Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.09.2013, 16:26   #1
smorvi
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Hallo,

mein Virenscanner hat gestern auf das Programm APPL/BProtector.Gen angeschlagen.
Nach Recherche bin ich auf euer Forum gestoßen.
Einen Scan mit FRST habe ich gerade eben schon durchgeführt.
Anbei die Daten.
Außerdem habe ich noch das Logfile von meinem Virenscanner eingefügt.
Bitte helft mir weiter. Ich weiß nicht so genau, wie schlimm das Ganze ist und wie ich genau vorgehen muss. Ich hatte bisher immer Glück und wurde verschont.

Vielen Dank schon mal für jede Hilfe.
Smorvi

FRST.txt:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013
Ran by Simone Petry (administrator) on SIMONEPETRY-PC on 16-09-2013 16:56:47
Running from C:\Users\Simone Petry\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
() C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-29] (Synaptics, Inc.)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509816 2008-01-25] (TOSHIBA Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKCU\...\Run: [TOSCDSPD] - TOSCDSPD.EXE
HKCU\...\Run: [Google Update] - C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-14] (Google Inc.)
MountPoints2: {d595702f-8fe8-11dd-9b88-001e68c53ee1} - D:\LaunchU3.exe -a
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-12-29] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-12-29] ()
Startup: C:\ProgramData\1912 Titanic Mystery ()
Startup: C:\ProgramData\Absolutist ()
Startup: C:\ProgramData\Adobe ()
Startup: C:\ProgramData\Advanced Chemistry Development ()
Startup: C:\ProgramData\AirportMania ()
Startup: C:\ProgramData\Alawar ()
Startup: C:\ProgramData\Alawar Entertainment ()
Startup: C:\ProgramData\Alawar Stargaze ()
Startup: C:\ProgramData\AlawarEntertainment ()
Startup: C:\ProgramData\AlawarSouthpoint ()
Startup: C:\ProgramData\Alex Gordon ()
Startup: C:\ProgramData\Aliasworlds ()
Startup: C:\ProgramData\Anwendungsdaten ()
Startup: C:\ProgramData\Apple ()
Startup: C:\ProgramData\Apple Computer ()
Startup: C:\ProgramData\Application Data ()
Startup: C:\ProgramData\Arcade Lab ()
Startup: C:\ProgramData\Arizona Rose ()
Startup: C:\ProgramData\Artist Colony ()
Startup: C:\ProgramData\Ashtons Family Resort ()
Startup: C:\ProgramData\Astar Games ()
Startup: C:\ProgramData\ATI ()
Startup: C:\ProgramData\Avira ()
Startup: C:\ProgramData\Awem ()
Startup: C:\ProgramData\Babylon ()
Startup: C:\ProgramData\Balls ()
Startup: C:\ProgramData\BC Soft Games ()
Startup: C:\ProgramData\Becky Brogan 2 ()
Startup: C:\ProgramData\Big Fish Games ()
Startup: C:\ProgramData\BigFish ()
Startup: C:\ProgramData\Bilbo ()
Startup: C:\ProgramData\Black Blob Studios ()
Startup: C:\ProgramData\blg ()
Startup: C:\ProgramData\BlitPop ()
Startup: C:\ProgramData\BrowserProtect ()
Startup: C:\ProgramData\CannyGames ()
Startup: C:\ProgramData\Canon IJ Network Tool ()
Startup: C:\ProgramData\CanonBJ ()
Startup: C:\ProgramData\CanonEPP ()
Startup: C:\ProgramData\CanonIJEGV ()
Startup: C:\ProgramData\CanonIJEPPEX2 ()
Startup: C:\ProgramData\CanonIJMSetup ()
Startup: C:\ProgramData\CanonIJScan ()
Startup: C:\ProgramData\CanonIJWSpt ()
Startup: C:\ProgramData\casualArts ()
Startup: C:\ProgramData\Cateia Games ()
Startup: C:\ProgramData\cerasus.media ()
Startup: C:\ProgramData\Colibri Games ()
Startup: C:\ProgramData\Common Files ()
Startup: C:\ProgramData\CrioGames ()
Startup: C:\ProgramData\CropBusters ()
Startup: C:\ProgramData\Crown ()
Startup: C:\ProgramData\Deadtime Stories ()
Startup: C:\ProgramData\Deep Shadows ()
Startup: C:\ProgramData\Desktop ()
Startup: C:\ProgramData\DivoGames ()
Startup: C:\ProgramData\Documents ()
Startup: C:\ProgramData\Dokumente ()
Startup: C:\ProgramData\Dress-up-pups ()
Startup: C:\ProgramData\Electronic Arts ()
Startup: C:\ProgramData\Elephant Games ()
Startup: C:\ProgramData\Escape From Paradise ()
Startup: C:\ProgramData\ezsidmv.dat ()
Startup: C:\ProgramData\Far Mills ()
Startup: C:\ProgramData\Farm Fishes ()
Startup: C:\ProgramData\FarmFrenzy2 ()
Startup: C:\ProgramData\FarmFrenzy3 ()
Startup: C:\ProgramData\FarmFrenzy3_America ()
Startup: C:\ProgramData\FarmFrenzy3_Arctica ()
Startup: C:\ProgramData\FarmFrenzy3_Madagascar ()
Startup: C:\ProgramData\FarmFrenzy3_Russia ()
Startup: C:\ProgramData\FarmFrenzy_Rome ()
Startup: C:\ProgramData\FarmFrenzy_Vikings ()
Startup: C:\ProgramData\Favoriten ()
Startup: C:\ProgramData\Favorites ()
Startup: C:\ProgramData\Fenomen Games ()
Startup: C:\ProgramData\Fitn17 ()
Startup: C:\ProgramData\Flood Light Games ()
Startup: C:\ProgramData\Floodlight Games ()
Startup: C:\ProgramData\FloodLightGames ()
Startup: C:\ProgramData\FreshGames ()
Startup: C:\ProgramData\Friday's games ()
Startup: C:\ProgramData\Friends Games ()
Startup: C:\ProgramData\Fugazo ()
Startup: C:\ProgramData\fullscreen=true ()
Startup: C:\ProgramData\Funny Bear Studio ()
Startup: C:\ProgramData\GAMEON ()
Startup: C:\ProgramData\GameXzone ()
Startup: C:\ProgramData\Gogii ()
Startup: C:\ProgramData\Gogii Games ()
Startup: C:\ProgramData\Google ()
Startup: C:\ProgramData\Hewlett-Packard ()
Startup: C:\ProgramData\HideAndSecret3 ()
Startup: C:\ProgramData\HipSoft ()
Startup: C:\ProgramData\HoverBee Studios ()
Startup: C:\ProgramData\HP ()
Startup: C:\ProgramData\hps ()
Startup: C:\ProgramData\HPSSUPPLY ()
Startup: C:\ProgramData\hpzinstall.log ()
Startup: C:\ProgramData\HTC ()
Startup: C:\ProgramData\IBUpdaterService ()
Startup: C:\ProgramData\Intenium ()
Startup: C:\ProgramData\InterAction studios ()
Startup: C:\ProgramData\Islands ()
Startup: C:\ProgramData\Jewelleria ()
Startup: C:\ProgramData\JollyBear ()
Startup: C:\ProgramData\JuliettesFashionEmpire ()
Startup: C:\ProgramData\Kingdom ()
Startup: C:\ProgramData\KranX ()
Startup: C:\ProgramData\Kreuzworträtsel - Kalender Edition ()
Startup: C:\ProgramData\LittleGamesCompany ()
Startup: C:\ProgramData\LoadHelper ()
Startup: C:\ProgramData\Lost Treasures of El Dorado ()
Startup: C:\ProgramData\MAGIX ()
Startup: C:\ProgramData\Maximize Games ()
Startup: C:\ProgramData\McAfee ()
Startup: C:\ProgramData\Mean Hamster ()
Startup: C:\ProgramData\Media Center Programs ()
Startup: C:\ProgramData\MeinEigenesCafé ()
Startup: C:\ProgramData\Meridian93 ()
Startup: C:\ProgramData\Merscom ()
Startup: C:\ProgramData\Microsoft ()
Startup: C:\ProgramData\Microsoft Help ()
Startup: C:\ProgramData\Motorola ()
Startup: C:\ProgramData\MumboJumbo ()
Startup: C:\ProgramData\mxfilerelatedcache.mxc2 ()
Startup: C:\ProgramData\MythPeople ()
Startup: C:\ProgramData\NannyMania ()
Startup: C:\ProgramData\Nevosoft-Breeze ()
Startup: C:\ProgramData\Office Genuine Advantage ()
Startup: C:\ProgramData\Particles ()
Startup: C:\ProgramData\Perfect-Tree ()
Startup: C:\ProgramData\Pets Fun House ()
Startup: C:\ProgramData\PlayFirst ()
Startup: C:\ProgramData\PlayfulAge ()
Startup: C:\ProgramData\Playrix Entertainment ()
Startup: C:\ProgramData\PoBros ()
Startup: C:\ProgramData\PuzzlesByJoe ()
Startup: C:\ProgramData\QuickTime ()
Startup: C:\ProgramData\RescueFrenzy ()
Startup: C:\ProgramData\rionix ()
Startup: C:\ProgramData\Rumbic Studio ()
Startup: C:\ProgramData\Sandlot Games ()
Startup: C:\ProgramData\ScreenSeven ()
Startup: C:\ProgramData\Skype ()
Startup: C:\ProgramData\SpinTop Games ()
Startup: C:\ProgramData\SpookyMall ()
Startup: C:\ProgramData\Sprouts Adventure ()
Startup: C:\ProgramData\Start Menu ()
Startup: C:\ProgramData\Startmenü ()
Startup: C:\ProgramData\SugarGames ()
Startup: C:\ProgramData\SulusGames ()
Startup: C:\ProgramData\Sun ()
Startup: C:\ProgramData\TEMP ()
Startup: C:\ProgramData\Templates ()
Startup: C:\ProgramData\TERMINAL Studio ()
Startup: C:\ProgramData\Terrafarmers ()
Startup: C:\ProgramData\The Game Equation ()
Startup: C:\ProgramData\The Mirror Mysteries ()
Startup: C:\ProgramData\TheFallTrilogyEp3-BF ()
Startup: C:\ProgramData\TheRace_dev ()
Startup: C:\ProgramData\tmp ()
Startup: C:\ProgramData\Toshiba ()
Startup: C:\ProgramData\ToshibaEurope ()
Startup: C:\ProgramData\Try2 ()
Startup: C:\ProgramData\Trymedia ()
Startup: C:\ProgramData\TuneUp Software ()
Startup: C:\ProgramData\UClick ()
Startup: C:\ProgramData\Ulead Systems ()
Startup: C:\ProgramData\Venus DS ()
Startup: C:\ProgramData\VirtualFarm ()
Startup: C:\ProgramData\VirtualFarm2 ()
Startup: C:\ProgramData\Vogelpiraten ()
Startup: C:\ProgramData\Vogue Tales ()
Startup: C:\ProgramData\Vorlagen ()
Startup: C:\ProgramData\WeatherLord ()
Startup: C:\ProgramData\WEBREG ()
Startup: C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} ()
Startup: C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} ()
Startup: C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} ()
Startup: C:\Users\Default\Anwendungsdaten ()
Startup: C:\Users\Default\AppData ()
Startup: C:\Users\Default\Application Data ()
Startup: C:\Users\Default\Cookies ()
Startup: C:\Users\Default\Desktop ()
Startup: C:\Users\Default\Documents ()
Startup: C:\Users\Default\Downloads ()
Startup: C:\Users\Default\Druckumgebung ()
Startup: C:\Users\Default\Eigene Dateien ()
Startup: C:\Users\Default\Favorites ()
Startup: C:\Users\Default\Links ()
Startup: C:\Users\Default\Local Settings ()
Startup: C:\Users\Default\Lokale Einstellungen ()
Startup: C:\Users\Default\Music ()
Startup: C:\Users\Default\My Documents ()
Startup: C:\Users\Default\NetHood ()
Startup: C:\Users\Default\Netzwerkumgebung ()
Startup: C:\Users\Default\NTUSER.DAT ()
Startup: C:\Users\Default\NTUSER.DAT.LOG ()
Startup: C:\Users\Default\ntuser.dat.LOG1 ()
Startup: C:\Users\Default\ntuser.dat.LOG2 ()
Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Default\Pictures ()
Startup: C:\Users\Default\PrintHood ()
Startup: C:\Users\Default\Recent ()
Startup: C:\Users\Default\Saved Games ()
Startup: C:\Users\Default\SendTo ()
Startup: C:\Users\Default\Start Menu ()
Startup: C:\Users\Default\Startmenü ()
Startup: C:\Users\Default\Templates ()
Startup: C:\Users\Default\Videos ()
Startup: C:\Users\Default\Vorlagen ()
Startup: C:\Users\Public\Desktop ()
Startup: C:\Users\Public\Documents ()
Startup: C:\Users\Public\Downloads ()
Startup: C:\Users\Public\DRM ()
Startup: C:\Users\Public\Favorites ()
Startup: C:\Users\Public\Music ()
Startup: C:\Users\Public\mxfilerelatedcache.mxc2 ()
Startup: C:\Users\Public\NTUSER.DAT ()
Startup: C:\Users\Public\NTUSER.DAT.LOG1 ()
Startup: C:\Users\Public\NTUSER.DAT.LOG2 ()
Startup: C:\Users\Public\NTUSER.DAT{1b382e45-9943-11dd-a307-001e68c53ee1}.TM.blf ()
Startup: C:\Users\Public\NTUSER.DAT{1b382e45-9943-11dd-a307-001e68c53ee1}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{1b382e45-9943-11dd-a307-001e68c53ee1}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{8c9f9ea2-9395-11dd-a473-001e68c53ee1}.TM.blf ()
Startup: C:\Users\Public\NTUSER.DAT{8c9f9ea2-9395-11dd-a473-001e68c53ee1}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{8c9f9ea2-9395-11dd-a473-001e68c53ee1}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Public\Pictures ()
Startup: C:\Users\Public\Recorded TV ()
Startup: C:\Users\Public\Videos ()
Startup: C:\Users\Simone Petry\Anwendungsdaten ()
Startup: C:\Users\Simone Petry\AppData ()
Startup: C:\Users\Simone Petry\Briefe ()
Startup: C:\Users\Simone Petry\Contacts ()
Startup: C:\Users\Simone Petry\Cookies ()
Startup: C:\Users\Simone Petry\Desktop ()
Startup: C:\Users\Simone Petry\Documents ()
Startup: C:\Users\Simone Petry\Downloads ()
Startup: C:\Users\Simone Petry\Druckumgebung ()
Startup: C:\Users\Simone Petry\Eigene Dateien ()
Startup: C:\Users\Simone Petry\Favorites ()
Startup: C:\Users\Simone Petry\geogebra ()
Startup: C:\Users\Simone Petry\Geschenke, Gutscheine ()
Startup: C:\Users\Simone Petry\Haus ()
Startup: C:\Users\Simone Petry\Links ()
Startup: C:\Users\Simone Petry\Lokale Einstellungen ()
Startup: C:\Users\Simone Petry\Material Chemie ()
Startup: C:\Users\Simone Petry\Music ()
Startup: C:\Users\Simone Petry\mxfilerelatedcache.mxc2 ()
Startup: C:\Users\Simone Petry\Netzwerkumgebung ()
Startup: C:\Users\Simone Petry\NTUSER.DAT ()
Startup: C:\Users\Simone Petry\ntuser.dat.LOG1 ()
Startup: C:\Users\Simone Petry\ntuser.dat.LOG2 ()
Startup: C:\Users\Simone Petry\NTUSER.DAT_tureg_new.LOG1 ()
Startup: C:\Users\Simone Petry\NTUSER.DAT_tureg_new.LOG2 ()
Startup: C:\Users\Simone Petry\NTUSER.DAT_tureg_old ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{4e79ca56-24f7-11de-8326-001e68c53ee1}.TM.blf ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{4e79ca56-24f7-11de-8326-001e68c53ee1}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{4e79ca56-24f7-11de-8326-001e68c53ee1}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{58ce7e24-af1d-11e2-8ed4-806e6f6e6963}.TM.blf ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{58ce7e24-af1d-11e2-8ed4-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{58ce7e24-af1d-11e2-8ed4-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{d275a980-59d0-11e2-94c9-806e6f6e6963}.TM.blf ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{d275a980-59d0-11e2-94c9-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{d275a980-59d0-11e2-94c9-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Simone Petry\ntuser.ini ()
Startup: C:\Users\Simone Petry\Organisation Schulen ()
Startup: C:\Users\Simone Petry\Pictures ()
Startup: C:\Users\Simone Petry\Recent ()
Startup: C:\Users\Simone Petry\Saved Games ()
Startup: C:\Users\Simone Petry\Schule (Aushilfe, Praktikum) ()
Startup: C:\Users\Simone Petry\Searches ()
Startup: C:\Users\Simone Petry\SendTo ()
Startup: C:\Users\Simone Petry\Startmenü ()
Startup: C:\Users\Simone Petry\Studienseminar ()
Startup: C:\Users\Simone Petry\Unterricht ()
Startup: C:\Users\Simone Petry\Versuch Natrium in Wasser.docx ()
Startup: C:\Users\Simone Petry\Videos ()
Startup: C:\Users\Simone Petry\Vorlagen ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=114506&tt=0313_5&babsrc=HP_clro&mntrId=6ca2817200000000000000215c358511
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.claro-search.com/?affID=114506&tt=0313_5&babsrc=HP_clro&mntrId=6ca2817200000000000000215c358511
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
SearchScopes: HKLM - DefaultScope {CA0D91C8-F9EC-4B40-997E-02F8BA3728F4} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
SearchScopes: HKLM - {CA0D91C8-F9EC-4B40-997E-02F8BA3728F4} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=0313_5&babsrc=SP_clro&mntrId=6ca2817200000000000000215c358511
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=0313_5&babsrc=SP_clro&mntrId=6ca2817200000000000000215c358511
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Unity Player) - C:\Users\Simone Petry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Simone Petry\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Move Streaming Media Player) - C:\Users\Simone Petry\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (Chrome In-App Payments service) - C:\Users\SIMONE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2554472 2013-01-04] ()
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2007-12-25] (TOSHIBA CORPORATION)
S4 HTCMonitorService; C:\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-10-26] (Nero AG)
S4 o2flash; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International)
S4 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
S4 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-04-01] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-28] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 CnxtHdAudAddService; C:\Windows\System32\drivers\CHDART.sys [187904 2008-02-01] (Conexant Systems Inc.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-04-01] ()
R3 QIOMem; C:\Windows\System32\DRIVERS\QIOMem.sys [8192 2007-04-09] (TOSHIBA)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IntcHdmiAddService; system32\drivers\IntcHdmi.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Tosrfcom; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-16 16:56 - 2013-09-16 16:56 - 00000000 ____D C:\FRST
2013-09-16 16:39 - 2013-09-16 16:39 - 01084083 _____ (Farbar) C:\Users\Simone Petry\Downloads\FRST.exe
2013-09-13 07:57 - 2013-09-13 07:57 - 04751752 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-09-12 22:55 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 22:55 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 22:55 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 22:55 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 22:55 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-12 22:55 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 22:55 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-12 22:55 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 22:55 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 22:55 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-12 22:55 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-12 22:55 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 22:55 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 22:55 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 22:55 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-12 22:55 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 22:01 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 22:01 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-04 21:02 - 2013-09-04 21:03 - 00315392 _____ C:\Users\Simone Petry\Downloads\ZentraleMFB_Ueberblic_0d_0a_k_1 (1).ppt
2013-09-01 16:21 - 2013-09-01 16:20 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-08-28 20:28 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

