local\Citrix\GoToMeeting\1010\g2m.dll
2012-09-20 13:01 - 2012-09-20 13:01 - 01360824 _____ (Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Simone70\AppData\Local\Citrix\GoToMeeting\1010\G2MResource_de.dll
2009-07-14 01:53 - 2009-07-14 03:14 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\irprops.cpl
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Simone70\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Simone70\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Simone70\AppData\Roaming\Dropbox\bin\icudt.dll
2010-11-10 15:18 - 2010-09-30 10:04 - 00779264 _____ () C:\Program Files\Hardcopy\HcDllS.dll
2012-09-20 13:01 - 2012-09-20 13:01 - 00260544 _____ (Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Simone70\AppData\Local\Citrix\GoToMeeting\1010\G2MOutlookAddin.dll
2012-09-20 13:01 - 2012-09-20 13:01 - 00205240 _____ (Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Simone70\AppData\Local\Citrix\GoToMeeting\1010\G2MIMessenger.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-12-21 01:15 - 2010-12-21 01:15 - 01041248 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2012-03-28 19:10 - 2012-03-28 19:10 - 00067216 _____ () C:\Program Files\Adobe\Adobe InDesign CS6\ASLSupport.dll
2012-03-28 12:18 - 2012-03-28 12:18 - 01256288 _____ (WinSoft S.A.) C:\Program Files\Adobe\Adobe InDesign CS6\WRServices.dll
2012-03-28 12:18 - 2012-03-28 12:18 - 00374960 _____ () C:\Program Files\Adobe\Adobe InDesign CS6\Plug-ins\Filters\Sangam Readers\Reader For PageMaker.smrd
2012-03-28 12:18 - 2012-03-28 12:18 - 00123056 _____ () C:\Program Files\Adobe\Adobe InDesign CS6\PMFileReader.dll
2012-03-28 12:18 - 2012-03-28 12:18 - 00050352 _____ () C:\Program Files\Adobe\Adobe InDesign CS6\ALDFS32CJK.dll
2012-03-28 12:18 - 2012-03-28 12:18 - 00046256 _____ () C:\Program Files\Adobe\Adobe InDesign CS6\ALDVM32CJK.dll
2012-03-28 12:18 - 2012-03-28 12:18 - 00070776 _____ () C:\Program Files\Adobe\Adobe InDesign CS6\unihan.dll
2012-03-28 19:32 - 2012-03-28 19:32 - 00141456 _____ (Winsoft) C:\Program Files\Adobe\Adobe InDesign CS6\Required\WORLDREADY.RPLN
2012-01-23 18:24 - 2012-01-23 18:24 - 00885880 _____ (WinSoft SA) C:\Program Files\Common Files\Adobe\Linguistics\6.0\Providers\Plugins2\WRLiloPlugin1.3\WRLiloPlugin.dll
2012-12-22 04:02 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\system32\ATMLIB.dll
2012-03-09 16:26 - 2012-03-09 16:26 - 00249344 _____ (The cURL library, hxxp://curl.haxx.se/) C:\Program Files\Common Files\Adobe\CS6ServiceManager\libcurl.dll
2012-03-09 16:26 - 2012-03-09 16:26 - 00100352 _____ () C:\Program Files\Common Files\Adobe\CS6ServiceManager\zlib1.dll
2012-12-18 16:28 - 2012-12-18 16:28 - 00305880 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
2012-12-12 14:01 - 2012-12-12 14:01 - 02397152 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2012-12-12 14:01 - 2012-12-12 14:01 - 00810976 _____ (sqlite.org) C:\Program Files\Mozilla Firefox\mozsqlite3.dll
2013-04-14 12:14 - 2012-12-07 14:57 - 00424960 _____ (AVM Berlin) C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\extensions\fb_add_on@avm.de\components\windows\FB_AddOn4.dll
2013-04-14 12:14 - 2009-03-25 18:53 - 01085440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Simone70\AppData\Roaming\Mozilla\Firefox\Profiles\ne3h3qw2.default\extensions\fb_add_on@avm.de\components\windows\libeay32.dll

==================== Alternate Data Streams (whitelisted) ==========


==================== Faulty Device Manager Devices =============

Name: PCI GDIHOOK5
Description: PCI GDIHOOK5
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Productive Computer Insight
Service: gdihook5
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dell 968 AIO Printer
Description: Dell 968 AIO Printer
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Dell
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/10/2013 07:39:56 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:39:56.170]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:39:55 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:39:55.156]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:38:47 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:38:47.165]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:38:46 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:38:46.151]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:37:38 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:37:38.160]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:37:37 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:37:37.146]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:36:29 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:36:29.155]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:36:28 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:36:28.141]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:35:20 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:35:20.148]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:35:19 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2013/09/10 07:35:19.136]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]


System errors:
=============
Error: (09/10/2013 06:49:55 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/09/2013 01:13:09 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/09/2013 01:02:06 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/09/2013 01:00:56 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎09.‎09.‎2013 um 12:38:04 unerwartet heruntergefahren.