==================== One Month Modified Files and Folders =======

2013-09-16 16:57 - 2012-04-07 16:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-16 16:56 - 2013-09-16 16:56 - 00000000 ____D C:\FRST
2013-09-16 16:39 - 2013-09-16 16:39 - 01084083 _____ (Farbar) C:\Users\Simone Petry\Downloads\FRST.exe
2013-09-16 16:37 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-16 16:37 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-16 16:26 - 2008-10-01 17:57 - 01816898 _____ C:\Windows\WindowsUpdate.log
2013-09-16 16:20 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-15 23:08 - 2006-11-02 15:01 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-15 23:03 - 2011-12-14 17:56 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000UA.job
2013-09-15 23:02 - 2012-11-19 18:51 - 00000000 ____D C:\Users\Simone Petry\Studienseminar
2013-09-15 22:03 - 2011-12-14 17:56 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000Core.job
2013-09-15 18:51 - 2013-02-03 16:44 - 00000000 ____D C:\Users\Simone Petry\Unterricht
2013-09-15 18:39 - 2013-07-09 09:55 - 00006978 _____ C:\Windows\PFRO.log
2013-09-15 12:53 - 2008-10-03 16:20 - 00000000 ____D C:\Users\Simone Petry\AppData\Local\Microsoft Help
2013-09-14 08:09 - 2008-02-26 15:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 16:12 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-13 07:57 - 2013-09-13 07:57 - 04751752 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-09-13 07:57 - 2012-04-07 16:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-13 07:57 - 2011-05-17 11:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-13 07:19 - 2013-07-01 09:42 - 00326720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 22:48 - 2013-08-15 12:12 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 22:45 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-05 20:34 - 2013-01-02 16:54 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-05 20:34 - 2013-01-02 16:54 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-04 21:03 - 2013-09-04 21:02 - 00315392 _____ C:\Users\Simone Petry\Downloads\ZentraleMFB_Ueberblic_0d_0a_k_1 (1).ppt
2013-09-04 20:26 - 2008-01-21 09:16 - 01560216 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-01 16:20 - 2013-09-01 16:21 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-09-01 16:20 - 2012-08-31 08:25 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-09-01 16:20 - 2010-07-06 21:46 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-09-01 15:30 - 2010-05-18 15:10 - 00000000 ____D C:\Program Files\DEUTSCHLAND SPIELT

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-16 16:28

==================== End Of Log ============================
         
Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-09-2013
Ran by Simone Petry at 2013-09-16 16:58:35
Running from C:\Users\Simone Petry\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 1.0.0)
ABI-TOUR
ACD/Labs Software in C:\Program Files\ACDFREE12\ (Version: v12.00, FREE)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.174)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.657.0)
Avira Free Antivirus (Version: 13.0.0.4052)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bluetooth Stack for Windows by Toshiba (Version: v6.10.02(T))
BrowserProtect
Camera Assistant Software for Toshiba (Version: 1.7.175.0123)
Canon Easy-PhotoPrint EX
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MG6100 series Benutzerregistrierung
Canon MG6100 series MP Drivers
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2008.0130.1509.26922)
Catalyst Control Center Graphics Full Existing (Version: 2008.0130.1509.26922)
Catalyst Control Center Graphics Full New (Version: 2008.0130.1509.26922)
Catalyst Control Center Graphics Light (Version: 2008.0130.1509.26922)
Catalyst Control Center Graphics Previews Vista (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Chinese Standard (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Dutch (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization French (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization German (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Italian (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Japanese (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Korean (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Portuguese (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Spanish (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Swedish (Version: 2008.0130.1509.26922)
CCC Help Chinese Standard (Version: 2008.0130.1508.26922)
CCC Help Chinese Traditional (Version: 2008.0130.1508.26922)
CCC Help Dutch (Version: 2008.0130.1508.26922)
CCC Help English (Version: 2008.0130.1508.26922)
CCC Help French (Version: 2008.0130.1508.26922)
CCC Help German (Version: 2008.0130.1508.26922)
CCC Help Italian (Version: 2008.0130.1508.26922)
CCC Help Japanese (Version: 2008.0130.1508.26922)
CCC Help Korean (Version: 2008.0130.1508.26922)
CCC Help Portuguese (Version: 2008.0130.1508.26922)
CCC Help Spanish (Version: 2008.0130.1508.26922)
CCC Help Swedish (Version: 2008.0130.1508.26922)
ccc-core-static (Version: 2008.0130.1509.26922)
ccc-utility (Version: 2008.0130.1509.26922)
CCleaner (Version: 4.02)
CD/DVD Drive Acoustic Silencer (Version: 2.02.00)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.36.6.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DEUTSCHLAND SPIELT GAME CENTER (Version: 1.0.0.46)
Die Siedler II - Die nächste Generation
dm-Fotowelt (Version: 5.0.4)
EAX Unified
Farm Tribe 2: Jetzt wird geackert! (Version: 1.0.0.0)
Foto Paradies
GeoGebra (Version: 4.0.41.0)
GeoGebra WebStart
Google Chrome (HKCU Version: 29.0.1547.66)
HDAUDIO Soft Data Fax Modem with SmartCP
HDMI Control Manager (Version: 1.6)
HessGISS 2012-2013 (Version: 17.0)
HP Update (Version: 5.002.007.004)
HPSSupply (Version: 2.1.3.0000)
HTC Driver Installer (Version: 4.0.0.009)
HTC Sync Manager (Version: 1.1.66.0)
Intel® Matrix Storage Manager
InterVideo AVControlSDK
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Marvell Miniport Driver (Version: 10.51.4.3)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access Runtime 2010 (Version: 14.0.7015.1000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access Runtime 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Runtime MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.0.7820.0)
Microsoft XML Parser (Version: 8.20.8730.4)
Move Media Player
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.52)
NVIDIA PhysX (Version: 9.09.0203)
O2Micro Flash Memory Card Reader Driver (x86) (Version: 3.19.1)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenAL
PokerStars.net
ProtectDisc Driver, Version 11 (Version: 11.0.0.12)
QuickTime (Version: 7.73.80.64)
Risen (Version: 1.00.0000)
Samsung Master (Version: 1.1.11)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Skins (Version: 2008.0130.1509.26922)
Skype™ 5.10 (Version: 5.10.116)
Star Wars(TM): Knights of the Old Republic (TM)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 10.1.7.0)
The Witcher: Enhanced Edition
TOSHIBA Assist (Version: 2.01.04)
TOSHIBA Benutzerhandbücher (Version: 7.33)
TOSHIBA ConfigFree (Version: 7.1.26)
TOSHIBA Disc Creator (Version: 2.0.1.1.a)
TOSHIBA DVD PLAYER (Version: 1.20.10)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Hardware Setup (Version: 3.00.01.00)
Toshiba Online Product Information (Version: 1.00.0012)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.1b)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1)
TOSHIBA Supervisor Password (Version: 3.00.01.00)
TOSHIBA Value Added Package (Version: 1.1.14)
TRDCReminder (Version: 1.00.0014)
TRORDCLauncher (Version: 1.0.0.1)
TuneUp Utilities 2013 (Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2)
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VLC media player 1.0.3 (Version: 1.0.3)
Windows Media Encoder 9-Reihe
Windows Media Encoder 9-Reihe (Version: 9.00.3374)

==================== Restore Points  =========================

03-09-2013 12:38:26 Windows Update
04-09-2013 16:39:47 Geplanter Prüfpunkt
10-09-2013 13:58:30 Windows Update
12-09-2013 20:44:42 Windows Update
13-09-2013 08:39:17 Windows Update
13-09-2013 13:55:15 Windows Update
13-09-2013 14:03:03 Windows Update
13-09-2013 14:41:31 Windows Update
13-09-2013 15:10:08 Windows Update
13-09-2013 15:17:27 Windows Update
13-09-2013 15:32:32 Windows Update
14-09-2013 06:04:04 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03FE9E06-9BED-4ECE-825D-7569A2EA4C0A} - System32\Tasks\{61F8E5DD-1D83-40B4-8CB0-C89D5E23647C} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {11A9B218-E1FC-4F88-82EB-1522A1B09F5C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000Core => C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1D3AD10B-481B-4F54-839A-256D1AFFB347} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
Task: {246B0DB0-0D73-42C6-98EF-0C30CF48B70B} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {28912FAB-CA72-4BD3-842C-AB81111E6D96} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {470A6904-C848-4284-BBCF-B1CBAC31345A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {6B6262DF-EFFF-432C-9850-9023BA49143C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000UA => C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {9CFCB40E-6BE6-4A52-B834-49CF0E188B06} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: {A3EB06D8-297E-411E-8D88-3C2009D033A5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {AC09D2B6-7091-4776-BDC4-6C1999933A6E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {B06AAE5C-F475-477D-8FE7-C458535C4C07} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect
Task: {CBDF8DD4-48D3-49D7-AC62-89826B0D9891} - System32\Tasks\{4F6BAA77-A8BF-46A1-A07A-697634734F94} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.0.124.259/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {D5F77ED5-B41B-4259-BE73-E83CB2099B8A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F7A5F634-5266-471C-B72A-F68601FDC9EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {F882764E-68E4-45ED-8A86-708FCE72E6C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000Core.job => C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000UA.job => C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-02-15 18:22 - 2008-01-30 16:30 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2007-12-25 14:02 - 2007-12-25 14:02 - 00040960 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFUPNP.dll
2007-12-25 14:03 - 2007-12-25 14:03 - 00061440 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFP2API.dll
2007-12-25 14:03 - 2007-12-25 14:03 - 00069632 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\OpenProp.dll
2007-12-25 14:01 - 2007-12-25 14:01 - 00086016 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\IpAdrSet.dll
2008-01-17 23:34 - 2008-01-17 23:34 - 00266240 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\NDSAPI.dll
2007-12-25 14:01 - 2007-12-25 14:01 - 00053248 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFWLAPI.dll
2007-12-25 14:04 - 2007-12-25 14:04 - 01884160 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\NDSParts.dll
2007-12-25 14:02 - 2007-12-25 14:02 - 00022016 _____ (TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\NDSNLS.dll
2007-11-16 21:10 - 2007-11-16 21:10 - 00172032 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBtAPI.dll
2007-12-03 18:57 - 2007-12-03 18:57 - 00131072 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBdAPI.dll
2008-02-15 18:29 - 2007-11-29 18:18 - 00163840 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll
2008-02-15 18:29 - 2007-11-29 18:30 - 00147456 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll
2013-09-04 08:14 - 2013-09-02 22:34 - 47074256 _____ (Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 04053456 _____ () C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 00410576 _____ () C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 02110928 _____ (Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 01604560 _____ () C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 13599184 _____ () C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\TEMP:025DF3DE
AlternateDataStreams: C:\ProgramData\TEMP:02F30776
AlternateDataStreams: C:\ProgramData\TEMP:03A039A3
AlternateDataStreams: C:\ProgramData\TEMP:03D08225
AlternateDataStreams: C:\ProgramData\TEMP:0406003C
AlternateDataStreams: C:\ProgramData\TEMP:041ED421
AlternateDataStreams: C:\ProgramData\TEMP:073139EC
AlternateDataStreams: C:\ProgramData\TEMP:07D64CD9
AlternateDataStreams: C:\ProgramData\TEMP:084612C9
AlternateDataStreams: C:\ProgramData\TEMP:0915A718
AlternateDataStreams: C:\ProgramData\TEMP:0968E571
AlternateDataStreams: C:\ProgramData\TEMP:09708CB7
AlternateDataStreams: C:\ProgramData\TEMP:0AE2C68F
AlternateDataStreams: C:\ProgramData\TEMP:102394C6
AlternateDataStreams: C:\ProgramData\TEMP:10873493
AlternateDataStreams: C:\ProgramData\TEMP:10B970A9
AlternateDataStreams: C:\ProgramData\TEMP:10D45FC3
AlternateDataStreams: C:\ProgramData\TEMP:12383CAE
AlternateDataStreams: C:\ProgramData\TEMP:12D21A9A
AlternateDataStreams: C:\ProgramData\TEMP:13019F4B
AlternateDataStreams: C:\ProgramData\TEMP:13765436
AlternateDataStreams: C:\ProgramData\TEMP:13CDB0E0
AlternateDataStreams: C:\ProgramData\TEMP:14362DF8
AlternateDataStreams: C:\ProgramData\TEMP:160ADF0B
AlternateDataStreams: C:\ProgramData\TEMP:164561C8
AlternateDataStreams: C:\ProgramData\TEMP:169E7AC5
AlternateDataStreams: C:\ProgramData\TEMP:1709732A
AlternateDataStreams: C:\ProgramData\TEMP:18A25CF1
AlternateDataStreams: C:\ProgramData\TEMP:1A8BB29B
AlternateDataStreams: C:\ProgramData\TEMP:1B3549F2
AlternateDataStreams: C:\ProgramData\TEMP:1B47CB83
AlternateDataStreams: C:\ProgramData\TEMP:1B96CF22
AlternateDataStreams: C:\ProgramData\TEMP:206470A5
AlternateDataStreams: C:\ProgramData\TEMP:217A2A36
AlternateDataStreams: C:\ProgramData\TEMP:2211E7A0
AlternateDataStreams: C:\ProgramData\TEMP:22741C1F
AlternateDataStreams: C:\ProgramData\TEMP:258D2F8B
AlternateDataStreams: C:\ProgramData\TEMP:26499772
AlternateDataStreams: C:\ProgramData\TEMP:2652902F
AlternateDataStreams: C:\ProgramData\TEMP:27F44544
AlternateDataStreams: C:\ProgramData\TEMP:28819F45
AlternateDataStreams: C:\ProgramData\TEMP:2979C892
AlternateDataStreams: C:\ProgramData\TEMP:29C0641D
AlternateDataStreams: C:\ProgramData\TEMP:2ABB51D4
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9
AlternateDataStreams: C:\ProgramData\TEMP:2B856118
AlternateDataStreams: C:\ProgramData\TEMP:2B9555D8
AlternateDataStreams: C:\ProgramData\TEMP:2C250258
AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2CED8825
AlternateDataStreams: C:\ProgramData\TEMP:2EB79F01
AlternateDataStreams: C:\ProgramData\TEMP:2F70C0B4
AlternateDataStreams: C:\ProgramData\TEMP:3118E26B
AlternateDataStreams: C:\ProgramData\TEMP:34C443B4
AlternateDataStreams: C:\ProgramData\TEMP:363E775E
AlternateDataStreams: C:\ProgramData\TEMP:36608448
AlternateDataStreams: C:\ProgramData\TEMP:36A39835
AlternateDataStreams: C:\ProgramData\TEMP:371A321E
AlternateDataStreams: C:\ProgramData\TEMP:375FC7E7
AlternateDataStreams: C:\ProgramData\TEMP:3766E957
AlternateDataStreams: C:\ProgramData\TEMP:3B07E6F4
AlternateDataStreams: C:\ProgramData\TEMP:3CAE2A70
AlternateDataStreams: C:\ProgramData\TEMP:404908B5
AlternateDataStreams: C:\ProgramData\TEMP:413E2927
AlternateDataStreams: C:\ProgramData\TEMP:425759C6
AlternateDataStreams: C:\ProgramData\TEMP:436BE28C
AlternateDataStreams: C:\ProgramData\TEMP:45912F61
AlternateDataStreams: C:\ProgramData\TEMP:46A2F27B
AlternateDataStreams: C:\ProgramData\TEMP:471AD3D0
AlternateDataStreams: C:\ProgramData\TEMP:483AC68A
AlternateDataStreams: C:\ProgramData\TEMP:4AC7B5C1
AlternateDataStreams: C:\ProgramData\TEMP:4B244549
AlternateDataStreams: C:\ProgramData\TEMP:4C6F9D77
AlternateDataStreams: C:\ProgramData\TEMP:4F852702
AlternateDataStreams: C:\ProgramData\TEMP:553056F1
AlternateDataStreams: C:\ProgramData\TEMP:56C66609
AlternateDataStreams: C:\ProgramData\TEMP:58E38390
AlternateDataStreams: C:\ProgramData\TEMP:59A6876B
AlternateDataStreams: C:\ProgramData\TEMP:5A2E8BBF
AlternateDataStreams: C:\ProgramData\TEMP:5A437AC3
AlternateDataStreams: C:\ProgramData\TEMP:5A8F8A0C
AlternateDataStreams: C:\ProgramData\TEMP:5B4686D7
AlternateDataStreams: C:\ProgramData\TEMP:5C0940F1
AlternateDataStreams: C:\ProgramData\TEMP:5CE65446
AlternateDataStreams: C:\ProgramData\TEMP:5DB36C47
AlternateDataStreams: C:\ProgramData\TEMP:5F85EE30
AlternateDataStreams: C:\ProgramData\TEMP:6294B369
AlternateDataStreams: C:\ProgramData\TEMP:6423D635
AlternateDataStreams: C:\ProgramData\TEMP:66AA0486
AlternateDataStreams: C:\ProgramData\TEMP:678C1866
AlternateDataStreams: C:\ProgramData\TEMP:6896CCCE
AlternateDataStreams: C:\ProgramData\TEMP:68A41423
AlternateDataStreams: C:\ProgramData\TEMP:6A0A47E7
AlternateDataStreams: C:\ProgramData\TEMP:6DDFD746
AlternateDataStreams: C:\ProgramData\TEMP:6E2D80C8
AlternateDataStreams: C:\ProgramData\TEMP:6E65510A
AlternateDataStreams: C:\ProgramData\TEMP:6EA64886
AlternateDataStreams: C:\ProgramData\TEMP:6EE8565A
AlternateDataStreams: C:\ProgramData\TEMP:6FD26134
AlternateDataStreams: C:\ProgramData\TEMP:706B1D1A
AlternateDataStreams: C:\ProgramData\TEMP:70E897B5
AlternateDataStreams: C:\ProgramData\TEMP:72A1B66A
AlternateDataStreams: C:\ProgramData\TEMP:75798D9A
AlternateDataStreams: C:\ProgramData\TEMP:762408BA
AlternateDataStreams: C:\ProgramData\TEMP:7A032A04
AlternateDataStreams: C:\ProgramData\TEMP:7BB20DE8
AlternateDataStreams: C:\ProgramData\TEMP:7BE5BAAB
AlternateDataStreams: C:\ProgramData\TEMP:7BFAAE70
AlternateDataStreams: C:\ProgramData\TEMP:7C8AA9A6
AlternateDataStreams: C:\ProgramData\TEMP:7CEDF9F3
AlternateDataStreams: C:\ProgramData\TEMP:7EABF26C
AlternateDataStreams: C:\ProgramData\TEMP:7EF55396
AlternateDataStreams: C:\ProgramData\TEMP:85376176
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:8AC20936
AlternateDataStreams: C:\ProgramData\TEMP:8AED9359
AlternateDataStreams: C:\ProgramData\TEMP:8C12CFCD
AlternateDataStreams: C:\ProgramData\TEMP:8CCDAB14
AlternateDataStreams: C:\ProgramData\TEMP:902C848D
AlternateDataStreams: C:\ProgramData\TEMP:908A1B53
AlternateDataStreams: C:\ProgramData\TEMP:922DA2DB
AlternateDataStreams: C:\ProgramData\TEMP:92DB4653
AlternateDataStreams: C:\ProgramData\TEMP:943971F5
AlternateDataStreams: C:\ProgramData\TEMP:952245B1
AlternateDataStreams: C:\ProgramData\TEMP:9547F1DB
AlternateDataStreams: C:\ProgramData\TEMP:97995ED4
AlternateDataStreams: C:\ProgramData\TEMP:9857FAE3
AlternateDataStreams: C:\ProgramData\TEMP:993185CB
AlternateDataStreams: C:\ProgramData\TEMP:99C301D0
AlternateDataStreams: C:\ProgramData\TEMP:9C3AAD57
AlternateDataStreams: C:\ProgramData\TEMP:9C8D5426
AlternateDataStreams: C:\ProgramData\TEMP:9CF728A6
AlternateDataStreams: C:\ProgramData\TEMP:9E3E060F
AlternateDataStreams: C:\ProgramData\TEMP:9F3CEEE6
AlternateDataStreams: C:\ProgramData\TEMP:9FCF32A8
AlternateDataStreams: C:\ProgramData\TEMP:A42FABF7
AlternateDataStreams: C:\ProgramData\TEMP:A561576B
AlternateDataStreams: C:\ProgramData\TEMP:A6F30843
AlternateDataStreams: C:\ProgramData\TEMP:A76A1B1B
AlternateDataStreams: C:\ProgramData\TEMP:A8606E6E
AlternateDataStreams: C:\ProgramData\TEMP:A9562832
AlternateDataStreams: C:\ProgramData\TEMP:A9ABA3FF
AlternateDataStreams: C:\ProgramData\TEMP:AE8FDB48
AlternateDataStreams: C:\ProgramData\TEMP:AE9351E0
AlternateDataStreams: C:\ProgramData\TEMP:AED4A2B7
AlternateDataStreams: C:\ProgramData\TEMP:AF54CFFD
AlternateDataStreams: C:\ProgramData\TEMP:B139DDF3
AlternateDataStreams: C:\ProgramData\TEMP:B285A50E
AlternateDataStreams: C:\ProgramData\TEMP:B6D84F71
AlternateDataStreams: C:\ProgramData\TEMP:B8791731
AlternateDataStreams: C:\ProgramData\TEMP:BACD3198
AlternateDataStreams: C:\ProgramData\TEMP:BCFEA004
AlternateDataStreams: C:\ProgramData\TEMP:BD8010FE
AlternateDataStreams: C:\ProgramData\TEMP:BE0654D6
AlternateDataStreams: C:\ProgramData\TEMP:BEACE4C8
AlternateDataStreams: C:\ProgramData\TEMP:BEF18713
AlternateDataStreams: C:\ProgramData\TEMP:BF6C4AAC
AlternateDataStreams: C:\ProgramData\TEMP:C0BCE04B
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C3AD9507
AlternateDataStreams: C:\ProgramData\TEMP:C3C72D5F
AlternateDataStreams: C:\ProgramData\TEMP:C4288847
AlternateDataStreams: C:\ProgramData\TEMP:C43C957E
AlternateDataStreams: C:\ProgramData\TEMP:C48905F4
AlternateDataStreams: C:\ProgramData\TEMP:C6920A5D
AlternateDataStreams: C:\ProgramData\TEMP:C7857F06
AlternateDataStreams: C:\ProgramData\TEMP:C9B27A06
AlternateDataStreams: C:\ProgramData\TEMP:CBAF0C30
AlternateDataStreams: C:\ProgramData\TEMP:CF1334B0
AlternateDataStreams: C:\ProgramData\TEMP:CFF6B3FF
AlternateDataStreams: C:\ProgramData\TEMP:D02FBAEC
AlternateDataStreams: C:\ProgramData\TEMP:D2397415
AlternateDataStreams: C:\ProgramData\TEMP:D36E068F
AlternateDataStreams: C:\ProgramData\TEMP:D3A82449
AlternateDataStreams: C:\ProgramData\TEMP:D4558A0B
AlternateDataStreams: C:\ProgramData\TEMP:D696AA12
AlternateDataStreams: C:\ProgramData\TEMP:D987CB43
AlternateDataStreams: C:\ProgramData\TEMP:D999FFD5
AlternateDataStreams: C:\ProgramData\TEMP:DB2748F7
AlternateDataStreams: C:\ProgramData\TEMP:DF5ABA3D
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E0A09032
AlternateDataStreams: C:\ProgramData\TEMP:E1D818F7
AlternateDataStreams: C:\ProgramData\TEMP:E21433CE
AlternateDataStreams: C:\ProgramData\TEMP:E222F217
AlternateDataStreams: C:\ProgramData\TEMP:E2CB42C9
AlternateDataStreams: C:\ProgramData\TEMP:E2DDFA62
AlternateDataStreams: C:\ProgramData\TEMP:E402E439
AlternateDataStreams: C:\ProgramData\TEMP:E40AB54F
AlternateDataStreams: C:\ProgramData\TEMP:E4EE99EF
AlternateDataStreams: C:\ProgramData\TEMP:E5496666
AlternateDataStreams: C:\ProgramData\TEMP:E5B07840
AlternateDataStreams: C:\ProgramData\TEMP:E5BA9ADD
AlternateDataStreams: C:\ProgramData\TEMP:E5F8E280
AlternateDataStreams: C:\ProgramData\TEMP:E6708F08
AlternateDataStreams: C:\ProgramData\TEMP:E6BEADB7
AlternateDataStreams: C:\ProgramData\TEMP:E6CDFB4A
AlternateDataStreams: C:\ProgramData\TEMP:E87AB4E3
AlternateDataStreams: C:\ProgramData\TEMP:E9900C74
AlternateDataStreams: C:\ProgramData\TEMP:EB68CA55
AlternateDataStreams: C:\ProgramData\TEMP:EC0279DC
AlternateDataStreams: C:\ProgramData\TEMP:EC7C9796
AlternateDataStreams: C:\ProgramData\TEMP:ECF3C50F
AlternateDataStreams: C:\ProgramData\TEMP:ED2D63E4
AlternateDataStreams: C:\ProgramData\TEMP:ED9B661E
AlternateDataStreams: C:\ProgramData\TEMP:EE198B1F
AlternateDataStreams: C:\ProgramData\TEMP:EFF3C3C8
AlternateDataStreams: C:\ProgramData\TEMP:F1F936DF
AlternateDataStreams: C:\ProgramData\TEMP:F26F5952
AlternateDataStreams: C:\ProgramData\TEMP:F2AF86D9
AlternateDataStreams: C:\ProgramData\TEMP:F3029A65
AlternateDataStreams: C:\ProgramData\TEMP:F3591DDB
AlternateDataStreams: C:\ProgramData\TEMP:F3A185AE
AlternateDataStreams: C:\ProgramData\TEMP:F53B274A
AlternateDataStreams: C:\ProgramData\TEMP:F5FC5DCE
AlternateDataStreams: C:\ProgramData\TEMP:F67AAFC5
AlternateDataStreams: C:\ProgramData\TEMP:F6A0889A
AlternateDataStreams: C:\ProgramData\TEMP:F760FD47
AlternateDataStreams: C:\ProgramData\TEMP:F9689B72
AlternateDataStreams: C:\ProgramData\TEMP:F9F58B80
AlternateDataStreams: C:\ProgramData\TEMP:FD11E093
AlternateDataStreams: C:\ProgramData\TEMP:FD786DCA
AlternateDataStreams: C:\ProgramData\TEMP:FECEF728