Error: (09/09/2013 00:29:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde nicht richtig gestartet.

Error: (09/09/2013 00:26:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/09/2013 00:26:18 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.

Error: (09/09/2013 00:24:22 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (09/05/2013 01:35:02 PM) (Source: iaStor) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (09/05/2013 01:33:32 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.


Microsoft Office Sessions:
=========================
Error: (09/10/2013 07:39:56 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:39:56.170]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:39:55 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:39:55.156]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:38:47 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:38:47.165]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:38:46 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:38:46.151]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:37:38 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:37:38.160]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:37:37 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:37:37.146]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:36:29 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:36:29.155]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:36:28 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:36:28.141]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:35:20 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:35:20.148]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]

Error: (09/10/2013 07:35:19 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2013/09/10 07:35:19.136]: [00004068]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[169.254.120.125]


==================== Memory info =========================== 

Percentage of memory in use: 70%
Total physical RAM: 2742.6 MB
Available physical RAM: 821.55 MB
Total Pagefile: 5483.47 MB
Available Pagefile: 2036.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1876.24 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:235.36 GB) (Free:119.96 GB) NTFS
Drive d: (Daten) (Fixed) (Total:220.58 GB) (Free:14.81 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
__________________

Geändert von Simone70 (10.09.2013 um 07:10 Uhr)

Antwort

Themen zu ADWARE/bProtect.D gemeldet
adware/downware.h, dnsapi.dll, exp/2012-4681.bf, exp/java.tepev.gen, explorer.exe, java/dldr.dermit.cx, java/dldr.kara.an.1, java/dldr.lam.lr.1, java/dldr.lamar.mp, java/dldr.lamar.nj, java/dldr.lamar.nk, java/dldr.themod.cf, java/dldr.themod.cg, java/dldr.treams.gk, java/jogek.do, java/jogek.dp, lsass.exe, ntdll.dll, prozesse, services.exe, sttray.exe, svchost.exe, warnung, winlogon.exe, wuauclt.exe


« Immernoch Probleme nach Entfernung von GVU Trojaner....! | Kaspersky Rescue Disk Bericht »


Ähnliche Themen: ADWARE/bProtect.D gemeldet


  1. Win7 BProtect und Adware sowie Addlyrics auf dem Laptop gefunden
    Plagegeister aller Art und deren Bekämpfung - 13.12.2014 (13)
  2. Windows 8: Win32:BProtect-J [Trj]
    Log-Analyse und Auswertung - 11.08.2014 (9)
  3. adware-Bprotect durch McAfee entdeckt und konnte nicht entfernt werden
    Log-Analyse und Auswertung - 27.05.2014 (14)
  4. Windows 7: Win32:BProtect-D
    Plagegeister aller Art und deren Bekämpfung - 13.05.2014 (13)
  5. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  6. Windows Vista: Avira Antivir meldet erst ADWARE/bProtect.D einige Tage später TR/Fakeadb.A
    Log-Analyse und Auswertung - 26.10.2013 (17)
  7. Avira Meldungen: Adware/bProtect.D und TR/Fakeadb.A; Office Starter 2010 verschwunden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2013 (27)
  8. ADWARE/bProtect.D unter Quarantäne windows Sicherheitscenter fehlerhaft
    Log-Analyse und Auswertung - 09.10.2013 (9)
  9. Win 7: TR/Fakeadb.a und Adware/bProtect.D
    Log-Analyse und Auswertung - 24.09.2013 (9)
  10. ADWARE/bProtect.D aber keine Funde bei Malwarebytes
    Log-Analyse und Auswertung - 24.09.2013 (11)
  11. Avira findet ADWARE/bProtect.D
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (13)
  12. Adware/bProtect.D
    Plagegeister aller Art und deren Bekämpfung - 16.09.2013 (13)
  13. Sicherheitscenter deaktiviert und Virus "ADWARE/InstallCo.HA" "ADWARE/bProtect.D" "TR/Mevade.A.95" gefunden
    Log-Analyse und Auswertung - 10.09.2013 (10)
  14. adware bprotect
    Log-Analyse und Auswertung - 10.09.2013 (4)
  15. Windows 7 Avira Fund: adware/bprotect.d
    Log-Analyse und Auswertung - 09.09.2013 (6)
  16. Windows 7: Adware/bProtect.D
    Log-Analyse und Auswertung - 09.09.2013 (11)
  17. PC von Adware.Agent.ZGen, Adware.ClickPotato, Adware.ShopperReports, Adware.Hotbar, Adwa angegriffen
    Mülltonne - 30.06.2011 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema ADWARE/bProtect.D gemeldet - Hi, Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop : FRST 32-Bit | FRST 64-Bit (Wenn du - ADWARE/bProtect.D gemeldet...
Archiv
Du betrachtest: ADWARE/bProtect.D gemeldet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131