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2013 04:22:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2013 04:20:53 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.3020.2, Zeitstempel 0x51067abd, fehlerhaftes Modul TuneUpUtilitiesService32.exe, Version 13.0.3020.2, Zeitstempel 0x51067abd, Ausnahmecode 0xc0000005, Fehleroffset 0x00017c6d,
Prozess-ID 0x9bc, Anwendungsstartzeit TuneUpUtilitiesService32.exe0.

Error: (09/15/2013 11:08:16 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (09/15/2013 10:52:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2013 06:40:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2013 00:36:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2013 08:49:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2013 09:39:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2013 05:40:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2013 04:04:19 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}


System errors:
=============
Error: (09/16/2013 04:22:19 PM) (Source: Service Control Manager) (User: )
Description: TuneUp Utilities Service1

Error: (09/16/2013 04:22:19 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/15/2013 11:08:16 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/15/2013 10:52:01 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/15/2013 10:40:41 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/15/2013 10:20:13 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MORVILIUS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E7E88C90-98B1-4BE3-91E5-17D823C9-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (09/15/2013 09:44:13 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MORVILIUS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E7E88C90-98B1-4BE3-91E5-17D823C9-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (09/15/2013 08:44:00 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MORVILIUS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E7E88C90-98B1-4BE3-91E5-17D823C9-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (09/15/2013 06:40:46 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/15/2013 01:57:50 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (09/02/2013 07:13:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8985 seconds with 6780 seconds of active time.  This session ended with a crash.

Error: (03/26/2010 02:42:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 127 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (03/11/2010 00:11:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 892 seconds with 780 seconds of active time.  This session ended with a crash.

Error: (10/25/2008 03:40:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 189 seconds with 180 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 3069.67 MB
Available physical RAM: 1853.36 MB
Total Pagefile: 6343.65 MB
Available Pagefile: 5022.47 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.59 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:117.54 GB) (Free:22.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:113.88 GB) (Free:101.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 22741035)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=114 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
AVSCAN-20130915-225742-8AC0C784.LOG.txt:
Code:
ATTFilter
Licensee        : Avira Free Antivirus
Serial number   : 0000149996-ADJIE-0000001
Platform        : Windows Vista (TM) Home Premium
Windows version : (Service Pack 2)  [6.0.6002]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : SIMONEPETRY-PC

Version information:
BUILD.DAT       : 13.0.0.4052    55009 Bytes  29.08.2013 18:03:00
AVSCAN.EXE      : 13.6.20.2100   639032 Bytes  05.09.2013 18:33:30
AVSCANRC.DLL    : 13.6.20.2174    52280 Bytes  05.09.2013 18:33:30
LUKE.DLL        : 13.6.20.2174    65080 Bytes  05.09.2013 18:34:13
AVSCPLR.DLL     : 13.6.20.2174    92216 Bytes  05.09.2013 18:33:30
AVREG.DLL       : 13.6.20.2174   250424 Bytes  05.09.2013 18:33:28
avlode.dll      : 13.6.20.2174   497720 Bytes  05.09.2013 18:33:26
avlode.rdf      : 13.0.1.42      26846 Bytes  28.08.2013 19:05:37
VBASE000.VDF    : 7.11.70.0   66736640 Bytes  04.04.2013 20:29:11
VBASE001.VDF    : 7.11.74.226  2201600 Bytes  30.04.2013 19:09:16
VBASE002.VDF    : 7.11.80.60   2751488 Bytes  28.05.2013 15:36:28
VBASE003.VDF    : 7.11.85.214  2162688 Bytes  21.06.2013 18:48:31
VBASE004.VDF    : 7.11.91.176  3903488 Bytes  23.07.2013 09:29:32
VBASE005.VDF    : 7.11.98.186  6822912 Bytes  29.08.2013 07:24:09
VBASE006.VDF    : 7.11.98.187     2048 Bytes  29.08.2013 07:24:09
VBASE007.VDF    : 7.11.98.188     2048 Bytes  29.08.2013 07:24:09
VBASE008.VDF    : 7.11.98.189     2048 Bytes  29.08.2013 07:24:09
VBASE009.VDF    : 7.11.98.190     2048 Bytes  29.08.2013 07:24:09
VBASE010.VDF    : 7.11.98.191     2048 Bytes  29.08.2013 07:24:10
VBASE011.VDF    : 7.11.98.192     2048 Bytes  29.08.2013 07:24:10
VBASE012.VDF    : 7.11.98.193     2048 Bytes  29.08.2013 07:24:10
VBASE013.VDF    : 7.11.99.52    270848 Bytes  30.08.2013 11:26:33
VBASE014.VDF    : 7.11.99.167   210944 Bytes  02.09.2013 13:38:42
VBASE015.VDF    : 7.11.100.3    265216 Bytes  03.09.2013 17:33:56
VBASE016.VDF    : 7.11.100.95   220160 Bytes  04.09.2013 17:33:55
VBASE017.VDF    : 7.11.100.197   143872 Bytes  05.09.2013 18:33:13
VBASE018.VDF    : 7.11.101.11   227840 Bytes  06.09.2013 18:33:00
VBASE019.VDF    : 7.11.101.79   148480 Bytes  07.09.2013 19:05:26
VBASE020.VDF    : 7.11.101.169   305664 Bytes  10.09.2013 13:53:12
VBASE021.VDF    : 7.11.102.9    253440 Bytes  12.09.2013 17:43:45
VBASE022.VDF    : 7.11.102.151   282624 Bytes  15.09.2013 19:38:55
VBASE023.VDF    : 7.11.102.152     2048 Bytes  15.09.2013 19:38:55
VBASE024.VDF    : 7.11.102.153     2048 Bytes  15.09.2013 19:38:55
VBASE025.VDF    : 7.11.102.154     2048 Bytes  15.09.2013 19:38:55
VBASE026.VDF    : 7.11.102.155     2048 Bytes  15.09.2013 19:38:55
VBASE027.VDF    : 7.11.102.156     2048 Bytes  15.09.2013 19:38:55
VBASE028.VDF    : 7.11.102.157     2048 Bytes  15.09.2013 19:38:55
VBASE029.VDF    : 7.11.102.158     2048 Bytes  15.09.2013 19:38:55
VBASE030.VDF    : 7.11.102.159     2048 Bytes  15.09.2013 19:38:55
VBASE031.VDF    : 7.11.102.160    51712 Bytes  15.09.2013 19:38:56
Engine version  : 8.2.12.120
AEVDF.DLL       : 8.1.3.4       102774 Bytes  13.06.2013 18:57:15
AESCRIPT.DLL    : 8.1.4.148     516478 Bytes  06.09.2013 18:33:08
AESCN.DLL       : 8.1.10.4      131446 Bytes  27.03.2013 08:14:40
AESBX.DLL       : 8.2.16.26    1245560 Bytes  23.08.2013 14:55:56
AERDL.DLL       : 8.2.0.128     688504 Bytes  13.06.2013 18:57:14
AEPACK.DLL      : 8.3.2.28      749945 Bytes  13.09.2013 17:43:41
AEOFFICE.DLL    : 8.1.2.76      205181 Bytes  08.08.2013 18:31:35
AEHEUR.DLL      : 8.1.4.630    6164858 Bytes  13.09.2013 17:43:40
AEHELP.DLL      : 8.1.27.6      266617 Bytes  27.08.2013 19:05:39
AEGEN.DLL       : 8.1.7.14      446839 Bytes  06.09.2013 18:33:02
AEEXP.DLL       : 8.4.1.62      328055 Bytes  13.09.2013 17:43:41
AEEMU.DLL       : 8.1.3.2       393587 Bytes  19.09.2012 13:42:55
AECORE.DLL      : 8.1.32.0      201081 Bytes  23.08.2013 14:55:46
AEBB.DLL        : 8.1.1.4        53619 Bytes  05.11.2012 14:00:38
AVWINLL.DLL     : 13.6.20.2174    23608 Bytes  05.09.2013 18:33:12
AVPREF.DLL      : 13.6.20.2174    48184 Bytes  05.09.2013 18:33:28
AVREP.DLL       : 13.6.20.2174   175672 Bytes  05.09.2013 18:33:29
AVARKT.DLL      : 13.6.20.2174   258104 Bytes  05.09.2013 18:33:17
AVEVTLOG.DLL    : 13.6.20.2174   165432 Bytes  05.09.2013 18:33:20
SQLITE3.DLL     : 3.7.0.1       397088 Bytes  19.09.2012 17:17:40
AVSMTP.DLL      : 13.6.20.2174    60472 Bytes  05.09.2013 18:33:30
NETNT.DLL       : 13.6.20.2174    13368 Bytes  05.09.2013 18:34:13
RCIMAGE.DLL     : 13.6.20.2174  4788792 Bytes  05.09.2013 18:33:12
RCTEXT.DLL      : 13.6.20.2175    66616 Bytes  05.09.2013 18:33:12

Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_52361dc0\guard_slideup.avp
Reporting...........................: default
Primary action......................: Repair
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete
Deviating risk categories...........: +APPL,+PCK,+SPR,

Start of the scan: Sonntag, 15. September 2013  22:57
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccleaner.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpqssupply.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htcsyncmanager.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ipsecdialer.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcdiag.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setmtu.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smoothview.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tacsprop.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfcconf.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfcrst.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\todisc.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\toshddvd.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tosramutil.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninst.exe\Debugger> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_Dlls> was removed successfully.

The scan of running processes will be started:
Scan process 'avscan.exe' - '94' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '21' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '14' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '64' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '29' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'CFSwMgr.exe' - '74' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'TuneUpUtilitiesApp32.exe' - '27' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'taskeng.exe' - '52' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'xaudio.exe' - '22' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '7' Module(s) have been scanned
Scan process 'TuneUpUtilitiesService32.exe' - '75' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '45' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '45' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '28' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '28' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'BrowserProtect.exe' - '29' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '72' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'BrowserProtect.exe' - '34' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'avguard.exe' - '98' Module(s) have been scanned
Scan process 'armsvc.exe' - '27' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'TOSCDSPD.exe' - '22' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'avgnt.exe' - '77' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '39' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'NDSTray.exe' - '93' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'MSASCui.exe' - '43' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '61' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'sched.exe' - '48' Module(s) have been scanned
Scan process 'taskeng.exe' - '81' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'spoolsv.exe' - '94' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'Explorer.EXE' - '128' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'Dwm.exe' - '37' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '94' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'Ati2evxx.exe' - '39' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '79' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'SLsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '152' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '114' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '66' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'Ati2evxx.exe' - '34' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'PresentationFontCache.exe' - '35' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'svchost.exe' - '45' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'winlogon.exe' - '39' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'lsm.exe' - '30' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'lsass.exe' - '66' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'services.exe' - '40' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'wininit.exe' - '34' Module(s) have been scanned
  Module is infected -> <c:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll>
  [DETECTION] Contains recognition pattern of the APPL/BProtector.Gen application
  [WARNING]   The file was ignored.
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'avscan.exe' - '88' Module(s) have been scanned
Scan process 'EXCEL.EXE' - '76' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'vssvc.exe' - '49' Module(s) have been scanned
Scan process 'avscan.exe' - '101' Module(s) have been scanned


End of the scan: Sonntag, 15. September 2013  23:08
Used time: 10:06 Minute(s)

The scan has been done completely.

      0 Scanned directories
   4003 Files were scanned
      3 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
   4000 Files not concerned
     33 Archives were scanned
     37 Warnings
      0 Notes
         

Alt 16.09.2013, 16:44   #2
M-K-D-B
/// TB-Ausbilder
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
    Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
    Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.



Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen.
__________________

__________________

Alt 16.09.2013, 16:46   #3
M-K-D-B
/// TB-Ausbilder
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Servus,



sieht nach Adware aus. Nicht unbedingt schlimm, aber lästig.

Wir beginnen so:





Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.






Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM.
__________________
__________________

Alt 16.09.2013, 17:41   #4
smorvi
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Danke Matthias,

wenn ich es richtig sehe, sieht das Ganze wieder besser aus.
Anbei die Logdateien.

Woran sieht man denn, woher man sich die Adware eingehandelt hat?



AdwCleaner[S0].txt:
Code:
ATTFilter
# AdwCleaner v3.004 - Bericht erstellt am 16/09/2013 um 17:56:18
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Simone Petry - SIMONEPETRY-PC
# Gestartet von : C:\Users\Simone Petry\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : BrowserProtect

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\Alawar
Ordner Gelöscht : C:\ProgramData\Alawar Entertainment
Ordner Gelöscht : C:\ProgramData\Alawar Stargaze
Ordner Gelöscht : C:\ProgramData\AlawarEntertainment
Ordner Gelöscht : C:\ProgramData\AlawarSouthpoint
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Simone Petry\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\iWin
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\quickclick
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\Alawar
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\Alawar Entertainment
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\Alawar Stargaze
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\AlawarEntertainment
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\AlawarSouthpoint
Ordner Gelöscht : C:\Users\Simone Petry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Datei Gelöscht : C:\Windows\system32\roboot.exe
Datei Gelöscht : C:\Users\Simone Petry\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Simone Petry\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserProtect

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B06AAE5C-F475-477D-8FE7-C458535C4C07}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B06AAE5C-F475-477D-8FE7-C458535C4C07}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\5d558fdbbc3deb43
Schlüssel Gelöscht : HKLM\SOFTWARE\5d558fdbbc3deb43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16506

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

[ Datei : C:\Users\Simone Petry\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5096 octets] - [16/09/2013 17:55:14]
AdwCleaner[S0].txt - [4912 octets] - [16/09/2013 17:56:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4972 octets] ##########
         
JRT.txt:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Simone Petry on 16.09.2013 at 18:05:00,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-960008410-599929504-2592557754-1000\Software\SweetIM



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\Simone Petry\AppData\Roaming\big fish games"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.09.2013 at 18:09:18,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
mbam-log-2013-09-16 (18-19-47).txt
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.16.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Simone Petry :: SIMONEPETRY-PC [Administrator]

16.09.2013 18:19:47
mbam-log-2013-09-16 (18-19-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 218531
Laufzeit: 6 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 17.09.2013, 18:17   #5
M-K-D-B
/// TB-Ausbilder
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Servus,


Zitat:
Zitat von smorvi Beitrag anzeigen
Woran sieht man denn, woher man sich die Adware eingehandelt hat?
Das sehe ich bereits an dem Namen deines Topics.




Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu eine Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden wieder zwei Logdateien erzeugt. Poste mir diese.

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 17.09.2013, 20:20   #6
smorvi
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Okay.

Kontrollscan ist durchgeführt und Dateien wieder angehängt.

FRST.txt:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013 03
Ran by Simone Petry (administrator) on SIMONEPETRY-PC on 17-09-2013 21:13:24
Running from C:\Users\Simone Petry\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
() C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-11-29] (Synaptics, Inc.)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509816 2008-01-25] (TOSHIBA Corporation)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKCU\...\Run: [TOSCDSPD] - TOSCDSPD.EXE
HKCU\...\Run: [Google Update] - C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-14] (Google Inc.)
MountPoints2: {d595702f-8fe8-11dd-9b88-001e68c53ee1} - D:\LaunchU3.exe -a
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-12-29] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-12-29] ()
Startup: C:\ProgramData\1912 Titanic Mystery ()
Startup: C:\ProgramData\Absolutist ()
Startup: C:\ProgramData\Adobe ()
Startup: C:\ProgramData\Advanced Chemistry Development ()
Startup: C:\ProgramData\AirportMania ()
Startup: C:\ProgramData\Alex Gordon ()
Startup: C:\ProgramData\Aliasworlds ()
Startup: C:\ProgramData\Anwendungsdaten ()
Startup: C:\ProgramData\Apple ()
Startup: C:\ProgramData\Apple Computer ()
Startup: C:\ProgramData\Application Data ()
Startup: C:\ProgramData\Arcade Lab ()
Startup: C:\ProgramData\Arizona Rose ()
Startup: C:\ProgramData\Artist Colony ()
Startup: C:\ProgramData\Ashtons Family Resort ()
Startup: C:\ProgramData\Astar Games ()
Startup: C:\ProgramData\ATI ()
Startup: C:\ProgramData\Avira ()
Startup: C:\ProgramData\Awem ()
Startup: C:\ProgramData\Balls ()
Startup: C:\ProgramData\BC Soft Games ()
Startup: C:\ProgramData\Becky Brogan 2 ()
Startup: C:\ProgramData\BigFish ()
Startup: C:\ProgramData\Bilbo ()
Startup: C:\ProgramData\Black Blob Studios ()
Startup: C:\ProgramData\blg ()
Startup: C:\ProgramData\BlitPop ()
Startup: C:\ProgramData\CannyGames ()
Startup: C:\ProgramData\Canon IJ Network Tool ()
Startup: C:\ProgramData\CanonBJ ()
Startup: C:\ProgramData\CanonEPP ()
Startup: C:\ProgramData\CanonIJEGV ()
Startup: C:\ProgramData\CanonIJEPPEX2 ()
Startup: C:\ProgramData\CanonIJMSetup ()
Startup: C:\ProgramData\CanonIJScan ()
Startup: C:\ProgramData\CanonIJWSpt ()
Startup: C:\ProgramData\casualArts ()
Startup: C:\ProgramData\Cateia Games ()
Startup: C:\ProgramData\cerasus.media ()
Startup: C:\ProgramData\Colibri Games ()
Startup: C:\ProgramData\Common Files ()
Startup: C:\ProgramData\CrioGames ()
Startup: C:\ProgramData\CropBusters ()
Startup: C:\ProgramData\Crown ()
Startup: C:\ProgramData\Deadtime Stories ()
Startup: C:\ProgramData\Deep Shadows ()
Startup: C:\ProgramData\Desktop ()
Startup: C:\ProgramData\DivoGames ()
Startup: C:\ProgramData\Documents ()
Startup: C:\ProgramData\Dokumente ()
Startup: C:\ProgramData\Dress-up-pups ()
Startup: C:\ProgramData\Electronic Arts ()
Startup: C:\ProgramData\Elephant Games ()
Startup: C:\ProgramData\Escape From Paradise ()
Startup: C:\ProgramData\ezsidmv.dat ()
Startup: C:\ProgramData\Far Mills ()
Startup: C:\ProgramData\Farm Fishes ()
Startup: C:\ProgramData\FarmFrenzy2 ()
Startup: C:\ProgramData\FarmFrenzy3 ()
Startup: C:\ProgramData\FarmFrenzy3_America ()
Startup: C:\ProgramData\FarmFrenzy3_Arctica ()
Startup: C:\ProgramData\FarmFrenzy3_Madagascar ()
Startup: C:\ProgramData\FarmFrenzy3_Russia ()
Startup: C:\ProgramData\FarmFrenzy_Rome ()
Startup: C:\ProgramData\FarmFrenzy_Vikings ()
Startup: C:\ProgramData\Favoriten ()
Startup: C:\ProgramData\Favorites ()
Startup: C:\ProgramData\Fenomen Games ()
Startup: C:\ProgramData\Fitn17 ()
Startup: C:\ProgramData\Flood Light Games ()
Startup: C:\ProgramData\Floodlight Games ()
Startup: C:\ProgramData\FloodLightGames ()
Startup: C:\ProgramData\FreshGames ()
Startup: C:\ProgramData\Friday's games ()
Startup: C:\ProgramData\Friends Games ()
Startup: C:\ProgramData\Fugazo ()
Startup: C:\ProgramData\fullscreen=true ()
Startup: C:\ProgramData\Funny Bear Studio ()
Startup: C:\ProgramData\GAMEON ()
Startup: C:\ProgramData\GameXzone ()
Startup: C:\ProgramData\Gogii ()
Startup: C:\ProgramData\Gogii Games ()
Startup: C:\ProgramData\Google ()
Startup: C:\ProgramData\Hewlett-Packard ()
Startup: C:\ProgramData\HideAndSecret3 ()
Startup: C:\ProgramData\HipSoft ()
Startup: C:\ProgramData\HoverBee Studios ()
Startup: C:\ProgramData\HP ()
Startup: C:\ProgramData\hps ()
Startup: C:\ProgramData\HPSSUPPLY ()
Startup: C:\ProgramData\hpzinstall.log ()
Startup: C:\ProgramData\HTC ()
Startup: C:\ProgramData\Intenium ()
Startup: C:\ProgramData\InterAction studios ()
Startup: C:\ProgramData\Islands ()
Startup: C:\ProgramData\Jewelleria ()
Startup: C:\ProgramData\JollyBear ()
Startup: C:\ProgramData\JuliettesFashionEmpire ()
Startup: C:\ProgramData\Kingdom ()
Startup: C:\ProgramData\KranX ()
Startup: C:\ProgramData\Kreuzworträtsel - Kalender Edition ()
Startup: C:\ProgramData\LittleGamesCompany ()
Startup: C:\ProgramData\LoadHelper ()
Startup: C:\ProgramData\Lost Treasures of El Dorado ()
Startup: C:\ProgramData\MAGIX ()
Startup: C:\ProgramData\Malwarebytes ()
Startup: C:\ProgramData\Maximize Games ()
Startup: C:\ProgramData\McAfee ()
Startup: C:\ProgramData\Mean Hamster ()
Startup: C:\ProgramData\Media Center Programs ()
Startup: C:\ProgramData\MeinEigenesCafé ()
Startup: C:\ProgramData\Meridian93 ()
Startup: C:\ProgramData\Merscom ()
Startup: C:\ProgramData\Microsoft ()
Startup: C:\ProgramData\Microsoft Help ()
Startup: C:\ProgramData\Motorola ()
Startup: C:\ProgramData\MumboJumbo ()
Startup: C:\ProgramData\mxfilerelatedcache.mxc2 ()
Startup: C:\ProgramData\MythPeople ()
Startup: C:\ProgramData\NannyMania ()
Startup: C:\ProgramData\Nevosoft-Breeze ()
Startup: C:\ProgramData\Office Genuine Advantage ()
Startup: C:\ProgramData\Particles ()
Startup: C:\ProgramData\Perfect-Tree ()
Startup: C:\ProgramData\Pets Fun House ()
Startup: C:\ProgramData\PlayFirst ()
Startup: C:\ProgramData\PlayfulAge ()
Startup: C:\ProgramData\Playrix Entertainment ()
Startup: C:\ProgramData\PoBros ()
Startup: C:\ProgramData\PuzzlesByJoe ()
Startup: C:\ProgramData\QuickTime ()
Startup: C:\ProgramData\RescueFrenzy ()
Startup: C:\ProgramData\rionix ()
Startup: C:\ProgramData\Rumbic Studio ()
Startup: C:\ProgramData\Sandlot Games ()
Startup: C:\ProgramData\ScreenSeven ()
Startup: C:\ProgramData\Skype ()
Startup: C:\ProgramData\SpinTop Games ()
Startup: C:\ProgramData\SpookyMall ()
Startup: C:\ProgramData\Sprouts Adventure ()
Startup: C:\ProgramData\Start Menu ()
Startup: C:\ProgramData\Startmenü ()
Startup: C:\ProgramData\SugarGames ()
Startup: C:\ProgramData\SulusGames ()
Startup: C:\ProgramData\Sun ()
Startup: C:\ProgramData\TEMP ()
Startup: C:\ProgramData\Templates ()
Startup: C:\ProgramData\TERMINAL Studio ()
Startup: C:\ProgramData\Terrafarmers ()
Startup: C:\ProgramData\The Game Equation ()
Startup: C:\ProgramData\The Mirror Mysteries ()
Startup: C:\ProgramData\TheFallTrilogyEp3-BF ()
Startup: C:\ProgramData\TheRace_dev ()
Startup: C:\ProgramData\tmp ()
Startup: C:\ProgramData\Toshiba ()
Startup: C:\ProgramData\ToshibaEurope ()
Startup: C:\ProgramData\Try2 ()
Startup: C:\ProgramData\TuneUp Software ()
Startup: C:\ProgramData\UClick ()
Startup: C:\ProgramData\Ulead Systems ()
Startup: C:\ProgramData\Venus DS ()
Startup: C:\ProgramData\VirtualFarm ()
Startup: C:\ProgramData\VirtualFarm2 ()
Startup: C:\ProgramData\Vogelpiraten ()
Startup: C:\ProgramData\Vogue Tales ()
Startup: C:\ProgramData\Vorlagen ()
Startup: C:\ProgramData\WeatherLord ()
Startup: C:\ProgramData\WEBREG ()
Startup: C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} ()
Startup: C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} ()
Startup: C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} ()
Startup: C:\Users\Default\Anwendungsdaten ()
Startup: C:\Users\Default\AppData ()
Startup: C:\Users\Default\Application Data ()
Startup: C:\Users\Default\Cookies ()
Startup: C:\Users\Default\Desktop ()
Startup: C:\Users\Default\Documents ()
Startup: C:\Users\Default\Downloads ()
Startup: C:\Users\Default\Druckumgebung ()
Startup: C:\Users\Default\Eigene Dateien ()
Startup: C:\Users\Default\Favorites ()
Startup: C:\Users\Default\Links ()
Startup: C:\Users\Default\Local Settings ()
Startup: C:\Users\Default\Lokale Einstellungen ()
Startup: C:\Users\Default\Music ()
Startup: C:\Users\Default\My Documents ()
Startup: C:\Users\Default\NetHood ()
Startup: C:\Users\Default\Netzwerkumgebung ()
Startup: C:\Users\Default\NTUSER.DAT ()
Startup: C:\Users\Default\NTUSER.DAT.LOG ()
Startup: C:\Users\Default\ntuser.dat.LOG1 ()
Startup: C:\Users\Default\ntuser.dat.LOG2 ()
Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Default\Pictures ()
Startup: C:\Users\Default\PrintHood ()
Startup: C:\Users\Default\Recent ()
Startup: C:\Users\Default\Saved Games ()
Startup: C:\Users\Default\SendTo ()
Startup: C:\Users\Default\Start Menu ()
Startup: C:\Users\Default\Startmenü ()
Startup: C:\Users\Default\Templates ()
Startup: C:\Users\Default\Videos ()
Startup: C:\Users\Default\Vorlagen ()
Startup: C:\Users\Public\Desktop ()
Startup: C:\Users\Public\Documents ()
Startup: C:\Users\Public\Downloads ()
Startup: C:\Users\Public\DRM ()
Startup: C:\Users\Public\Favorites ()
Startup: C:\Users\Public\Music ()
Startup: C:\Users\Public\mxfilerelatedcache.mxc2 ()
Startup: C:\Users\Public\NTUSER.DAT ()
Startup: C:\Users\Public\NTUSER.DAT.LOG1 ()
Startup: C:\Users\Public\NTUSER.DAT.LOG2 ()
Startup: C:\Users\Public\NTUSER.DAT{1b382e45-9943-11dd-a307-001e68c53ee1}.TM.blf ()
Startup: C:\Users\Public\NTUSER.DAT{1b382e45-9943-11dd-a307-001e68c53ee1}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{1b382e45-9943-11dd-a307-001e68c53ee1}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{8c9f9ea2-9395-11dd-a473-001e68c53ee1}.TM.blf ()
Startup: C:\Users\Public\NTUSER.DAT{8c9f9ea2-9395-11dd-a473-001e68c53ee1}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{8c9f9ea2-9395-11dd-a473-001e68c53ee1}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Public\Pictures ()
Startup: C:\Users\Public\Recorded TV ()
Startup: C:\Users\Public\Videos ()
Startup: C:\Users\Simone Petry\Anwendungsdaten ()
Startup: C:\Users\Simone Petry\AppData ()
Startup: C:\Users\Simone Petry\Briefe ()
Startup: C:\Users\Simone Petry\Contacts ()
Startup: C:\Users\Simone Petry\Cookies ()
Startup: C:\Users\Simone Petry\Desktop ()
Startup: C:\Users\Simone Petry\Documents ()
Startup: C:\Users\Simone Petry\Downloads ()
Startup: C:\Users\Simone Petry\Druckumgebung ()
Startup: C:\Users\Simone Petry\Eigene Dateien ()
Startup: C:\Users\Simone Petry\Favorites ()
Startup: C:\Users\Simone Petry\geogebra ()
Startup: C:\Users\Simone Petry\Geschenke, Gutscheine ()
Startup: C:\Users\Simone Petry\Haus ()
Startup: C:\Users\Simone Petry\Links ()
Startup: C:\Users\Simone Petry\Lokale Einstellungen ()
Startup: C:\Users\Simone Petry\Material Chemie ()
Startup: C:\Users\Simone Petry\Music ()
Startup: C:\Users\Simone Petry\mxfilerelatedcache.mxc2 ()
Startup: C:\Users\Simone Petry\Netzwerkumgebung ()
Startup: C:\Users\Simone Petry\NTUSER.DAT ()
Startup: C:\Users\Simone Petry\ntuser.dat.LOG1 ()
Startup: C:\Users\Simone Petry\ntuser.dat.LOG2 ()
Startup: C:\Users\Simone Petry\NTUSER.DAT_tureg_new.LOG1 ()
Startup: C:\Users\Simone Petry\NTUSER.DAT_tureg_new.LOG2 ()
Startup: C:\Users\Simone Petry\NTUSER.DAT_tureg_old ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{4e79ca56-24f7-11de-8326-001e68c53ee1}.TM.blf ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{4e79ca56-24f7-11de-8326-001e68c53ee1}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{4e79ca56-24f7-11de-8326-001e68c53ee1}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{58ce7e24-af1d-11e2-8ed4-806e6f6e6963}.TM.blf ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{58ce7e24-af1d-11e2-8ed4-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{58ce7e24-af1d-11e2-8ed4-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{d275a980-59d0-11e2-94c9-806e6f6e6963}.TM.blf ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{d275a980-59d0-11e2-94c9-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Simone Petry\NTUSER.DAT{d275a980-59d0-11e2-94c9-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Simone Petry\ntuser.ini ()
Startup: C:\Users\Simone Petry\Organisation Schulen ()
Startup: C:\Users\Simone Petry\Pictures ()
Startup: C:\Users\Simone Petry\Recent ()
Startup: C:\Users\Simone Petry\Saved Games ()
Startup: C:\Users\Simone Petry\Schule (Aushilfe, Praktikum) ()
Startup: C:\Users\Simone Petry\Searches ()
Startup: C:\Users\Simone Petry\SendTo ()
Startup: C:\Users\Simone Petry\Startmenü ()
Startup: C:\Users\Simone Petry\Studienseminar ()
Startup: C:\Users\Simone Petry\Unterricht ()
Startup: C:\Users\Simone Petry\Versuch Natrium in Wasser.docx ()
Startup: C:\Users\Simone Petry\Videos ()
Startup: C:\Users\Simone Petry\Vorlagen ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {CA0D91C8-F9EC-4B40-997E-02F8BA3728F4} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome: 
=======
CHR Extension: (Chrome In-App Payments service) - C:\Users\SIMONE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2007-12-25] (TOSHIBA CORPORATION)
S4 HTCMonitorService; C:\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2012-10-26] (Nero AG)
S4 o2flash; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International)
S4 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] ()
S4 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-03] (TOSHIBA Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-04-01] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-28] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 CnxtHdAudAddService; C:\Windows\System32\drivers\CHDART.sys [187904 2008-02-01] (Conexant Systems Inc.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
S4 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-04-01] ()
R3 QIOMem; C:\Windows\System32\DRIVERS\QIOMem.sys [8192 2007-04-09] (TOSHIBA)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IntcHdmiAddService; system32\drivers\IntcHdmi.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 Tosrfcom; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-17 21:11 - 2013-09-17 21:12 - 01083437 _____ (Farbar) C:\Users\Simone Petry\Downloads\FRST.exe
2013-09-16 18:15 - 2013-09-16 18:15 - 00000911 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-16 18:15 - 2013-09-16 18:15 - 00000000 ____D C:\Users\Simone Petry\AppData\Roaming\Malwarebytes
2013-09-16 18:15 - 2013-09-16 18:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-16 18:15 - 2013-09-16 18:15 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-16 18:15 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-16 18:11 - 2013-09-16 18:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Simone Petry\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-16 18:09 - 2013-09-16 18:09 - 00000982 _____ C:\Users\Simone Petry\Desktop\JRT.txt
2013-09-16 18:04 - 2013-09-16 18:04 - 01029675 _____ (Thisisu) C:\Users\Simone Petry\Downloads\JRT.exe
2013-09-16 18:04 - 2013-09-16 18:04 - 00000000 ____D C:\Windows\ERUNT
2013-09-16 17:55 - 2013-09-16 17:58 - 00000000 ____D C:\AdwCleaner
2013-09-16 17:53 - 2013-09-16 17:53 - 01039554 _____ C:\Users\Simone Petry\Downloads\adwcleaner.exe
2013-09-16 16:58 - 2013-09-16 17:00 - 00036992 _____ C:\Users\Simone Petry\Downloads\Addition.txt
2013-09-16 16:56 - 2013-09-16 16:56 - 00000000 ____D C:\FRST
2013-09-13 07:57 - 2013-09-13 07:57 - 04751752 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-09-12 22:55 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 22:55 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 22:55 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 22:55 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 22:55 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-12 22:55 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 22:55 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-12 22:55 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 22:55 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 22:55 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-12 22:55 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-12 22:55 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 22:55 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 22:55 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 22:55 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-12 22:55 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 22:01 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 22:01 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-04 21:02 - 2013-09-04 21:03 - 00315392 _____ C:\Users\Simone Petry\Downloads\ZentraleMFB_Ueberblic_0d_0a_k_1 (1).ppt
2013-09-01 16:21 - 2013-09-01 16:20 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-08-28 20:28 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

==================== One Month Modified Files and Folders =======

2013-09-17 21:12 - 2013-09-17 21:11 - 01083437 _____ (Farbar) C:\Users\Simone Petry\Downloads\FRST.exe
2013-09-17 21:03 - 2011-12-14 17:56 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000UA.job
2013-09-17 20:57 - 2012-04-07 16:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-17 20:55 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-17 20:55 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-17 18:59 - 2008-10-01 17:57 - 01857459 _____ C:\Windows\WindowsUpdate.log
2013-09-17 18:55 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-17 15:46 - 2006-11-02 15:01 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-16 22:10 - 2011-12-14 17:56 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000Core.job
2013-09-16 20:19 - 2008-10-03 16:20 - 00000000 ____D C:\Users\Simone Petry\AppData\Local\Microsoft Help
2013-09-16 18:15 - 2013-09-16 18:15 - 00000911 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-16 18:15 - 2013-09-16 18:15 - 00000000 ____D C:\Users\Simone Petry\AppData\Roaming\Malwarebytes
2013-09-16 18:15 - 2013-09-16 18:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-16 18:15 - 2013-09-16 18:15 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-16 18:11 - 2013-09-16 18:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Simone Petry\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-16 18:09 - 2013-09-16 18:09 - 00000982 _____ C:\Users\Simone Petry\Desktop\JRT.txt
2013-09-16 18:04 - 2013-09-16 18:04 - 01029675 _____ (Thisisu) C:\Users\Simone Petry\Downloads\JRT.exe
2013-09-16 18:04 - 2013-09-16 18:04 - 00000000 ____D C:\Windows\ERUNT
2013-09-16 17:58 - 2013-09-16 17:55 - 00000000 ____D C:\AdwCleaner
2013-09-16 17:53 - 2013-09-16 17:53 - 01039554 _____ C:\Users\Simone Petry\Downloads\adwcleaner.exe
2013-09-16 17:00 - 2013-09-16 16:58 - 00036992 _____ C:\Users\Simone Petry\Downloads\Addition.txt
2013-09-16 16:56 - 2013-09-16 16:56 - 00000000 ____D C:\FRST
2013-09-15 23:02 - 2012-11-19 18:51 - 00000000 ____D C:\Users\Simone Petry\Studienseminar
2013-09-15 18:51 - 2013-02-03 16:44 - 00000000 ____D C:\Users\Simone Petry\Unterricht
2013-09-15 18:39 - 2013-07-09 09:55 - 00006978 _____ C:\Windows\PFRO.log
2013-09-14 08:09 - 2008-02-26 15:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-13 16:12 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-13 07:57 - 2013-09-13 07:57 - 04751752 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-09-13 07:57 - 2012-04-07 16:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-13 07:57 - 2011-05-17 11:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-13 07:19 - 2013-07-01 09:42 - 00326720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 22:48 - 2013-08-15 12:12 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 22:45 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-05 20:34 - 2013-01-02 16:54 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-05 20:34 - 2013-01-02 16:54 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-04 21:03 - 2013-09-04 21:02 - 00315392 _____ C:\Users\Simone Petry\Downloads\ZentraleMFB_Ueberblic_0d_0a_k_1 (1).ppt
2013-09-04 20:26 - 2008-01-21 09:16 - 01560216 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-01 16:20 - 2013-09-01 16:21 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-01 16:20 - 2013-09-01 16:20 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-09-01 16:20 - 2012-08-31 08:25 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-09-01 16:20 - 2010-07-06 21:46 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-09-01 15:30 - 2010-05-18 15:10 - 00000000 ____D C:\Program Files\DEUTSCHLAND SPIELT

Some content of TEMP:
====================
C:\Users\Simone Petry\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-17 19:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-09-2013 03
Ran by Simone Petry at 2013-09-17 21:14:12
Running from C:\Users\Simone Petry\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 1.0.0)
ABI-TOUR
ACD/Labs Software in C:\Program Files\ACDFREE12\ (Version: v12.00, FREE)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.174)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.657.0)
Avira Free Antivirus (Version: 13.0.0.4052)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bluetooth Stack for Windows by Toshiba (Version: v6.10.02(T))
Camera Assistant Software for Toshiba (Version: 1.7.175.0123)
Canon Easy-PhotoPrint EX
Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data
Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MG6100 series Benutzerregistrierung
Canon MG6100 series MP Drivers
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2008.0130.1509.26922)
Catalyst Control Center Graphics Full Existing (Version: 2008.0130.1509.26922)
Catalyst Control Center Graphics Full New (Version: 2008.0130.1509.26922)
Catalyst Control Center Graphics Light (Version: 2008.0130.1509.26922)
Catalyst Control Center Graphics Previews Vista (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Chinese Standard (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Dutch (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization French (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization German (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Italian (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Japanese (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Korean (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Portuguese (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Spanish (Version: 2008.0130.1509.26922)
Catalyst Control Center Localization Swedish (Version: 2008.0130.1509.26922)
CCC Help Chinese Standard (Version: 2008.0130.1508.26922)
CCC Help Chinese Traditional (Version: 2008.0130.1508.26922)
CCC Help Dutch (Version: 2008.0130.1508.26922)
CCC Help English (Version: 2008.0130.1508.26922)
CCC Help French (Version: 2008.0130.1508.26922)
CCC Help German (Version: 2008.0130.1508.26922)
CCC Help Italian (Version: 2008.0130.1508.26922)
CCC Help Japanese (Version: 2008.0130.1508.26922)
CCC Help Korean (Version: 2008.0130.1508.26922)
CCC Help Portuguese (Version: 2008.0130.1508.26922)
CCC Help Spanish (Version: 2008.0130.1508.26922)
CCC Help Swedish (Version: 2008.0130.1508.26922)
ccc-core-static (Version: 2008.0130.1509.26922)
ccc-utility (Version: 2008.0130.1509.26922)
CCleaner (Version: 4.02)
CD/DVD Drive Acoustic Silencer (Version: 2.02.00)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.36.6.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DEUTSCHLAND SPIELT GAME CENTER (Version: 1.0.0.46)
Die Siedler II - Die nächste Generation
dm-Fotowelt (Version: 5.0.4)
EAX Unified
Farm Tribe 2: Jetzt wird geackert! (Version: 1.0.0.0)
Foto Paradies
GeoGebra (Version: 4.0.41.0)
GeoGebra WebStart
Google Chrome (HKCU Version: 29.0.1547.66)
HDAUDIO Soft Data Fax Modem with SmartCP
HDMI Control Manager (Version: 1.6)
HessGISS 2012-2013 (Version: 17.0)
HP Update (Version: 5.002.007.004)
HPSSupply (Version: 2.1.3.0000)
HTC Driver Installer (Version: 4.0.0.009)
HTC Sync Manager (Version: 1.1.66.0)
Intel® Matrix Storage Manager
InterVideo AVControlSDK
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Marvell Miniport Driver (Version: 10.51.4.3)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access Runtime 2010 (Version: 14.0.7015.1000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access Runtime 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Runtime MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft XML Parser (Version: 8.0.7820.0)
Microsoft XML Parser (Version: 8.20.8730.4)
Move Media Player
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.52)
NVIDIA PhysX (Version: 9.09.0203)
O2Micro Flash Memory Card Reader Driver (x86) (Version: 3.19.1)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenAL
PokerStars.net
ProtectDisc Driver, Version 11 (Version: 11.0.0.12)
QuickTime (Version: 7.73.80.64)
Risen (Version: 1.00.0000)
Samsung Master (Version: 1.1.11)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Skins (Version: 2008.0130.1509.26922)
Skype™ 5.10 (Version: 5.10.116)
Star Wars(TM): Knights of the Old Republic (TM)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 10.1.7.0)
The Witcher: Enhanced Edition
TOSHIBA Assist (Version: 2.01.04)
TOSHIBA Benutzerhandbücher (Version: 7.33)
TOSHIBA ConfigFree (Version: 7.1.26)
TOSHIBA Disc Creator (Version: 2.0.1.1.a)
TOSHIBA DVD PLAYER (Version: 1.20.10)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Hardware Setup (Version: 3.00.01.00)
Toshiba Online Product Information (Version: 1.00.0012)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.1b)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1)
TOSHIBA Supervisor Password (Version: 3.00.01.00)
TOSHIBA Value Added Package (Version: 1.1.14)
TRDCReminder (Version: 1.00.0014)
TRORDCLauncher (Version: 1.0.0.1)
TuneUp Utilities 2013 (Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2)
Unity Web Player (HKCU Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VLC media player 1.0.3 (Version: 1.0.3)
Windows Media Encoder 9-Reihe
Windows Media Encoder 9-Reihe (Version: 9.00.3374)

==================== Restore Points  =========================

04-09-2013 16:39:47 Geplanter Prüfpunkt
10-09-2013 13:58:30 Windows Update
12-09-2013 20:44:42 Windows Update
13-09-2013 08:39:17 Windows Update
13-09-2013 13:55:15 Windows Update
13-09-2013 14:03:03 Windows Update
13-09-2013 14:41:31 Windows Update
13-09-2013 15:10:08 Windows Update
13-09-2013 15:17:27 Windows Update
13-09-2013 15:32:32 Windows Update
14-09-2013 06:04:04 Windows Update
17-09-2013 12:45:20 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03FE9E06-9BED-4ECE-825D-7569A2EA4C0A} - System32\Tasks\{61F8E5DD-1D83-40B4-8CB0-C89D5E23647C} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {11A9B218-E1FC-4F88-82EB-1522A1B09F5C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000Core => C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1D3AD10B-481B-4F54-839A-256D1AFFB347} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
Task: {246B0DB0-0D73-42C6-98EF-0C30CF48B70B} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {28912FAB-CA72-4BD3-842C-AB81111E6D96} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {470A6904-C848-4284-BBCF-B1CBAC31345A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {6B6262DF-EFFF-432C-9850-9023BA49143C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000UA => C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {9CFCB40E-6BE6-4A52-B834-49CF0E188B06} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: {9E5B3551-C5A0-4334-A0C5-2D919CB3465B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {AC09D2B6-7091-4776-BDC4-6C1999933A6E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {CBDF8DD4-48D3-49D7-AC62-89826B0D9891} - System32\Tasks\{4F6BAA77-A8BF-46A1-A07A-697634734F94} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.5.0.124.259/en/abandoninstall?page=tsPlugin&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {D5F77ED5-B41B-4259-BE73-E83CB2099B8A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F7A5F634-5266-471C-B72A-F68601FDC9EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {F882764E-68E4-45ED-8A86-708FCE72E6C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000Core.job => C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-960008410-599929504-2592557754-1000UA.job => C:\Users\Simone Petry\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-02-15 18:22 - 2008-01-30 16:30 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-01-08 08:15 - 2008-01-08 08:15 - 00688128 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
2007-11-16 21:10 - 2007-11-16 21:10 - 00172032 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBtAPI.dll
2007-12-03 18:57 - 2007-12-03 18:57 - 00131072 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBdAPI.dll
2008-02-15 18:29 - 2007-11-29 18:18 - 00163840 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll
2008-02-15 18:29 - 2007-11-29 18:30 - 00147456 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll
2013-09-04 08:14 - 2013-09-02 22:34 - 47074256 _____ (Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 04053456 _____ () C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 00410576 _____ () C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 02110928 _____ (Google Inc.) C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll
2013-09-04 08:14 - 2013-09-02 22:35 - 01604560 _____ () C:\Users\Simone Petry\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\TEMP:025DF3DE
AlternateDataStreams: C:\ProgramData\TEMP:02F30776
AlternateDataStreams: C:\ProgramData\TEMP:03A039A3
AlternateDataStreams: C:\ProgramData\TEMP:03D08225
AlternateDataStreams: C:\ProgramData\TEMP:0406003C
AlternateDataStreams: C:\ProgramData\TEMP:041ED421
AlternateDataStreams: C:\ProgramData\TEMP:073139EC
AlternateDataStreams: C:\ProgramData\TEMP:07D64CD9
AlternateDataStreams: C:\ProgramData\TEMP:084612C9
AlternateDataStreams: C:\ProgramData\TEMP:0915A718
AlternateDataStreams: C:\ProgramData\TEMP:0968E571
AlternateDataStreams: C:\ProgramData\TEMP:09708CB7
AlternateDataStreams: C:\ProgramData\TEMP:0AE2C68F
AlternateDataStreams: C:\ProgramData\TEMP:102394C6
AlternateDataStreams: C:\ProgramData\TEMP:10873493
AlternateDataStreams: C:\ProgramData\TEMP:10B970A9
AlternateDataStreams: C:\ProgramData\TEMP:10D45FC3
AlternateDataStreams: C:\ProgramData\TEMP:12383CAE
AlternateDataStreams: C:\ProgramData\TEMP:12D21A9A
AlternateDataStreams: C:\ProgramData\TEMP:13019F4B
AlternateDataStreams: C:\ProgramData\TEMP:13765436
AlternateDataStreams: C:\ProgramData\TEMP:13CDB0E0
AlternateDataStreams: C:\ProgramData\TEMP:14362DF8
AlternateDataStreams: C:\ProgramData\TEMP:160ADF0B
AlternateDataStreams: C:\ProgramData\TEMP:164561C8
AlternateDataStreams: C:\ProgramData\TEMP:169E7AC5
AlternateDataStreams: C:\ProgramData\TEMP:1709732A
AlternateDataStreams: C:\ProgramData\TEMP:18A25CF1
AlternateDataStreams: C:\ProgramData\TEMP:1A8BB29B
AlternateDataStreams: C:\ProgramData\TEMP:1B3549F2
AlternateDataStreams: C:\ProgramData\TEMP:1B47CB83
AlternateDataStreams: C:\ProgramData\TEMP:1B96CF22
AlternateDataStreams: C:\ProgramData\TEMP:206470A5
AlternateDataStreams: C:\ProgramData\TEMP:217A2A36
AlternateDataStreams: C:\ProgramData\TEMP:2211E7A0
AlternateDataStreams: C:\ProgramData\TEMP:22741C1F
AlternateDataStreams: C:\ProgramData\TEMP:258D2F8B
AlternateDataStreams: C:\ProgramData\TEMP:26499772
AlternateDataStreams: C:\ProgramData\TEMP:2652902F
AlternateDataStreams: C:\ProgramData\TEMP:27F44544
AlternateDataStreams: C:\ProgramData\TEMP:28819F45
AlternateDataStreams: C:\ProgramData\TEMP:2979C892
AlternateDataStreams: C:\ProgramData\TEMP:29C0641D
AlternateDataStreams: C:\ProgramData\TEMP:2ABB51D4
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9
AlternateDataStreams: C:\ProgramData\TEMP:2B856118
AlternateDataStreams: C:\ProgramData\TEMP:2B9555D8
AlternateDataStreams: C:\ProgramData\TEMP:2C250258
AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2CED8825
AlternateDataStreams: C:\ProgramData\TEMP:2EB79F01
AlternateDataStreams: C:\ProgramData\TEMP:2F70C0B4
AlternateDataStreams: C:\ProgramData\TEMP:3118E26B
AlternateDataStreams: C:\ProgramData\TEMP:34C443B4
AlternateDataStreams: C:\ProgramData\TEMP:363E775E
AlternateDataStreams: C:\ProgramData\TEMP:36608448
AlternateDataStreams: C:\ProgramData\TEMP:36A39835
AlternateDataStreams: C:\ProgramData\TEMP:371A321E
AlternateDataStreams: C:\ProgramData\TEMP:375FC7E7
AlternateDataStreams: C:\ProgramData\TEMP:3766E957
AlternateDataStreams: C:\ProgramData\TEMP:3B07E6F4
AlternateDataStreams: C:\ProgramData\TEMP:3CAE2A70
AlternateDataStreams: C:\ProgramData\TEMP:404908B5
AlternateDataStreams: C:\ProgramData\TEMP:413E2927
AlternateDataStreams: C:\ProgramData\TEMP:425759C6
AlternateDataStreams: C:\ProgramData\TEMP:436BE28C
AlternateDataStreams: C:\ProgramData\TEMP:45912F61
AlternateDataStreams: C:\ProgramData\TEMP:46A2F27B
AlternateDataStreams: C:\ProgramData\TEMP:471AD3D0
AlternateDataStreams: C:\ProgramData\TEMP:483AC68A
AlternateDataStreams: C:\ProgramData\TEMP:4AC7B5C1
AlternateDataStreams: C:\ProgramData\TEMP:4B244549
AlternateDataStreams: C:\ProgramData\TEMP:4C6F9D77
AlternateDataStreams: C:\ProgramData\TEMP:4F852702
AlternateDataStreams: C:\ProgramData\TEMP:553056F1
AlternateDataStreams: C:\ProgramData\TEMP:56C66609
AlternateDataStreams: C:\ProgramData\TEMP:58E38390
AlternateDataStreams: C:\ProgramData\TEMP:59A6876B
AlternateDataStreams: C:\ProgramData\TEMP:5A2E8BBF
AlternateDataStreams: C:\ProgramData\TEMP:5A437AC3
AlternateDataStreams: C:\ProgramData\TEMP:5A8F8A0C
AlternateDataStreams: C:\ProgramData\TEMP:5B4686D7
AlternateDataStreams: C:\ProgramData\TEMP:5C0940F1
AlternateDataStreams: C:\ProgramData\TEMP:5CE65446
AlternateDataStreams: C:\ProgramData\TEMP:5DB36C47
AlternateDataStreams: C:\ProgramData\TEMP:5F85EE30
AlternateDataStreams: C:\ProgramData\TEMP:6294B369
AlternateDataStreams: C:\ProgramData\TEMP:6423D635
AlternateDataStreams: C:\ProgramData\TEMP:66AA0486
AlternateDataStreams: C:\ProgramData\TEMP:678C1866
AlternateDataStreams: C:\ProgramData\TEMP:6896CCCE
AlternateDataStreams: C:\ProgramData\TEMP:68A41423
AlternateDataStreams: C:\ProgramData\TEMP:6A0A47E7
AlternateDataStreams: C:\ProgramData\TEMP:6DDFD746
AlternateDataStreams: C:\ProgramData\TEMP:6E2D80C8
AlternateDataStreams: C:\ProgramData\TEMP:6E65510A
AlternateDataStreams: C:\ProgramData\TEMP:6EA64886
AlternateDataStreams: C:\ProgramData\TEMP:6EE8565A
AlternateDataStreams: C:\ProgramData\TEMP:6FD26134
AlternateDataStreams: C:\ProgramData\TEMP:706B1D1A
AlternateDataStreams: C:\ProgramData\TEMP:70E897B5
AlternateDataStreams: C:\ProgramData\TEMP:72A1B66A
AlternateDataStreams: C:\ProgramData\TEMP:75798D9A
AlternateDataStreams: C:\ProgramData\TEMP:762408BA
AlternateDataStreams: C:\ProgramData\TEMP:7A032A04
AlternateDataStreams: C:\ProgramData\TEMP:7BB20DE8
AlternateDataStreams: C:\ProgramData\TEMP:7BE5BAAB
AlternateDataStreams: C:\ProgramData\TEMP:7BFAAE70
AlternateDataStreams: C:\ProgramData\TEMP:7C8AA9A6
AlternateDataStreams: C:\ProgramData\TEMP:7CEDF9F3
AlternateDataStreams: C:\ProgramData\TEMP:7EABF26C
AlternateDataStreams: C:\ProgramData\TEMP:7EF55396
AlternateDataStreams: C:\ProgramData\TEMP:85376176
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:8AC20936
AlternateDataStreams: C:\ProgramData\TEMP:8AED9359
AlternateDataStreams: C:\ProgramData\TEMP:8C12CFCD
AlternateDataStreams: C:\ProgramData\TEMP:8CCDAB14
AlternateDataStreams: C:\ProgramData\TEMP:902C848D
AlternateDataStreams: C:\ProgramData\TEMP:908A1B53
AlternateDataStreams: C:\ProgramData\TEMP:922DA2DB
AlternateDataStreams: C:\ProgramData\TEMP:92DB4653
AlternateDataStreams: C:\ProgramData\TEMP:943971F5
AlternateDataStreams: C:\ProgramData\TEMP:952245B1
AlternateDataStreams: C:\ProgramData\TEMP:9547F1DB
AlternateDataStreams: C:\ProgramData\TEMP:97995ED4
AlternateDataStreams: C:\ProgramData\TEMP:9857FAE3
AlternateDataStreams: C:\ProgramData\TEMP:993185CB
AlternateDataStreams: C:\ProgramData\TEMP:99C301D0
AlternateDataStreams: C:\ProgramData\TEMP:9C3AAD57
AlternateDataStreams: C:\ProgramData\TEMP:9C8D5426
AlternateDataStreams: C:\ProgramData\TEMP:9CF728A6
AlternateDataStreams: C:\ProgramData\TEMP:9E3E060F
AlternateDataStreams: C:\ProgramData\TEMP:9F3CEEE6
AlternateDataStreams: C:\ProgramData\TEMP:9FCF32A8
AlternateDataStreams: C:\ProgramData\TEMP:A42FABF7
AlternateDataStreams: C:\ProgramData\TEMP:A561576B
AlternateDataStreams: C:\ProgramData\TEMP:A6F30843
AlternateDataStreams: C:\ProgramData\TEMP:A76A1B1B
AlternateDataStreams: C:\ProgramData\TEMP:A8606E6E
AlternateDataStreams: C:\ProgramData\TEMP:A9562832
AlternateDataStreams: C:\ProgramData\TEMP:A9ABA3FF
AlternateDataStreams: C:\ProgramData\TEMP:AE8FDB48
AlternateDataStreams: C:\ProgramData\TEMP:AE9351E0
AlternateDataStreams: C:\ProgramData\TEMP:AED4A2B7
AlternateDataStreams: C:\ProgramData\TEMP:AF54CFFD
AlternateDataStreams: C:\ProgramData\TEMP:B139DDF3
AlternateDataStreams: C:\ProgramData\TEMP:B285A50E
AlternateDataStreams: C:\ProgramData\TEMP:B6D84F71
AlternateDataStreams: C:\ProgramData\TEMP:B8791731
AlternateDataStreams: C:\ProgramData\TEMP:BACD3198
AlternateDataStreams: C:\ProgramData\TEMP:BCFEA004
AlternateDataStreams: C:\ProgramData\TEMP:BD8010FE
AlternateDataStreams: C:\ProgramData\TEMP:BE0654D6
AlternateDataStreams: C:\ProgramData\TEMP:BEACE4C8
AlternateDataStreams: C:\ProgramData\TEMP:BEF18713
AlternateDataStreams: C:\ProgramData\TEMP:BF6C4AAC
AlternateDataStreams: C:\ProgramData\TEMP:C0BCE04B
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C3AD9507
AlternateDataStreams: C:\ProgramData\TEMP:C3C72D5F
AlternateDataStreams: C:\ProgramData\TEMP:C4288847
AlternateDataStreams: C:\ProgramData\TEMP:C43C957E
AlternateDataStreams: C:\ProgramData\TEMP:C48905F4
AlternateDataStreams: C:\ProgramData\TEMP:C6920A5D
AlternateDataStreams: C:\ProgramData\TEMP:C7857F06
AlternateDataStreams: C:\ProgramData\TEMP:C9B27A06
AlternateDataStreams: C:\ProgramData\TEMP:CBAF0C30
AlternateDataStreams: C:\ProgramData\TEMP:CF1334B0
AlternateDataStreams: C:\ProgramData\TEMP:CFF6B3FF
AlternateDataStreams: C:\ProgramData\TEMP:D02FBAEC
AlternateDataStreams: C:\ProgramData\TEMP:D2397415
AlternateDataStreams: C:\ProgramData\TEMP:D36E068F
AlternateDataStreams: C:\ProgramData\TEMP:D3A82449
AlternateDataStreams: C:\ProgramData\TEMP:D4558A0B
AlternateDataStreams: C:\ProgramData\TEMP:D696AA12
AlternateDataStreams: C:\ProgramData\TEMP:D987CB43
AlternateDataStreams: C:\ProgramData\TEMP:D999FFD5
AlternateDataStreams: C:\ProgramData\TEMP:DB2748F7
AlternateDataStreams: C:\ProgramData\TEMP:DF5ABA3D
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E0A09032
AlternateDataStreams: C:\ProgramData\TEMP:E1D818F7
AlternateDataStreams: C:\ProgramData\TEMP:E21433CE
AlternateDataStreams: C:\ProgramData\TEMP:E222F217
AlternateDataStreams: C:\ProgramData\TEMP:E2CB42C9
AlternateDataStreams: C:\ProgramData\TEMP:E2DDFA62
AlternateDataStreams: C:\ProgramData\TEMP:E402E439
AlternateDataStreams: C:\ProgramData\TEMP:E40AB54F
AlternateDataStreams: C:\ProgramData\TEMP:E4EE99EF
AlternateDataStreams: C:\ProgramData\TEMP:E5496666
AlternateDataStreams: C:\ProgramData\TEMP:E5B07840
AlternateDataStreams: C:\ProgramData\TEMP:E5BA9ADD
AlternateDataStreams: C:\ProgramData\TEMP:E5F8E280
AlternateDataStreams: C:\ProgramData\TEMP:E6708F08
AlternateDataStreams: C:\ProgramData\TEMP:E6BEADB7
AlternateDataStreams: C:\ProgramData\TEMP:E6CDFB4A
AlternateDataStreams: C:\ProgramData\TEMP:E87AB4E3
AlternateDataStreams: C:\ProgramData\TEMP:E9900C74
AlternateDataStreams: C:\ProgramData\TEMP:EB68CA55
AlternateDataStreams: C:\ProgramData\TEMP:EC0279DC
AlternateDataStreams: C:\ProgramData\TEMP:EC7C9796
AlternateDataStreams: C:\ProgramData\TEMP:ECF3C50F
AlternateDataStreams: C:\ProgramData\TEMP:ED2D63E4
AlternateDataStreams: C:\ProgramData\TEMP:ED9B661E
AlternateDataStreams: C:\ProgramData\TEMP:EE198B1F
AlternateDataStreams: C:\ProgramData\TEMP:EFF3C3C8
AlternateDataStreams: C:\ProgramData\TEMP:F1F936DF
AlternateDataStreams: C:\ProgramData\TEMP:F26F5952
AlternateDataStreams: C:\ProgramData\TEMP:F2AF86D9
AlternateDataStreams: C:\ProgramData\TEMP:F3029A65
AlternateDataStreams: C:\ProgramData\TEMP:F3591DDB
AlternateDataStreams: C:\ProgramData\TEMP:F3A185AE
AlternateDataStreams: C:\ProgramData\TEMP:F53B274A
AlternateDataStreams: C:\ProgramData\TEMP:F5FC5DCE
AlternateDataStreams: C:\ProgramData\TEMP:F67AAFC5
AlternateDataStreams: C:\ProgramData\TEMP:F6A0889A
AlternateDataStreams: C:\ProgramData\TEMP:F760FD47
AlternateDataStreams: C:\ProgramData\TEMP:F9689B72
AlternateDataStreams: C:\ProgramData\TEMP:F9F58B80
AlternateDataStreams: C:\ProgramData\TEMP:FD11E093
AlternateDataStreams: C:\ProgramData\TEMP:FD786DCA
AlternateDataStreams: C:\ProgramData\TEMP:FECEF728

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/17/2013 06:57:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 02:40:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/17/2013 06:25:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2013 10:28:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2013 08:12:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/17/2013 06:57:19 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/17/2013 03:46:21 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/17/2013 02:40:36 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/17/2013 06:32:21 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/17/2013 06:25:04 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/16/2013 10:30:38 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/16/2013 10:28:35 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/16/2013 10:25:44 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/16/2013 09:10:59 PM) (Source: Print) (User: SimonePetry-PC)
Description: Das Dokument Microsoft Word - Aufträge 17.9.13.docx im Besitz von Simone Petry konnte nicht auf dem Drucker Canon MG6100 series Printer gedruckt werden. Versuchen Sie erneut, das Dokument zu drucken, oder starten Sie den Druckspooler erneut. 
Datentyp: NT EMF 1.008. Größe der Spooldatei in Bytes: 131072. Anzahl der gedruckten Bytes: 37128. Gesamtanzahl der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer: \\SIMONEPETRY-PC. Vom Druckprozessor zurückgegebener Win32-Fehlercode: Microsoft Word - Aufträge 17.9.13.docx0. Microsoft Word - Aufträge 17.9.13.docx1

Error: (09/16/2013 08:12:56 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (09/02/2013 07:13:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8985 seconds with 6780 seconds of active time.  This session ended with a crash.

Error: (03/26/2010 02:42:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 127 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (03/11/2010 00:11:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 892 seconds with 780 seconds of active time.  This session ended with a crash.

Error: (10/25/2008 03:40:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 189 seconds with 180 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3069.67 MB
Available physical RAM: 1713.84 MB
Total Pagefile: 6341.62 MB
Available Pagefile: 5171.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.7 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:117.54 GB) (Free:22.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:113.88 GB) (Free:101.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 22741035)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=114 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 18.09.2013, 14:13   #7
M-K-D-B
/// TB-Ausbilder
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Servus,









Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 2
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 21.09.2013, 15:29   #8
M-K-D-B
/// TB-Ausbilder
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 22.09.2013, 15:17   #9
smorvi
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Hallo Matthias,

ich will weitermachen, hatte aber die Woche nicht mehr viel Zeit und habe die Scans jetzt erst durchführen können.
Anbei also wieder die Logs.

Danke,
Simone

log.txt von ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3cd13afc8e00e14d8fe9e27342e2b099
# engine=15216
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-22 11:44:47
# local_time=2013-09-22 01:44:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 97 18460 150521592 11216 0
# compatibility_mode=5892 16776573 100 100 105402 217383015 0 0
# scanned=65183
# found=0
# cleaned=0
# scan_time=3012
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3cd13afc8e00e14d8fe9e27342e2b099
# engine=15216
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-22 11:53:02
# local_time=2013-09-22 01:53:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 97 18955 150522087 11711 0
# compatibility_mode=5892 16776573 100 100 105897 217383510 0 0
# scanned=1060
# found=0
# cleaned=0
# scan_time=137
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3cd13afc8e00e14d8fe9e27342e2b099
# engine=15216
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-22 01:33:18
# local_time=2013-09-22 03:33:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 97 24971 150528103 17727 0
# compatibility_mode=5892 16776573 100 100 111913 217389526 0 0
# scanned=233281
# found=0
# cleaned=0
# scan_time=5973
         
checkup.txt von securitycheck:
Code:
ATTFilter
Results of screen317's Security Check version 0.99.73  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
 CCleaner     
 Java 7 Update 25  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Google Chrome 29.0.1547.66  
 Google Chrome 29.0.1547.76  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSASCui.exe 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Windows Defender MSASCui.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Alt 23.09.2013, 13:10   #10
M-K-D-B
/// TB-Ausbilder
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Servus,



Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.




Ich sehe, dass du sog. Registry Cleaner auf dem System hast.
In deinem Fall CCleaner
TuneUp Utilities 2013
.

Wir empfehlen auf keinen Fall jegliche Art von Registry Cleaner.

Der Grund ist ganz einfach:

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.
  • Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
  • Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
  • Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.
Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Ich empfehle dir hiermit die oben genannte Software zu deinstallieren und in Zukunft auf solche Art von Software zu verzichten.
Am Ende empfehle ich dir ein anderes Tool, mit dem du deine temporären Dateien entfernen kannst.





Schritt 1
Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier:
    Java Download (32 bit)
    Java Download (64 bit)
  • Speichere die Datei auf deinem Desktop.
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die Datei. Diese wird die neueste Java Version ( Java 7 Update 40 ) installieren.
  • Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." während der Installation.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
schneller Plugin-Test: PluginCheck





Schritt 2
Deine Version von Adobe Flash Player ist veraltet.
Bitte folge diesen Schritte, um Adobe Flash zu aktualisieren:
  • Bitte besuche diese Seite von Adobe.
  • Wähle dein Betriebssystem und deinen Internetbrowser ("Internet Explorer" oder "other" für Firefox zum Beispiel)
  • Deaktiviere gegebenenfalls den Haken vor Google Chrome bzw. McAfee Security Scan.
  • Installiere die neuste Version auf deinem Computer.





Schritt 3
Deinstalliere bitte deine aktuelle Version von Adobe Reader
Start--> Systemsteuerung--> Software / Programme deinstallieren--> Adobe Reader
und lade dir die neue Version von Hier herunter-
Entferne den Hacken für den McAfee SecurityScan bzw. Google Chrome.





Schritt 4
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.







Schritt 5
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.


Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist!


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • WOT (Web of trust)
    Dieses AddOn warnt dich, bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.


Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC


Halte dich fern von Registry Cleanern.
Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
Miekemoes Blogspot ( MVP )


Was du vermeiden solltest:
  • Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
  • Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.



Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen?


Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 25.09.2013, 14:31   #11
smorvi
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Hallo Matthias,

vielen Dank für die nützlichen Tipps und Programme. Ich lerne gerne noch dazu.
Der PC ist aufgeräumt und abgesichert.
Fragen bestehen derzeit keine mehr.

Also danke, danke, danke und weiterhin gutes Arbeiten
Liebe Grüße
smorvi

Alt 25.09.2013, 15:49   #12
M-K-D-B
/// TB-Ausbilder
 
Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Standard

Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll



Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll
antivir, antivirus, appl/bprotector.gen, avg, avira, black, branding, computer, defender, device driver, einstellungen, farbar, farbar recovery scan tool, flash player, google, home, homepage, iexplore.exe, logfile, programm, registry, services.exe, software, svchost.exe, system, vikings, windows



Ähnliche Themen: Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll


  1. Viren (APPL/RedCap (Cloud), SPR/Agent.dkb, TR/Drop.Rotbrow.K.1, ADWARE/InstallCore.Gen7 und zweimal ADWARE/BHO.Bprotector.1.4).
    Plagegeister aller Art und deren Bekämpfung - 10.05.2015 (7)
  2. Avira meldet " 'APPL/RedCap (Cloud)' [APPL/RedCap]" und " 'TR/Dldr.Megone.231920' "
    Log-Analyse und Auswertung - 09.01.2015 (13)
  3. APPL/BrowseFox.gen
    Log-Analyse und Auswertung - 06.09.2014 (8)
  4. Windows Vista-PC: Avira free Antivirus findet APPL/Downloader.Gen
    Log-Analyse und Auswertung - 10.02.2014 (5)
  5. Tastatur funktioniert nicht mehr - APPL/Somoto.Gen2 & APPL/Downloader.Gen
    Plagegeister aller Art und deren Bekämpfung - 24.12.2013 (11)
  6. Win7 x64 | Bitguard-Trojaner? - BProtector.F , BProtector.E , BHO.Bprotector.1.4
    Log-Analyse und Auswertung - 15.12.2013 (11)
  7. APPL/BProtector.Gen
    Plagegeister aller Art und deren Bekämpfung - 20.10.2013 (2)
  8. APPL/Downloader.Gen
    Log-Analyse und Auswertung - 23.09.2013 (1)
  9. BrowserProtect
    Plagegeister aller Art und deren Bekämpfung - 21.09.2013 (3)
  10. Avira-Virenmeldung: Malware APPL/BProtector.Gen
    Log-Analyse und Auswertung - 18.09.2013 (11)
  11. Avira meldet Virus oder unerwünschtes Programm 'APPL/BProtector.A' [program]
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (9)
  12. System-Wiederherstellung nicht mehr möglich, programm browserprotect bit 89 neu und lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (31)
  13. SCHADSOFTWARE? BrowserProtect lässt sich nicht entfernen!
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (9)
  14. APPL/PrcView.E
    Plagegeister aller Art und deren Bekämpfung - 20.09.2011 (9)
  15. BrowserProtect Alert
    Antiviren-, Firewall- und andere Schutzprogramme - 17.02.2011 (2)
  16. APPL/AdInstaller.G
    Plagegeister aller Art und deren Bekämpfung - 14.05.2010 (24)
  17. APPL/HideWindows.31232
    Log-Analyse und Auswertung - 28.04.2010 (7)

Zum Thema Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll - Hallo, mein Virenscanner hat gestern auf das Programm APPL/BProtector.Gen angeschlagen. Nach Recherche bin ich auf euer Forum gestoßen. Einen Scan mit FRST habe ich gerade eben schon durchgeführt. Anbei die - Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll...
Archiv
Du betrachtest: Vista: APPL/BProtector.Gen in C:\ProgramDat\BrowserProtect\...\BrowserProtect.dll auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.